Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dbc88f4b-781b-45e4-8402-e6b216deacc3.roa
File: dbc88f4b-781b-45e4-8402-e6b216deacc3.roa (raw, json)
Hash identifier: lVz1ZsLD0UsfTZlLM0m5aCXtcnjbhTfotzgw2+cz/nA=
Subject key identifier: F7:7F:94:8D:6D:78:83:0F:D2:F7:ED:E3:E9:9D:D2:B6:E0:14:F4:FD
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2F046D7FC4927F98E9E42D4A0E0FB8FEF6CD4E75
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dbc88f4b-781b-45e4-8402-e6b216deacc3.roa
Signing time: Tue 19 May 2026 05:50:22 +0000
ROA not before: Tue 19 May 2026 05:50:22 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 151.176.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:04:6d:7f:c4:92:7f:98:e9:e4:2d:4a:0e:0f:b8:fe:f6:cd:4e:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 05:50:22 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=16fa6ebd3b654a83cb1b7eb5d5ba305b80de05c0c2bf7a17031126514f3e3376, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:10:e0:98:ec:88:cf:9a:65:af:0d:e0:c8:3f:
9e:dc:5f:91:15:47:dd:95:6f:5b:82:48:c1:a8:ac:
dc:78:ea:86:8b:b0:0c:6a:e0:7d:01:aa:43:df:75:
14:1b:46:96:0b:8f:e6:57:db:da:64:61:5d:26:fc:
c0:4d:bd:74:c0:0f:13:8c:5a:35:16:5b:18:f8:37:
de:86:b3:c9:09:0c:47:e0:14:48:f2:da:79:1a:4c:
3c:ef:e0:e4:b3:53:dd:85:0d:81:5f:f5:15:87:c6:
77:2b:49:8d:2d:f6:86:c5:e2:ac:d1:3c:3a:02:08:
6c:0f:4b:47:51:76:34:e4:04:f5:a6:90:75:75:c8:
a1:bb:f5:09:aa:8f:a9:0f:8a:21:7b:8d:13:14:19:
35:8b:9b:f3:ac:dc:d0:bb:34:28:7f:87:bf:12:25:
c7:20:49:82:93:43:97:e6:ec:6c:5a:0a:62:d5:64:
9a:e1:df:46:9c:ae:d5:78:54:b4:c2:ec:87:98:99:
0c:9f:4c:19:32:01:90:57:65:aa:a3:89:57:49:cf:
77:d1:9c:f8:04:26:9a:62:77:ee:4a:26:ea:70:94:
3e:59:c7:dd:83:dc:d7:09:a7:32:f3:b4:c2:6e:aa:
7b:cc:9a:fe:03:c7:20:ce:7d:9e:c7:23:1d:27:4d:
92:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:7F:94:8D:6D:78:83:0F:D2:F7:ED:E3:E9:9D:D2:B6:E0:14:F4:FD
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dbc88f4b-781b-45e4-8402-e6b216deacc3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.176.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3b:90:93:0e:23:5a:61:73:2a:5b:b7:3a:09:28:a1:ef:ba:1d:
a2:f9:22:5c:62:30:f8:e6:96:4a:e5:09:02:21:e9:76:ae:d8:
15:37:1f:14:ec:fc:c6:d7:c5:b3:d6:a3:24:9b:41:d6:56:a6:
8a:e6:54:2e:9c:a2:2b:8d:5c:56:2d:7b:c6:0d:73:c4:15:1f:
7f:80:87:17:fb:dc:fd:28:ec:bc:50:c8:96:9b:b1:f8:a0:b0:
67:a4:31:8d:82:99:0a:28:cb:7a:c4:63:5a:aa:1a:a2:e3:f9:
03:c5:23:f0:72:8c:f3:c5:c0:fb:4d:d6:8b:e0:dc:79:30:da:
c1:79:a1:49:f3:16:21:18:1b:a5:c2:dd:25:19:f0:df:96:8f:
23:27:3e:97:65:86:6f:03:ae:48:2a:10:0f:b0:44:0c:77:3f:
ef:d5:b8:6a:74:71:77:d2:33:e0:f6:c3:33:23:db:9e:07:e9:
af:71:60:f6:79:d2:31:ba:a7:af:9a:fd:d9:33:f9:2e:b2:08:
95:9a:72:e1:a3:26:f7:e5:75:87:e9:46:ae:c1:67:7b:7c:61:
37:2c:c9:93:89:6f:a3:99:3b:71:33:d7:1e:58:a2:04:11:a5:
c9:b0:86:4a:1f:96:e9:80:60:ac:6b:b3:2e:f2:69:0a:33:d2:
46:fe:21:65
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIULwRtf8SSf5jp5C1KDg+4/vbNTnUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNTUwMjJaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDE2ZmE2ZWJkM2I2NTRhODNjYjFiN2ViNWQ1YmEzMDViODBkZTA1YzBjMmJm
N2ExNzAzMTEyNjUxNGYzZTMzNzYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMkQ4JjsiM+aZa8N4Mg/ntxfkRVH3ZVvW4JIwais3HjqhouwDGrgfQGqQ991
FBtGlguP5lfb2mRhXSb8wE29dMAPE4xaNRZbGPg33oazyQkMR+AUSPLaeRpMPO/g
5LNT3YUNgV/1FYfGdytJjS32hsXirNE8OgIIbA9LR1F2NOQE9aaQdXXIobv1CaqP
qQ+KIXuNExQZNYub86zc0Ls0KH+HvxIlxyBJgpNDl+bsbFoKYtVkmuHfRpyu1XhU
tMLsh5iZDJ9MGTIBkFdlqqOJV0nPd9Gc+AQmmmJ37kom6nCUPlnH3YPc1wmnMvO0
wm6qe8ya/gPHIM59nscjHSdNkrkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT3f5SN
bXiDD9L37ePpndK24BT0/TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZGJjODhmNGItNzgxYi00NWU0LTg0MDItZTZiMjE2ZGVhY2MzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJewMA0G
CSqGSIb3DQEBCwUAA4IBAQA7kJMOI1phcypbtzoJKKHvuh2i+SJcYjD45pZK5QkC
Iel2rtgVNx8U7PzG18Wz1qMkm0HWVqaK5lQunKIrjVxWLXvGDXPEFR9/gIcX+9z9
KOy8UMiWm7H4oLBnpDGNgpkKKMt6xGNaqhqi4/kDxSPwcozzxcD7TdaL4Nx5MNrB
eaFJ8xYhGBulwt0lGfDflo8jJz6XZYZvA65IKhAPsEQMdz/v1bhqdHF30jPg9sMz
I9ueB+mvcWD2edIxuqevmv3ZM/kusgiVmnLhoyb35XWH6UauwWd7fGE3LMmTiW+j
mTtxM9ceWKIEEaXJsIZKH5bpgGCsa7Mu8mkKM9JG/iFl
-----END CERTIFICATE-----
Generated at Sat Jun 13 07:59:34 2026 by rpki-client