Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e680ffe7-d77c-4433-81f9-ffbf76a45a6d.roa
File: e680ffe7-d77c-4433-81f9-ffbf76a45a6d.roa (raw, json)
Hash identifier: ET8aaCzd+JBrILVwAvmBpj7a2tROArJAk93CnUhWcI0=
Subject key identifier: 43:87:0E:E1:FF:F5:F4:EA:5E:BA:E2:5A:AA:50:DF:E7:45:A2:F3:BC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 11FEB5023A779F4124BC488DA557AB76FF4D163A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e680ffe7-d77c-4433-81f9-ffbf76a45a6d.roa
Signing time: Sat 28 Feb 2026 06:40:23 +0000
ROA not before: Sat 28 Feb 2026 06:40:23 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 193.57.181.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:fe:b5:02:3a:77:9f:41:24:bc:48:8d:a5:57:ab:76:ff:4d:16:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 28 06:40:23 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=cd48b5145d9a49d78efa9c847822c4734fff3909d675407f906a05a4cf02d85d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:21:93:01:28:8a:74:4e:d0:42:10:71:05:68:
19:61:77:d7:cb:3b:93:05:b6:e4:6c:f1:2d:40:d1:
a6:35:43:bf:8e:ac:34:a7:02:db:2f:c0:e6:af:e9:
43:e1:e4:6b:06:b1:de:3d:2f:13:f8:2a:23:c0:1d:
b3:b5:27:9a:96:52:07:c9:6b:e2:13:9a:26:0b:0e:
88:a9:ad:a8:89:5f:c9:91:d7:04:1e:1b:50:97:7b:
d7:7c:63:f9:75:91:82:7c:f5:c9:2c:51:44:46:21:
61:bf:db:80:34:79:d8:08:b4:a2:af:3d:d2:31:ec:
b7:3d:64:2d:27:99:53:94:b0:30:70:9b:4f:ea:03:
9a:52:76:8b:59:0c:49:b8:ec:ce:37:9d:76:f5:7a:
25:f6:30:30:c5:cb:6b:5e:4e:09:b8:80:4c:a1:5f:
ed:29:24:11:6c:8e:4c:6d:b4:d3:cf:a9:8e:8e:17:
71:3d:a3:90:11:fc:87:eb:03:13:db:53:dd:27:85:
fb:c8:39:f2:5f:83:eb:25:f1:ed:02:78:11:05:67:
03:f9:0b:ec:1a:42:e3:64:72:81:af:5f:36:3b:3d:
1c:c3:28:ae:e5:74:ad:fd:40:6e:c2:17:fc:2c:44:
fe:2b:6f:e6:bf:b8:26:df:8a:54:8c:eb:2f:c2:0f:
50:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:87:0E:E1:FF:F5:F4:EA:5E:BA:E2:5A:AA:50:DF:E7:45:A2:F3:BC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e680ffe7-d77c-4433-81f9-ffbf76a45a6d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.181.0/24
Signature Algorithm: sha256WithRSAEncryption
44:d1:1b:8f:d5:37:ef:4c:62:ce:84:a2:82:67:1d:9b:2e:13:
05:80:ec:06:cf:0c:5a:15:19:80:5d:6f:9a:b5:01:77:df:0d:
cd:95:51:fd:9f:9a:86:5b:b4:fe:48:1b:85:37:f0:95:8a:53:
fb:d3:e6:f4:07:d3:58:24:28:24:4d:5c:aa:e7:fb:e5:e7:81:
c9:56:25:a8:51:f3:a8:67:06:4d:a5:5a:58:e2:89:3f:a8:b8:
a6:4b:9b:72:98:3c:f3:c4:f7:23:e0:de:42:74:50:6a:c1:9b:
89:73:42:ce:d9:0b:a9:24:b2:06:78:6b:1a:81:63:c7:c4:3a:
fa:11:5a:c3:c9:f7:c8:16:d8:d1:10:3b:1f:af:38:c9:7a:ee:
df:24:f9:d0:f6:73:4a:96:56:97:0d:08:30:d4:dc:7c:b7:b0:
d6:14:f8:7b:0c:49:70:e5:14:1f:4c:cc:94:f4:75:51:9f:b0:
89:9c:eb:dd:28:6b:6f:17:e1:86:70:57:69:b8:3e:02:38:5d:
a8:ed:ca:5d:64:23:ba:bc:34:d7:28:91:75:8e:08:3b:d7:4b:
d9:04:22:9f:6b:6a:d2:b4:2f:16:2e:a9:64:e4:57:b6:60:64:
45:18:eb:72:55:1b:4a:5b:6c:0d:7d:50:01:0b:3e:61:59:84:
86:98:34:12
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUEf61Ajp3n0EkvEiNpVerdv9NFjowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMjgwNjQwMjNaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGNkNDhiNTE0NWQ5YTQ5ZDc4ZWZhOWM4NDc4MjJjNDczNGZmZjM5MDlkNjc1
NDA3ZjkwNmEwNWE0Y2YwMmQ4NWQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALkhkwEoinRO0EIQcQVoGWF318s7kwW25GzxLUDRpjVDv46sNKcC2y/A5q/p
Q+Hkawax3j0vE/gqI8Ads7UnmpZSB8lr4hOaJgsOiKmtqIlfyZHXBB4bUJd713xj
+XWRgnz1ySxRREYhYb/bgDR52Ai0oq890jHstz1kLSeZU5SwMHCbT+oDmlJ2i1kM
SbjszjeddvV6JfYwMMXLa15OCbiATKFf7SkkEWyOTG2008+pjo4XcT2jkBH8h+sD
E9tT3SeF+8g58l+D6yXx7QJ4EQVnA/kL7BpC42Ryga9fNjs9HMMoruV0rf1AbsIX
/CxE/itv5r+4Jt+KVIzrL8IPUFMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRDhw7h
//X06l664lqqUN/nRaLzvDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTY4MGZmZTctZDc3Yy00NDMzLTgxZjktZmZiZjc2YTQ1YTZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAME5tTAN
BgkqhkiG9w0BAQsFAAOCAQEARNEbj9U370xizoSigmcdmy4TBYDsBs8MWhUZgF1v
mrUBd98NzZVR/Z+ahlu0/kgbhTfwlYpT+9Pm9AfTWCQoJE1cquf75eeByVYlqFHz
qGcGTaVaWOKJP6i4pkubcpg888T3I+DeQnRQasGbiXNCztkLqSSyBnhrGoFjx8Q6
+hFaw8n3yBbY0RA7H684yXru3yT50PZzSpZWlw0IMNTcfLew1hT4ewxJcOUUH0zM
lPR1UZ+wiZzr3ShrbxfhhnBXabg+AjhdqO3KXWQjurw01yiRdY4IO9dL2QQin2tq
0rQvFi6pZORXtmBkRRjrclUbSltsDX1QAQs+YVmEhpg0Eg==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:44:38 2026 by rpki-client