Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e680ffe7-d77c-4433-81f9-ffbf76a45a6d.roa
File: e680ffe7-d77c-4433-81f9-ffbf76a45a6d.roa (raw, json)
Hash identifier: Hs14kXEM6xsPa5WTnhSs/CeFuHtDFEfWRYfrYt91stE=
Subject key identifier: 3B:DA:93:4D:F6:DD:70:E9:AD:22:20:2C:0C:D4:5A:E5:AD:CB:C6:C2
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3BF20414597156B06CC5F3C2293BB93FF039A356
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e680ffe7-d77c-4433-81f9-ffbf76a45a6d.roa
Signing time: Tue 19 May 2026 05:50:24 +0000
ROA not before: Tue 19 May 2026 05:50:24 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 193.57.181.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:f2:04:14:59:71:56:b0:6c:c5:f3:c2:29:3b:b9:3f:f0:39:a3:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 05:50:24 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=849069d7904c89c4eff4534604073f13f2c47729cac3eee50946a86969a47e19, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:d1:0a:65:27:4e:b0:c1:79:32:f3:89:1b:88:
e2:34:a6:a3:88:6b:cf:45:a5:cd:dc:60:e8:54:94:
bf:75:5c:24:f7:a6:7a:e3:0a:cc:5b:08:61:dc:78:
30:a2:59:4e:1a:d4:d9:71:4e:1a:e0:74:ef:b1:29:
f8:8c:35:db:4a:6e:7b:2f:b2:b1:70:de:09:88:92:
3c:4d:e9:e8:22:16:39:93:ec:96:7f:8e:9d:12:e1:
a2:09:32:2b:23:b0:cd:af:fb:a8:76:c4:b0:4c:2a:
6b:a2:bc:c5:3d:91:95:4e:22:14:2c:90:ca:54:69:
61:b3:16:df:34:a4:5f:c4:f2:08:9b:4b:59:b4:c4:
73:a0:a5:c4:19:ba:30:4a:ae:0a:ff:d5:61:a3:3d:
16:76:56:fc:a6:f6:6a:85:37:60:81:a2:ca:31:62:
e1:42:3e:0e:82:be:38:a6:92:8c:83:02:c1:0d:fd:
fa:af:3e:58:5b:58:9f:80:22:f7:7d:dc:69:8b:90:
52:c3:cf:1a:cc:9d:8a:49:19:46:6d:29:a0:aa:9e:
30:1d:b0:72:ee:90:22:7c:d9:00:40:f6:9a:03:8b:
24:ca:c7:ab:cd:6d:9b:cb:fc:18:06:ac:8e:a8:0e:
89:2c:e6:2e:3c:46:42:b0:7d:80:b3:24:16:7f:77:
70:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:DA:93:4D:F6:DD:70:E9:AD:22:20:2C:0C:D4:5A:E5:AD:CB:C6:C2
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e680ffe7-d77c-4433-81f9-ffbf76a45a6d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.181.0/24
Signature Algorithm: sha256WithRSAEncryption
29:f7:4e:33:e6:42:11:7d:29:5d:09:5a:23:41:73:eb:21:ed:
4e:ca:c2:7b:18:1b:24:3b:f4:08:00:81:95:0d:a6:a7:e0:25:
5d:58:71:52:7f:ec:55:6f:fd:43:39:4d:fb:f5:21:54:8f:f6:
88:38:40:b7:d6:76:11:71:22:fd:60:25:bf:91:dc:37:88:cd:
0c:4e:25:2d:cc:ef:40:ab:f7:c3:56:54:96:f7:7a:4b:6f:47:
9a:e3:50:b2:4d:4c:48:df:dd:de:71:c9:61:33:d6:90:8d:64:
d2:37:3f:06:97:ba:db:cd:c7:bc:01:b4:3f:91:b1:42:ab:f4:
96:10:0e:24:22:f5:6e:ad:9f:1f:5d:c6:67:df:9e:29:5b:07:
fe:d3:d8:01:ac:17:98:a9:16:fb:bb:c3:a5:d7:3d:fe:9b:d0:
bf:6e:38:77:fc:48:f1:7a:3e:a3:7e:9c:59:e2:13:61:1e:5d:
8c:3d:34:e8:bb:29:f2:0f:5e:3c:e5:87:3b:47:1a:61:54:31:
de:f7:3c:1e:97:91:80:3b:8e:37:34:24:23:6c:35:bb:63:73:
97:0e:ed:01:19:2b:22:3b:ca:e5:b8:7b:06:d1:79:4a:27:f8:
ef:ed:f7:78:8f:4b:d0:22:9c:48:a6:d4:66:4d:f5:ec:b3:7b:
0c:a7:99:4e
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUO/IEFFlxVrBsxfPCKTu5P/A5o1YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNTUwMjRaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDg0OTA2OWQ3OTA0Yzg5YzRlZmY0NTM0NjA0MDczZjEzZjJjNDc3MjljYWMz
ZWVlNTA5NDZhODY5NjlhNDdlMTkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALvRCmUnTrDBeTLziRuI4jSmo4hrz0Wlzdxg6FSUv3VcJPemeuMKzFsIYdx4
MKJZThrU2XFOGuB077Ep+Iw120puey+ysXDeCYiSPE3p6CIWOZPsln+OnRLhogky
KyOwza/7qHbEsEwqa6K8xT2RlU4iFCyQylRpYbMW3zSkX8TyCJtLWbTEc6ClxBm6
MEquCv/VYaM9FnZW/Kb2aoU3YIGiyjFi4UI+DoK+OKaSjIMCwQ39+q8+WFtYn4Ai
933caYuQUsPPGsydikkZRm0poKqeMB2wcu6QInzZAED2mgOLJMrHq81tm8v8GAas
jqgOiSzmLjxGQrB9gLMkFn93cCkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ72pNN
9t1w6a0iICwM1FrlrcvGwjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTY4MGZmZTctZDc3Yy00NDMzLTgxZjktZmZiZjc2YTQ1YTZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAME5tTAN
BgkqhkiG9w0BAQsFAAOCAQEAKfdOM+ZCEX0pXQlaI0Fz6yHtTsrCexgbJDv0CACB
lQ2mp+AlXVhxUn/sVW/9QzlN+/UhVI/2iDhAt9Z2EXEi/WAlv5HcN4jNDE4lLczv
QKv3w1ZUlvd6S29HmuNQsk1MSN/d3nHJYTPWkI1k0jc/Bpe6283HvAG0P5GxQqv0
lhAOJCL1bq2fH13GZ9+eKVsH/tPYAawXmKkW+7vDpdc9/pvQv244d/xI8Xo+o36c
WeITYR5djD006Lsp8g9ePOWHO0caYVQx3vc8HpeRgDuONzQkI2w1u2Nzlw7tARkr
IjvK5bh7BtF5Sif47+33eI9L0CKcSKbUZk317LN7DKeZTg==
-----END CERTIFICATE-----
Generated at Sat Jun 13 07:59:37 2026 by rpki-client