Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e1d9282c-1734-4426-ab04-111f2637372c.roa
File: e1d9282c-1734-4426-ab04-111f2637372c.roa (raw, json)
Hash identifier: 6AAEydZyHX1vxLeYZ4hHBL2bpQZVk59Q0bFDb88FX5M=
Subject key identifier: 95:C9:3E:75:1C:07:57:DE:E6:B6:E8:EE:71:B5:E8:C1:BA:94:ED:BB
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6CEAE31EF90269B55EDE421B62F5D176AD1FE801
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e1d9282c-1734-4426-ab04-111f2637372c.roa
Signing time: Sun 01 Mar 2026 01:00:09 +0000
ROA not before: Sun 01 Mar 2026 01:00:09 +0000
ROA not after: Sat 30 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 212.173.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:ea:e3:1e:f9:02:69:b5:5e:de:42:1b:62:f5:d1:76:ad:1f:e8:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 1 01:00:09 2026 GMT
Not After : May 30 23:59:59 2026 GMT
Subject: serialNumber=ae4998b9ce16fe890bfefca54dc7e340e19aa68ddc689979ff8925345ee24115, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:50:9e:bf:cb:c5:3b:e9:32:f3:2e:d8:91:b7:
fe:ed:86:1c:d9:8c:a6:4d:60:ae:99:70:ce:f1:69:
1d:a8:d4:b4:89:d9:42:d3:0b:00:c9:ea:3e:a0:d2:
4f:d9:4a:d7:f1:4d:cb:d3:52:8c:30:25:9d:8e:60:
10:44:a5:bd:19:47:4b:6c:e4:30:c7:70:d2:5c:3c:
e5:3e:d9:63:b0:39:6d:f0:31:81:4b:d9:f6:a0:82:
56:c1:49:b8:78:c8:2b:c9:38:e6:28:36:e8:4f:91:
78:2e:79:f0:2b:e9:3a:61:23:9b:0b:89:28:b8:1c:
88:91:a0:0b:e8:64:2f:d7:1f:d3:6a:ed:fe:4c:ec:
78:c8:64:45:51:00:d5:5c:74:1f:ee:4e:a7:0c:54:
77:3f:27:8e:d3:97:73:6f:15:af:1d:9e:6b:25:34:
95:fa:b5:b4:df:8c:ce:38:6d:4c:87:ae:fe:36:3d:
9d:90:c3:e1:30:7d:0f:8f:ca:eb:72:b0:d2:93:37:
dd:4a:90:81:31:27:78:9f:28:c7:d8:8a:8c:cc:1a:
fa:cc:c9:ac:25:67:4c:da:f8:7a:54:a5:fd:b3:d3:
f3:76:14:9c:c8:af:9d:72:04:ab:34:d4:fe:26:a0:
f1:a9:ff:e4:72:bd:d4:73:bb:4b:20:44:1f:ae:2f:
47:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:C9:3E:75:1C:07:57:DE:E6:B6:E8:EE:71:B5:E8:C1:BA:94:ED:BB
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e1d9282c-1734-4426-ab04-111f2637372c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.173.128.0/17
Signature Algorithm: sha256WithRSAEncryption
49:f5:f5:4c:15:75:33:41:70:81:41:83:c9:77:d3:ad:37:f7:
19:51:16:70:6e:10:69:a1:0a:d6:14:2b:1f:3d:1a:e6:f9:77:
e4:5a:7b:73:ce:51:70:ce:8e:bc:81:f4:68:c9:88:23:b4:08:
37:4d:5e:b1:97:4e:84:61:90:5a:88:70:30:27:b8:9a:d1:50:
f6:e0:d4:e5:4d:ea:61:16:42:49:aa:e2:d1:1b:a9:f3:79:65:
46:87:16:bf:16:5d:44:1e:71:88:f5:2f:ce:24:f4:95:37:0f:
ce:fb:c3:6d:23:64:98:1f:b3:8f:37:91:3d:0b:52:e3:01:c6:
1a:bb:40:85:4c:7b:22:f6:e8:84:80:ff:49:52:ce:f5:cd:f6:
5d:f3:ec:cb:61:07:39:0a:48:88:a2:ab:90:07:48:41:20:33:
1a:63:7d:05:3c:53:20:49:a7:f0:df:f7:b3:ff:6d:b1:ad:ec:
e0:7c:dd:b0:2b:06:cd:fe:5d:f3:22:1a:5b:b8:fe:a3:e9:d3:
da:16:cd:2b:1b:b1:7d:b8:34:fc:8d:41:23:d1:b8:d6:4f:a1:
97:d5:d9:f2:14:e1:61:ac:4d:ea:0b:dc:4e:ce:0b:67:94:9d:
69:3f:d2:eb:e6:65:84:9d:6e:ab:88:0c:8b:d0:63:22:ab:2e:
a8:5e:2d:67
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUbOrjHvkCabVe3kIbYvXRdq0f6AEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAzMDEwMTAwMDlaFw0yNjA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGFlNDk5OGI5Y2UxNmZlODkwYmZlZmNhNTRkYzdlMzQwZTE5YWE2OGRkYzY4
OTk3OWZmODkyNTM0NWVlMjQxMTUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJJQnr/LxTvpMvMu2JG3/u2GHNmMpk1grplwzvFpHajUtInZQtMLAMnqPqDS
T9lK1/FNy9NSjDAlnY5gEESlvRlHS2zkMMdw0lw85T7ZY7A5bfAxgUvZ9qCCVsFJ
uHjIK8k45ig26E+ReC558CvpOmEjmwuJKLgciJGgC+hkL9cf02rt/kzseMhkRVEA
1Vx0H+5OpwxUdz8njtOXc28Vrx2eayU0lfq1tN+MzjhtTIeu/jY9nZDD4TB9D4/K
63Kw0pM33UqQgTEneJ8ox9iKjMwa+szJrCVnTNr4elSl/bPT83YUnMivnXIEqzTU
/iag8an/5HK91HO7SyBEH64vR6kCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSVyT51
HAdX3ua26O5xtejBupTtuzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTFkOTI4MmMtMTczNC00NDI2LWFiMDQtMTExZjI2MzczNzJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9StgDAN
BgkqhkiG9w0BAQsFAAOCAQEASfX1TBV1M0FwgUGDyXfTrTf3GVEWcG4QaaEK1hQr
Hz0a5vl35Fp7c85RcM6OvIH0aMmII7QIN01esZdOhGGQWohwMCe4mtFQ9uDU5U3q
YRZCSari0Rup83llRocWvxZdRB5xiPUvziT0lTcPzvvDbSNkmB+zjzeRPQtS4wHG
GrtAhUx7IvbohID/SVLO9c32XfPsy2EHOQpIiKKrkAdIQSAzGmN9BTxTIEmn8N/3
s/9tsa3s4HzdsCsGzf5d8yIaW7j+o+nT2hbNKxuxfbg0/I1BI9G41k+hl9XZ8hTh
YaxN6gvcTs4LZ5SdaT/S6+ZlhJ1uq4gMi9BjIqsuqF4tZw==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:56:52 2026 by rpki-client