Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e3a37277-f023-468b-8a43-2519fccedc3e.roa
File: e3a37277-f023-468b-8a43-2519fccedc3e.roa (raw, json)
Hash identifier: yLI3eeAsyj96hY1lnHJ31IBYcz/HTyuicTQgiLlFdOA=
Subject key identifier: 44:64:65:9E:50:97:E8:16:89:39:D7:D2:5B:BA:86:2C:44:B7:64:AD
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3E19916C5E0E0FF028C6A675817325C5143A6A0E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e3a37277-f023-468b-8a43-2519fccedc3e.roa
Signing time: Fri 13 Feb 2026 15:30:38 +0000
ROA not before: Fri 13 Feb 2026 15:30:38 +0000
ROA not after: Thu 14 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 85.213.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:19:91:6c:5e:0e:0f:f0:28:c6:a6:75:81:73:25:c5:14:3a:6a:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 13 15:30:38 2026 GMT
Not After : May 14 23:59:59 2026 GMT
Subject: serialNumber=ae5699894b8cf08a9c6c1eca8567126255d898c08c138e727223cfb77b6bed63, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:07:64:c2:95:5e:0c:3e:17:03:5c:43:37:92:
93:be:e8:c5:13:25:79:ad:a1:a7:e1:f6:a4:cc:75:
ed:3e:12:8c:e1:47:69:56:24:f5:80:e2:8d:a3:38:
9e:90:33:c0:5b:5a:ee:63:a6:58:4a:48:24:73:d1:
c9:ec:78:d3:ef:c3:d7:ab:d5:3e:ac:63:dc:4b:59:
40:b0:9f:6a:f5:07:6d:2d:97:c5:2d:f9:78:7e:f3:
2a:81:5d:9e:64:f2:2f:63:3d:8b:fd:5a:6c:83:b3:
f3:8c:6b:26:45:4f:98:c7:28:02:9a:95:ca:65:83:
2f:f3:ee:05:e0:31:5e:b2:80:66:61:97:c2:2f:90:
48:ab:fe:70:fc:35:cc:ec:e6:3e:4d:d5:fc:ac:e0:
ac:f9:27:a0:7f:23:d2:79:6e:1d:e6:3e:20:14:4c:
e4:26:0e:6c:fb:7c:de:03:30:14:9d:50:95:7b:05:
fa:10:78:c7:1b:69:c7:0e:d3:97:6c:2c:0f:57:4c:
e4:8d:6e:ba:f8:59:f6:5f:2a:c1:29:e3:38:52:cf:
10:d0:a5:5a:f8:8c:aa:01:33:ef:5b:83:dd:d6:2d:
c4:f3:ad:37:18:95:85:93:f8:cd:36:2b:01:a0:17:
c3:66:97:fb:6f:f2:ea:ce:22:08:48:73:6d:43:a5:
42:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:64:65:9E:50:97:E8:16:89:39:D7:D2:5B:BA:86:2C:44:B7:64:AD
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e3a37277-f023-468b-8a43-2519fccedc3e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.213.0.0/16
Signature Algorithm: sha256WithRSAEncryption
71:01:90:b1:36:d5:d2:4d:97:17:50:57:e4:d1:84:4b:8a:b2:
27:f8:ee:23:6f:c6:7c:5e:00:f7:8f:1f:cc:10:bc:d9:0f:5e:
a1:4b:38:28:32:13:2e:25:04:3a:c9:55:56:c1:91:00:b6:08:
ff:f0:ea:a6:e9:93:f1:49:25:9d:89:9b:ea:3b:a0:04:bf:4c:
6a:eb:30:92:d5:e0:26:88:8d:d8:77:e0:04:02:a3:57:09:83:
22:c1:10:b3:a3:35:8e:b5:2a:0a:f5:18:5a:a3:c9:c4:3e:27:
47:87:ad:83:7f:4b:3d:b0:ad:44:cb:d3:7e:30:c3:c6:75:52:
86:0a:c3:f1:0f:08:9f:7a:a0:d3:15:2d:6d:73:56:d1:f1:c5:
62:06:41:72:58:83:23:1f:49:1c:b2:43:70:bc:b9:47:c2:f2:
81:c4:c2:bc:95:fb:7e:61:8c:8a:e3:bb:23:31:b6:a3:46:14:
73:4e:03:5b:ed:9c:a2:f3:cd:6b:5e:b2:86:54:c6:62:32:d4:
5a:28:70:e4:b1:dc:17:56:b2:84:34:b9:09:bb:98:5c:f0:e3:
09:dc:35:44:4d:8f:94:06:ca:c7:2a:67:4a:f6:de:0f:21:4d:
8f:da:45:2b:ea:dc:95:bf:0e:66:b5:97:a3:17:e5:a5:c3:c1:
d3:bc:1f:00
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUPhmRbF4OD/AoxqZ1gXMlxRQ6ag4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMTMxNTMwMzhaFw0yNjA1MTQyMzU5NTlaMHoxSTBHBgNV
BAUTQGFlNTY5OTg5NGI4Y2YwOGE5YzZjMWVjYTg1NjcxMjYyNTVkODk4YzA4YzEz
OGU3MjcyMjNjZmI3N2I2YmVkNjMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPEHZMKVXgw+FwNcQzeSk77oxRMlea2hp+H2pMx17T4SjOFHaVYk9YDijaM4
npAzwFta7mOmWEpIJHPRyex40+/D16vVPqxj3EtZQLCfavUHbS2XxS35eH7zKoFd
nmTyL2M9i/1abIOz84xrJkVPmMcoApqVymWDL/PuBeAxXrKAZmGXwi+QSKv+cPw1
zOzmPk3V/KzgrPknoH8j0nluHeY+IBRM5CYObPt83gMwFJ1QlXsF+hB4xxtpxw7T
l2wsD1dM5I1uuvhZ9l8qwSnjOFLPENClWviMqgEz71uD3dYtxPOtNxiVhZP4zTYr
AaAXw2aX+2/y6s4iCEhzbUOlQhsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBREZGWe
UJfoFok519JbuoYsRLdkrTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTNhMzcyNzctZjAyMy00NjhiLThhNDMtMjUxOWZjY2VkYzNlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAFXVMA0G
CSqGSIb3DQEBCwUAA4IBAQBxAZCxNtXSTZcXUFfk0YRLirIn+O4jb8Z8XgD3jx/M
ELzZD16hSzgoMhMuJQQ6yVVWwZEAtgj/8Oqm6ZPxSSWdiZvqO6AEv0xq6zCS1eAm
iI3Yd+AEAqNXCYMiwRCzozWOtSoK9Rhao8nEPidHh62Df0s9sK1Ey9N+MMPGdVKG
CsPxDwifeqDTFS1tc1bR8cViBkFyWIMjH0kcskNwvLlHwvKBxMK8lft+YYyK47sj
MbajRhRzTgNb7Zyi881rXrKGVMZiMtRaKHDksdwXVrKENLkJu5hc8OMJ3DVETY+U
BsrHKmdK9t4PIU2P2kUr6tyVvw5mtZejF+Wlw8HTvB8A
-----END CERTIFICATE-----
Generated at Mon Mar 2 05:22:29 2026 by rpki-client