Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dc5d2309-ce0f-4816-b8d0-260ce079f694.roa
File: dc5d2309-ce0f-4816-b8d0-260ce079f694.roa (raw, json)
Hash identifier: 3ml6LuLjUwPvzbJwfJPI4RP5gE2SRoDTzCdhDCW0ojU=
Subject key identifier: 3F:3D:82:2C:D0:03:DA:1B:50:16:0E:18:C5:81:EA:D3:A1:8B:2A:27
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1E71DBC7E810BE7CE76A14A6876CAD5B2FAA2026
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dc5d2309-ce0f-4816-b8d0-260ce079f694.roa
Signing time: Tue 19 May 2026 05:40:08 +0000
ROA not before: Tue 19 May 2026 05:40:08 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 212.255.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:71:db:c7:e8:10:be:7c:e7:6a:14:a6:87:6c:ad:5b:2f:aa:20:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 05:40:08 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=1254aa87654b58b37a41a1e850a3c0bc580d4bb1892ed7a7436c5402892043bd, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:6a:ee:da:8a:c3:b6:27:f1:4b:f3:8d:00:24:
1a:9b:25:c6:3a:c3:fb:e4:73:b7:39:e2:12:14:26:
bb:b1:04:6f:cf:2f:80:47:0e:70:5a:15:ec:d6:4f:
5e:04:ff:31:4d:43:08:2b:a0:84:ac:43:ef:c5:92:
83:76:64:a9:92:fc:7e:8c:57:65:4c:73:12:be:05:
f2:52:1f:d4:96:83:a2:27:bb:39:e5:96:55:4a:c4:
7a:55:a9:a6:94:92:4f:11:11:3d:f3:21:c0:f2:d3:
97:5b:64:87:e0:35:10:c9:2e:42:3c:46:10:dc:85:
9d:9b:a8:27:24:be:37:fe:2d:28:12:17:ee:f4:d1:
42:b5:18:b6:d3:0d:5c:72:1b:f3:70:be:59:c4:a3:
84:13:05:66:92:18:6e:2b:6f:85:ae:7a:48:b4:06:
df:02:65:02:11:91:63:1c:db:77:90:56:e7:fa:c5:
10:47:e9:0b:89:ea:b7:52:2f:84:4c:d0:0c:e8:48:
eb:9c:96:9c:30:85:34:cd:d5:51:39:19:2d:16:16:
21:0a:0f:d1:b8:26:73:15:c6:3a:8a:f2:c2:09:9e:
8e:47:99:ff:82:f3:42:db:3f:57:9d:99:22:10:7c:
97:d2:11:87:10:7a:f0:90:17:ad:81:42:d5:03:87:
a3:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:3D:82:2C:D0:03:DA:1B:50:16:0E:18:C5:81:EA:D3:A1:8B:2A:27
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dc5d2309-ce0f-4816-b8d0-260ce079f694.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.255.0.0/16
Signature Algorithm: sha256WithRSAEncryption
50:8d:20:a8:67:2f:35:f7:5f:67:09:8f:4b:fc:f5:3b:df:fa:
18:60:88:ef:e8:ea:b5:87:50:7b:b3:9e:56:c2:87:48:17:f5:
03:43:ec:ed:a1:38:bf:da:8c:fa:9a:11:50:82:99:4d:03:31:
e2:54:c5:b7:48:90:12:d3:5c:e3:a2:6e:f2:8c:a8:d5:45:41:
f8:c5:39:1f:94:46:7c:8e:7d:45:e0:e5:21:d5:d0:2f:78:fb:
89:14:6c:3b:28:f5:0c:35:65:5e:e5:3f:17:10:02:b4:01:19:
c9:a8:c5:7b:fb:53:3e:53:b2:6a:9e:6b:41:f3:bf:79:2d:2e:
e8:89:c6:05:7d:71:73:cb:7f:b9:08:1c:ba:86:74:ee:d2:7d:
8c:b5:5d:4b:f8:d9:fc:61:0e:76:71:9c:c5:b4:e3:e4:1b:9f:
79:d9:34:cc:cd:e1:5a:57:f5:8d:00:ce:11:2d:3c:5f:f9:50:
3e:d4:34:34:fe:1b:7b:56:e4:85:b7:30:fa:aa:04:9a:82:9e:
da:84:46:ad:0f:72:35:58:f2:ae:85:42:71:c7:3f:75:00:e2:
8f:0c:4b:57:bf:60:15:11:d3:8a:2c:a6:42:a6:a2:a8:b3:8f:
40:f7:7d:b6:a6:f2:c0:b1:9f:94:b5:2c:95:7d:b2:42:ca:59:
20:d6:c2:3e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUHnHbx+gQvnznahSmh2ytWy+qICYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNTQwMDhaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDEyNTRhYTg3NjU0YjU4YjM3YTQxYTFlODUwYTNjMGJjNTgwZDRiYjE4OTJl
ZDdhNzQzNmM1NDAyODkyMDQzYmQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKJq7tqKw7Yn8UvzjQAkGpslxjrD++RztzniEhQmu7EEb88vgEcOcFoV7NZP
XgT/MU1DCCughKxD78WSg3ZkqZL8foxXZUxzEr4F8lIf1JaDoie7OeWWVUrEelWp
ppSSTxERPfMhwPLTl1tkh+A1EMkuQjxGENyFnZuoJyS+N/4tKBIX7vTRQrUYttMN
XHIb83C+WcSjhBMFZpIYbitvha56SLQG3wJlAhGRYxzbd5BW5/rFEEfpC4nqt1Iv
hEzQDOhI65yWnDCFNM3VUTkZLRYWIQoP0bgmcxXGOorywgmejkeZ/4LzQts/V52Z
IhB8l9IRhxB68JAXrYFC1QOHo1MCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ/PYIs
0APaG1AWDhjFgerToYsqJzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZGM1ZDIzMDktY2UwZi00ODE2LWI4ZDAtMjYwY2UwNzlmNjk0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDANT/MA0G
CSqGSIb3DQEBCwUAA4IBAQBQjSCoZy81919nCY9L/PU73/oYYIjv6Oq1h1B7s55W
wodIF/UDQ+ztoTi/2oz6mhFQgplNAzHiVMW3SJAS01zjom7yjKjVRUH4xTkflEZ8
jn1F4OUh1dAvePuJFGw7KPUMNWVe5T8XEAK0ARnJqMV7+1M+U7JqnmtB8795LS7o
icYFfXFzy3+5CBy6hnTu0n2MtV1L+Nn8YQ52cZzFtOPkG5952TTMzeFaV/WNAM4R
LTxf+VA+1DQ0/ht7VuSFtzD6qgSagp7ahEatD3I1WPKuhUJxxz91AOKPDEtXv2AV
EdOKLKZCpqKos49A9322pvLAsZ+UtSyVfbJCylkg1sI+
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:12:14 2026 by rpki-client