Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e398b47e-9867-4e71-96db-760f9102a39f.roa
File: e398b47e-9867-4e71-96db-760f9102a39f.roa (raw, json)
Hash identifier: ISNMCdwmMvSdT13/1FgS2tMDd9YcCK6hsqo2HfVMylY=
Subject key identifier: 95:DC:38:74:5F:34:99:32:93:2E:AE:49:F7:BA:B0:D4:E7:AA:A9:3E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4B0DED3E1988DC36C13F36C1A1B2FDCDCDEB4F90
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e398b47e-9867-4e71-96db-760f9102a39f.roa
Signing time: Sat 28 Feb 2026 06:30:10 +0000
ROA not before: Sat 28 Feb 2026 06:30:10 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 62785
IP address blocks: 193.57.182.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 13:50:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:0d:ed:3e:19:88:dc:36:c1:3f:36:c1:a1:b2:fd:cd:cd:eb:4f:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 28 06:30:10 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=06c59438ed34bb3a2b41ce37c0255690deb132e9589bb9efd1f10c3a501d9014, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:ba:19:32:b3:5a:e3:54:6a:de:64:39:34:d1:
97:ad:b2:cd:71:b2:d0:76:3a:00:8c:50:ff:26:d7:
b7:0f:c6:85:da:99:f9:7d:6d:90:b0:8b:37:60:4e:
92:41:e1:0e:fb:2e:fd:43:58:97:db:7f:74:13:d1:
45:fa:58:d1:f5:bd:7b:2e:78:c0:37:fb:02:6d:14:
9b:b3:bb:e0:d7:db:bb:b8:f3:5c:22:5f:05:0f:8f:
68:65:13:f7:c7:70:95:43:5c:7f:c8:5c:2d:0e:2a:
7e:2a:5d:cc:3d:20:fc:17:8b:d1:64:58:ea:d4:79:
1a:58:df:45:ae:30:55:7f:e0:5c:0b:69:7d:4e:df:
0e:77:55:dd:10:2c:93:df:03:66:5c:24:37:b2:19:
0c:4d:37:59:47:72:bd:71:9a:14:09:6a:bb:7f:09:
34:01:8d:c3:a9:fc:70:b8:f3:be:ba:eb:e3:c2:68:
84:19:17:c7:75:66:7f:ac:eb:92:07:75:37:73:a5:
46:c8:77:d7:fc:9b:12:24:c4:cc:10:77:3f:a6:77:
e7:06:0d:db:19:fc:f2:75:e4:cf:2c:c8:33:21:9a:
d6:19:28:8c:91:15:75:75:60:b9:70:a5:3a:dc:da:
25:81:0b:36:d2:cb:dc:41:ad:e7:f4:fe:66:3f:85:
49:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:DC:38:74:5F:34:99:32:93:2E:AE:49:F7:BA:B0:D4:E7:AA:A9:3E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e398b47e-9867-4e71-96db-760f9102a39f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.182.0/23
Signature Algorithm: sha256WithRSAEncryption
83:c1:9c:bd:67:52:6c:81:0a:21:e2:c8:98:af:29:25:27:16:
a3:cb:55:91:57:a1:fc:69:9c:04:23:f2:b4:f1:25:ea:5f:28:
36:ec:87:6c:aa:41:94:26:6a:66:dc:e1:24:d5:8e:a0:64:84:
cb:70:bd:85:d6:7b:e9:5d:c8:ba:85:40:11:13:7a:d8:32:71:
4b:19:3f:dc:b0:a2:dc:1f:51:c5:47:d9:f2:92:14:ea:28:1f:
5e:e3:83:1b:bb:52:d2:e0:07:8d:97:c5:7f:62:c8:5a:45:bb:
c9:a9:11:31:6d:2d:86:49:1e:79:af:08:4f:27:ab:60:44:56:
dd:49:fc:a0:6b:8c:0a:c3:f4:38:ae:0a:06:ff:3d:54:00:e6:
60:ea:d6:ae:ac:f0:52:4b:79:73:14:0b:cb:28:2f:02:3c:2d:
5d:42:e7:0e:d3:d0:d0:8d:2d:c3:f3:ef:da:d4:ea:4a:44:3e:
a7:54:c2:00:4d:2d:33:8e:ae:c1:f5:ca:88:e2:35:fd:4b:1c:
c7:af:43:31:cb:9e:72:68:9c:3b:2f:ad:45:fb:41:78:d5:e7:
0b:e4:7e:f6:5b:2e:2b:7f:c6:01:29:1b:01:7a:a4:b4:d9:7c:
30:2a:d7:98:05:ad:ae:41:2a:35:3d:19:7b:69:e7:de:21:0e:
55:32:ea:2f
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUSw3tPhmI3DbBPzbBobL9zc3rT5AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMjgwNjMwMTBaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDA2YzU5NDM4ZWQzNGJiM2EyYjQxY2UzN2MwMjU1NjkwZGViMTMyZTk1ODli
YjllZmQxZjEwYzNhNTAxZDkwMTQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANG6GTKzWuNUat5kOTTRl62yzXGy0HY6AIxQ/ybXtw/GhdqZ+X1tkLCLN2BO
kkHhDvsu/UNYl9t/dBPRRfpY0fW9ey54wDf7Am0Um7O74Nfbu7jzXCJfBQ+PaGUT
98dwlUNcf8hcLQ4qfipdzD0g/BeL0WRY6tR5GljfRa4wVX/gXAtpfU7fDndV3RAs
k98DZlwkN7IZDE03WUdyvXGaFAlqu38JNAGNw6n8cLjzvrrr48JohBkXx3Vmf6zr
kgd1N3OlRsh31/ybEiTEzBB3P6Z35wYN2xn88nXkzyzIMyGa1hkojJEVdXVguXCl
OtzaJYELNtLL3EGt5/T+Zj+FSZkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSV3Dh0
XzSZMpMurkn3urDU56qpPjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTM5OGI0N2UtOTg2Ny00ZTcxLTk2ZGItNzYwZjkxMDJhMzlmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcE5tjAN
BgkqhkiG9w0BAQsFAAOCAQEAg8GcvWdSbIEKIeLImK8pJScWo8tVkVeh/GmcBCPy
tPEl6l8oNuyHbKpBlCZqZtzhJNWOoGSEy3C9hdZ76V3IuoVAERN62DJxSxk/3LCi
3B9RxUfZ8pIU6igfXuODG7tS0uAHjZfFf2LIWkW7yakRMW0thkkeea8ITyerYERW
3Un8oGuMCsP0OK4KBv89VADmYOrWrqzwUkt5cxQLyygvAjwtXULnDtPQ0I0tw/Pv
2tTqSkQ+p1TCAE0tM46uwfXKiOI1/Uscx69DMcuecmicOy+tRftBeNXnC+R+9lsu
K3/GASkbAXqktNl8MCrXmAWtrkEqNT0Ze2nn3iEOVTLqLw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 17:24:40 2026 by rpki-client