Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e1d9282c-1734-4426-ab04-111f2637372c.roa
File: e1d9282c-1734-4426-ab04-111f2637372c.roa (raw, json)
Hash identifier: Tqcyk/s7SyODw2sKym5FxMIbVTzf4WUOYcfakTkz1Dw=
Subject key identifier: B0:55:EC:AB:71:1C:75:07:75:70:A3:87:12:0B:AB:FE:7E:C1:28:36
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 311E7D665FB1F24F48C49EE01BA6FFFD27AAB3D4
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e1d9282c-1734-4426-ab04-111f2637372c.roa
Signing time: Wed 20 May 2026 00:50:06 +0000
ROA not before: Wed 20 May 2026 00:50:06 +0000
ROA not after: Tue 18 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 212.173.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:1e:7d:66:5f:b1:f2:4f:48:c4:9e:e0:1b:a6:ff:fd:27:aa:b3:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 00:50:06 2026 GMT
Not After : Aug 18 23:59:59 2026 GMT
Subject: serialNumber=5bf04a8912c3c5d3a8e63d430b9a8a4b15e86b4c1ddd4b8e3d4f1c21361bc6d4, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:33:11:1e:cc:90:12:7d:46:54:c1:6e:9c:42:
4c:5e:e2:94:a6:b2:0e:40:3c:87:aa:0d:73:60:2a:
5b:91:30:d3:65:e4:ed:ed:de:51:2e:0d:fc:79:9f:
73:80:4a:be:01:f6:b5:08:14:11:6d:c4:d4:1b:be:
f6:cd:09:3f:fe:b0:9a:01:7d:f0:ee:78:b5:7e:02:
87:83:17:6a:0e:a2:78:68:b9:36:32:d1:34:15:24:
04:1c:cf:0a:1e:ab:74:b3:9a:80:ba:08:d8:4c:23:
02:a7:5e:25:fd:32:b5:9a:a6:85:68:83:58:1f:a2:
bb:a7:bc:46:c1:63:ca:b9:6d:32:ee:40:2a:57:b6:
67:d1:e5:b6:64:08:f7:ee:ed:2f:63:46:33:a8:40:
16:f8:a5:5f:3b:de:27:68:43:fc:bd:64:16:6e:fe:
2f:74:0b:87:5d:f1:9e:32:6e:53:de:ed:ab:b0:b9:
ee:28:f6:45:42:4d:22:a4:26:e3:c9:33:18:9b:c6:
40:86:eb:e2:da:e7:fd:14:d0:8a:b8:21:cd:05:cd:
9b:01:6e:1d:21:d2:11:92:23:bb:11:5d:b2:56:b9:
5a:f0:77:bb:4a:62:7c:57:74:b9:57:94:bb:4e:d6:
46:a7:53:f6:ec:f3:aa:ee:5b:14:2c:dd:2e:f7:cd:
2b:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:55:EC:AB:71:1C:75:07:75:70:A3:87:12:0B:AB:FE:7E:C1:28:36
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e1d9282c-1734-4426-ab04-111f2637372c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.173.128.0/17
Signature Algorithm: sha256WithRSAEncryption
a7:9d:99:f2:5d:ff:53:99:0d:22:64:58:b2:51:90:22:64:b6:
16:41:fb:4b:a4:c1:68:f8:62:d5:02:c3:4c:44:5b:f1:34:32:
2d:1c:64:93:e1:68:36:22:1d:8f:3f:9a:9e:47:03:31:c2:41:
b0:1d:c1:07:9f:d2:e8:2b:9e:2f:5a:fd:01:9c:74:15:b5:01:
67:b8:33:4d:5e:e8:44:21:f9:cc:3f:64:eb:b1:67:4a:b5:1d:
ae:7d:ec:1f:bc:8a:32:25:f7:df:13:c7:cc:10:bf:72:61:ba:
94:e0:c1:1d:09:6b:0c:a5:a4:e6:7b:5c:c6:3a:ca:51:60:f4:
bc:a2:df:52:21:11:32:01:e7:84:30:42:a8:d2:a7:2c:6f:d9:
93:36:7c:5e:0e:78:6d:08:5a:6a:19:aa:b4:1f:8b:18:82:4d:
31:ea:a2:4f:fe:ef:cf:34:c3:f3:00:99:f2:56:6d:5e:24:d3:
ab:9f:c2:10:a1:67:3e:61:45:ca:b7:bd:b4:26:af:fc:b0:50:
b0:e4:fa:82:95:0a:b8:ee:fc:d6:34:a9:df:5a:2e:3b:8c:7e:
dc:50:fc:bc:31:12:b3:6f:cb:26:82:e9:bc:c4:0a:d3:8c:a7:
2f:9e:20:35:b3:26:9e:7a:1e:64:42:a4:4b:96:75:cb:d5:e4:
e5:de:61:17
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUMR59Zl+x8k9IxJ7gG6b//Seqs9QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MjAwMDUwMDZaFw0yNjA4MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDViZjA0YTg5MTJjM2M1ZDNhOGU2M2Q0MzBiOWE4YTRiMTVlODZiNGMxZGRk
NGI4ZTNkNGYxYzIxMzYxYmM2ZDQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJQzER7MkBJ9RlTBbpxCTF7ilKayDkA8h6oNc2AqW5Ew02Xk7e3eUS4N/Hmf
c4BKvgH2tQgUEW3E1Bu+9s0JP/6wmgF98O54tX4Ch4MXag6ieGi5NjLRNBUkBBzP
Ch6rdLOagLoI2EwjAqdeJf0ytZqmhWiDWB+iu6e8RsFjyrltMu5AKle2Z9HltmQI
9+7tL2NGM6hAFvilXzveJ2hD/L1kFm7+L3QLh13xnjJuU97tq7C57ij2RUJNIqQm
48kzGJvGQIbr4trn/RTQirghzQXNmwFuHSHSEZIjuxFdsla5WvB3u0pifFd0uVeU
u07WRqdT9uzzqu5bFCzdLvfNK1ECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSwVeyr
cRx1B3Vwo4cSC6v+fsEoNjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTFkOTI4MmMtMTczNC00NDI2LWFiMDQtMTExZjI2MzczNzJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9StgDAN
BgkqhkiG9w0BAQsFAAOCAQEAp52Z8l3/U5kNImRYslGQImS2FkH7S6TBaPhi1QLD
TERb8TQyLRxkk+FoNiIdjz+ankcDMcJBsB3BB5/S6CueL1r9AZx0FbUBZ7gzTV7o
RCH5zD9k67FnSrUdrn3sH7yKMiX33xPHzBC/cmG6lODBHQlrDKWk5ntcxjrKUWD0
vKLfUiERMgHnhDBCqNKnLG/ZkzZ8Xg54bQhaahmqtB+LGIJNMeqiT/7vzzTD8wCZ
8lZtXiTTq5/CEKFnPmFFyre9tCav/LBQsOT6gpUKuO781jSp31ouO4x+3FD8vDES
s2/LJoLpvMQK04ynL54gNbMmnnoeZEKkS5Z1y9Xk5d5hFw==
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:02:04 2026 by rpki-client