Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d371c773-1aa2-4d5b-9804-ea5d64fadc0a.roa
File: d371c773-1aa2-4d5b-9804-ea5d64fadc0a.roa (raw, json)
Hash identifier: E+TK3gZlnmVUOnRHFEqIsfGwqqHWIVWecGGED3UqCSs=
Subject key identifier: 55:7F:77:B4:E3:8D:A3:91:3F:17:82:D6:DF:1F:53:F2:E0:54:E8:EE
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 66558BA4E4FA0FFDAA5ABCA5E985B136239B2CC3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d371c773-1aa2-4d5b-9804-ea5d64fadc0a.roa
Signing time: Sat 28 Feb 2026 06:40:51 +0000
ROA not before: Sat 28 Feb 2026 06:40:51 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 143.65.224.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:55:8b:a4:e4:fa:0f:fd:aa:5a:bc:a5:e9:85:b1:36:23:9b:2c:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 28 06:40:51 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=ccb16647c40c47394b3a8bacfaa406aacb5a6d9ee5d1f333d34db3e425b29e64, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:de:20:a9:26:40:52:2c:d1:5c:22:07:4c:67:
e5:96:21:19:bc:a5:22:6b:af:82:73:26:15:4a:59:
b5:9c:2f:da:14:1d:83:00:f4:9e:1d:41:b2:20:71:
97:a0:fa:74:4f:d9:31:6e:2e:6b:cb:53:42:c9:41:
50:84:a7:f6:1e:56:56:2d:8a:37:3b:7d:43:ec:f2:
8d:15:19:23:fb:5b:7b:f5:49:95:cb:ff:82:b0:24:
a6:8c:16:a2:66:04:7b:a5:8a:b4:aa:07:f3:4a:2c:
45:f9:a5:17:bc:57:ff:26:62:51:c4:c9:e0:88:97:
7b:dd:0a:c5:3b:87:7f:59:da:08:2b:52:d9:db:8f:
17:7c:a3:2c:cf:67:5b:76:cd:5f:b9:88:b4:d9:5d:
37:5d:3f:54:22:5f:d2:69:44:c6:89:26:e0:82:3f:
4c:3b:b6:f2:f6:65:30:25:b5:30:2f:f0:ea:1e:76:
82:e7:42:6a:03:55:27:4c:dc:51:d1:26:f2:c0:fc:
d5:49:b2:63:d3:b6:fe:6c:57:ae:00:1b:fa:39:fb:
9e:e9:e6:5f:1d:9e:47:af:a3:2f:99:94:95:09:78:
cb:e7:e3:29:e9:14:c1:75:cc:05:18:05:05:42:f1:
81:3b:86:8e:7b:19:f7:6a:44:52:af:02:09:72:84:
50:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:7F:77:B4:E3:8D:A3:91:3F:17:82:D6:DF:1F:53:F2:E0:54:E8:EE
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d371c773-1aa2-4d5b-9804-ea5d64fadc0a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.65.224.0/19
Signature Algorithm: sha256WithRSAEncryption
cd:2b:a0:07:c6:b1:47:53:cb:bd:9d:70:3f:c9:3d:a0:b5:9c:
2e:c5:3a:e0:68:42:16:71:81:04:4e:94:24:2d:07:e7:e9:b9:
42:02:a6:71:c2:ff:14:98:90:9c:da:f2:53:db:ce:87:07:07:
4e:fe:cb:cc:84:ce:3a:f7:31:16:d8:9a:0e:1e:c1:c8:a9:6a:
70:07:42:f4:ae:52:59:59:a5:2a:99:96:b2:86:c2:e6:6d:b2:
16:1e:0e:59:b3:7a:8d:f0:0d:19:93:5f:b9:92:80:e2:9d:66:
01:2d:60:62:c1:30:de:8f:dc:bd:99:0b:35:41:ae:ea:6a:96:
c1:7f:ce:a3:a4:da:13:96:bd:1d:8d:6d:f3:1c:4b:36:be:13:
6e:54:59:f2:d6:0f:8b:86:cb:fe:b4:2b:00:18:a3:3b:e4:69:
c2:59:1d:3c:5c:0e:99:22:6a:aa:fd:19:48:a7:94:4f:27:9c:
9e:58:a3:42:1d:7d:20:b6:e9:2b:dc:e2:55:fa:4e:ef:e9:63:
7d:5a:9a:dd:bf:43:74:17:77:55:ed:8b:46:38:3a:ea:c3:68:
4a:fb:c5:7c:7a:02:f5:10:77:c9:71:ca:e8:26:b6:9d:55:a8:
1d:4d:79:6b:c9:3d:32:25:37:e3:49:07:b5:90:eb:14:83:e8:
5d:98:fc:b5
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUZlWLpOT6D/2qWryl6YWxNiObLMMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMjgwNjQwNTFaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGNjYjE2NjQ3YzQwYzQ3Mzk0YjNhOGJhY2ZhYTQwNmFhY2I1YTZkOWVlNWQx
ZjMzM2QzNGRiM2U0MjViMjllNjQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALDeIKkmQFIs0VwiB0xn5ZYhGbylImuvgnMmFUpZtZwv2hQdgwD0nh1BsiBx
l6D6dE/ZMW4ua8tTQslBUISn9h5WVi2KNzt9Q+zyjRUZI/tbe/VJlcv/grAkpowW
omYEe6WKtKoH80osRfmlF7xX/yZiUcTJ4IiXe90KxTuHf1naCCtS2duPF3yjLM9n
W3bNX7mItNldN10/VCJf0mlExokm4II/TDu28vZlMCW1MC/w6h52gudCagNVJ0zc
UdEm8sD81UmyY9O2/mxXrgAb+jn7nunmXx2eR6+jL5mUlQl4y+fjKekUwXXMBRgF
BULxgTuGjnsZ92pEUq8CCXKEUIUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRVf3e0
442jkT8XgtbfH1Py4FTo7jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDM3MWM3NzMtMWFhMi00ZDViLTk4MDQtZWE1ZDY0ZmFkYzBhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBY9B4DAN
BgkqhkiG9w0BAQsFAAOCAQEAzSugB8axR1PLvZ1wP8k9oLWcLsU64GhCFnGBBE6U
JC0H5+m5QgKmccL/FJiQnNryU9vOhwcHTv7LzITOOvcxFtiaDh7ByKlqcAdC9K5S
WVmlKpmWsobC5m2yFh4OWbN6jfANGZNfuZKA4p1mAS1gYsEw3o/cvZkLNUGu6mqW
wX/Oo6TaE5a9HY1t8xxLNr4TblRZ8tYPi4bL/rQrABijO+RpwlkdPFwOmSJqqv0Z
SKeUTyecnlijQh19ILbpK9ziVfpO7+ljfVqa3b9DdBd3Ve2LRjg66sNoSvvFfHoC
9RB3yXHK6Ca2nVWoHU15a8k9MiU340kHtZDrFIPoXZj8tQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:37:56 2026 by rpki-client