Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dbc88f4b-781b-45e4-8402-e6b216deacc3.roa
File: dbc88f4b-781b-45e4-8402-e6b216deacc3.roa (raw, json)
Hash identifier: uB2irq51ojWrFLO7HWH+21xEYI/T0MX2VvF14p7xMnI=
Subject key identifier: 59:EC:C0:1A:6D:DF:3E:0C:FE:4A:59:1B:34:20:01:DC:7C:C7:23:D9
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 13BDE2A9B60904176B7B6F5EFCD11BC29386357B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dbc88f4b-781b-45e4-8402-e6b216deacc3.roa
Signing time: Sat 28 Feb 2026 06:40:22 +0000
ROA not before: Sat 28 Feb 2026 06:40:22 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 151.176.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:bd:e2:a9:b6:09:04:17:6b:7b:6f:5e:fc:d1:1b:c2:93:86:35:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 28 06:40:22 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=15843d6f2a6926d9a3bec4edf179bd6522b7485ffa80e49ee9ff9242bfcc418a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:40:eb:83:24:25:12:9f:de:63:fa:ba:22:dd:
36:58:3e:cf:1f:08:8c:6d:99:67:58:70:ba:ad:1d:
e4:63:e9:8f:f9:9c:58:b5:a0:5b:0c:4e:52:81:93:
f3:59:32:92:d6:97:fa:1c:75:24:2c:7d:4c:f0:02:
c6:9c:04:35:fb:cb:20:5f:30:e7:72:1e:a2:f6:77:
0e:6e:53:2e:5d:21:45:cd:91:77:39:da:94:44:b4:
5d:8a:a4:9a:52:44:1f:d5:59:5d:f1:a9:e5:ee:ff:
50:1b:87:40:a5:70:4e:de:d0:ce:f6:3d:fe:2a:71:
f4:81:80:b2:e4:88:a1:8d:bb:46:27:ba:59:53:3d:
fa:bb:f4:5f:d3:02:76:61:e3:82:68:3f:f8:da:3f:
05:5c:c6:0b:83:c8:59:15:1a:12:a5:f8:1f:cb:f7:
c8:ec:16:40:e7:30:c3:85:53:64:6e:88:c0:62:62:
41:70:f3:0d:46:6c:53:6a:9d:37:5a:5f:9c:d3:c2:
66:ef:c2:96:cb:f8:98:5d:bb:e1:5e:8e:da:d4:e4:
21:dd:e1:5c:86:2f:a2:4a:74:f4:02:24:ea:67:18:
c3:ff:2a:33:0d:d5:8d:07:a0:66:3d:f1:d6:d1:39:
49:a1:4f:77:08:61:d3:21:88:3b:34:63:56:00:b9:
66:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:EC:C0:1A:6D:DF:3E:0C:FE:4A:59:1B:34:20:01:DC:7C:C7:23:D9
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dbc88f4b-781b-45e4-8402-e6b216deacc3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.176.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9d:e0:f9:c5:9d:15:ff:1a:96:ac:93:24:04:ba:2e:46:f1:9e:
75:8f:f9:c1:63:63:23:ca:bc:55:f5:e6:1b:6c:f2:a3:4c:af:
40:50:e6:bb:77:80:a1:e9:bc:90:81:11:3a:38:44:13:52:a2:
bb:d9:e8:a8:91:25:78:aa:72:97:19:6e:57:27:a5:32:12:8e:
43:e0:66:98:92:72:6e:d0:12:d4:43:f0:9d:f0:71:d4:75:e3:
4c:e8:33:86:dc:3a:8d:3a:29:cb:71:54:aa:50:de:60:43:0c:
c8:7a:be:86:87:f1:d9:7b:b3:9b:32:d3:d7:e6:df:58:2e:e2:
ff:f5:ce:d4:6e:5c:20:2b:4b:3e:e2:ce:f2:bc:cc:65:24:94:
d4:c0:9e:d3:83:c6:1e:ff:e0:3b:7b:a2:75:0b:c0:27:d3:da:
9a:8e:2d:c3:95:35:1f:c4:16:e8:de:f3:53:d7:f2:9d:df:7a:
80:b3:47:0b:a0:18:e0:71:11:42:ad:c0:64:8e:7f:ed:90:de:
88:b6:26:d3:70:7b:7d:f1:f2:a4:24:1f:e8:ba:78:e4:a0:bd:
49:82:9f:79:74:52:80:85:d7:7a:7a:df:4f:33:40:94:1b:e3:
7c:33:d1:ef:06:15:65:ee:01:aa:3c:9e:61:1c:80:0b:90:d1:
fa:80:9c:38
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUE73iqbYJBBdre29e/NEbwpOGNXswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMjgwNjQwMjJaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDE1ODQzZDZmMmE2OTI2ZDlhM2JlYzRlZGYxNzliZDY1MjJiNzQ4NWZmYTgw
ZTQ5ZWU5ZmY5MjQyYmZjYzQxOGExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKtA64MkJRKf3mP6uiLdNlg+zx8IjG2ZZ1hwuq0d5GPpj/mcWLWgWwxOUoGT
81kyktaX+hx1JCx9TPACxpwENfvLIF8w53IeovZ3Dm5TLl0hRc2RdznalES0XYqk
mlJEH9VZXfGp5e7/UBuHQKVwTt7QzvY9/ipx9IGAsuSIoY27Rie6WVM9+rv0X9MC
dmHjgmg/+No/BVzGC4PIWRUaEqX4H8v3yOwWQOcww4VTZG6IwGJiQXDzDUZsU2qd
N1pfnNPCZu/Clsv4mF274V6O2tTkId3hXIYvokp09AIk6mcYw/8qMw3VjQegZj3x
1tE5SaFPdwhh0yGIOzRjVgC5ZscCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRZ7MAa
bd8+DP5KWRs0IAHcfMcj2TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZGJjODhmNGItNzgxYi00NWU0LTg0MDItZTZiMjE2ZGVhY2MzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJewMA0G
CSqGSIb3DQEBCwUAA4IBAQCd4PnFnRX/GpaskyQEui5G8Z51j/nBY2MjyrxV9eYb
bPKjTK9AUOa7d4Ch6byQgRE6OEQTUqK72eiokSV4qnKXGW5XJ6UyEo5D4GaYknJu
0BLUQ/Cd8HHUdeNM6DOG3DqNOinLcVSqUN5gQwzIer6Gh/HZe7ObMtPX5t9YLuL/
9c7UblwgK0s+4s7yvMxlJJTUwJ7Tg8Ye/+A7e6J1C8An09qaji3DlTUfxBbo3vNT
1/Kd33qAs0cLoBjgcRFCrcBkjn/tkN6ItibTcHt98fKkJB/ounjkoL1Jgp95dFKA
hdd6et9PM0CUG+N8M9HvBhVl7gGqPJ5hHIALkNH6gJw4
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:44:29 2026 by rpki-client