Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e7ebe29c-b29a-41b9-8205-cf9e03925e93.roa
File: e7ebe29c-b29a-41b9-8205-cf9e03925e93.roa (raw, json)
Hash identifier: BliveCvLQxHvkIH7K+H9EueyZkJREHr2bdDlkNn+TIM=
Subject key identifier: B5:ED:06:EF:C2:F0:89:B0:BC:D8:23:D5:59:FD:3E:2D:8D:21:4A:40
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 43EBC9DE61D80897C628A672C545713F46CCB68B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e7ebe29c-b29a-41b9-8205-cf9e03925e93.roa
Signing time: Sat 28 Feb 2026 06:40:25 +0000
ROA not before: Sat 28 Feb 2026 06:40:25 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 57.101.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:eb:c9:de:61:d8:08:97:c6:28:a6:72:c5:45:71:3f:46:cc:b6:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 28 06:40:25 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=c11bf059be0e9244dcc5a8899ebcf0360717ab0d0ebd6a45fd0c72a05b7a08f9, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:ad:5f:9e:23:08:f0:60:fc:4b:1e:a7:78:f1:
86:24:ba:a2:a6:a1:71:b3:88:77:37:d3:42:54:cf:
6e:5c:ef:84:0f:0e:11:d3:84:59:f9:6e:78:95:8c:
c9:df:94:3a:98:7b:0a:a0:c4:a7:d2:d7:96:50:22:
5e:bd:b7:42:16:2b:85:04:b1:20:78:0e:3d:f8:43:
b3:11:35:b9:10:20:77:2b:48:3b:fc:cd:df:d3:81:
f8:9e:80:d6:ef:3c:b7:45:30:18:d6:0e:b1:9a:8b:
28:40:2b:d2:98:a6:48:a5:fc:a2:6f:0d:b0:fb:04:
13:d9:a3:63:b1:d9:fb:4f:7f:cd:7e:7c:4d:11:51:
45:40:2f:27:90:54:ce:12:79:5b:aa:d0:ef:90:29:
c6:81:ba:c1:d6:10:c9:27:72:75:18:d2:e4:9e:47:
8b:8e:21:38:7e:d9:4b:5b:9e:67:75:0a:2a:a7:ed:
69:6a:c9:f2:c4:cb:cb:a5:e2:44:e5:78:19:4d:fe:
fe:ab:31:5b:aa:6a:4f:aa:69:9d:19:4b:c5:b2:95:
c3:0d:36:9c:ab:f4:d9:33:56:f5:03:5b:64:ff:b9:
5e:24:44:57:c9:8b:fa:2e:d3:04:db:a9:3a:86:ce:
cf:df:24:0a:8b:1e:96:16:05:c7:5b:45:e1:28:8b:
e4:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:ED:06:EF:C2:F0:89:B0:BC:D8:23:D5:59:FD:3E:2D:8D:21:4A:40
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e7ebe29c-b29a-41b9-8205-cf9e03925e93.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.101.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0f:62:5b:76:f9:f2:0d:74:be:c7:da:85:d7:50:f9:cb:24:e3:
d5:34:92:d9:8e:e4:31:1e:72:00:b9:ba:fd:57:c5:73:93:0e:
f4:c1:f5:ca:0e:61:1c:e0:a0:cb:47:9f:af:ed:79:cc:1a:ae:
44:62:81:35:24:e1:bf:25:d6:56:ca:1a:58:40:3b:5b:0e:a3:
a1:be:a5:01:d4:2e:1b:68:d4:97:ce:73:33:13:b7:1a:4d:d6:
5a:59:42:32:de:03:55:0e:b7:5e:7a:df:61:34:f6:81:33:bd:
66:39:e8:92:df:73:71:ae:8a:cd:a4:d3:9a:79:38:5a:ac:ef:
04:96:5d:b1:dd:bd:86:43:af:ac:9b:f2:12:a6:ce:09:99:20:
a7:35:ca:93:34:d0:be:08:40:dc:73:0f:9a:78:d0:cc:85:c6:
97:71:e9:57:6d:66:48:1a:ca:08:ba:45:28:d1:ba:da:5e:0e:
84:1c:ed:26:59:0a:c2:df:1f:ce:5c:75:83:6e:f7:11:e7:a6:
3f:0a:8d:c2:4d:cd:79:db:48:18:11:e7:9e:8e:d1:9f:9b:2a:
73:5b:ed:fb:39:f4:3b:cb:9d:6e:b9:83:89:9d:9c:6f:6e:a3:
9a:9d:f2:b8:93:cd:cd:fc:3d:77:aa:b9:ba:c4:d9:b9:a8:d6:
ff:94:3f:a9
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUQ+vJ3mHYCJfGKKZyxUVxP0bMtoswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMjgwNjQwMjVaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGMxMWJmMDU5YmUwZTkyNDRkY2M1YTg4OTllYmNmMDM2MDcxN2FiMGQwZWJk
NmE0NWZkMGM3MmEwNWI3YTA4ZjkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKmtX54jCPBg/Esep3jxhiS6oqahcbOIdzfTQlTPblzvhA8OEdOEWflueJWM
yd+UOph7CqDEp9LXllAiXr23QhYrhQSxIHgOPfhDsxE1uRAgdytIO/zN39OB+J6A
1u88t0UwGNYOsZqLKEAr0pimSKX8om8NsPsEE9mjY7HZ+09/zX58TRFRRUAvJ5BU
zhJ5W6rQ75ApxoG6wdYQySdydRjS5J5Hi44hOH7ZS1ueZ3UKKqftaWrJ8sTLy6Xi
ROV4GU3+/qsxW6pqT6ppnRlLxbKVww02nKv02TNW9QNbZP+5XiREV8mL+i7TBNup
OobOz98kCoselhYFx1tF4SiL5B0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS17Qbv
wvCJsLzYI9VZ/T4tjSFKQDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTdlYmUyOWMtYjI5YS00MWI5LTgyMDUtY2Y5ZTAzOTI1ZTkzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADllMA0G
CSqGSIb3DQEBCwUAA4IBAQAPYlt2+fINdL7H2oXXUPnLJOPVNJLZjuQxHnIAubr9
V8Vzkw70wfXKDmEc4KDLR5+v7XnMGq5EYoE1JOG/JdZWyhpYQDtbDqOhvqUB1C4b
aNSXznMzE7caTdZaWUIy3gNVDrdeet9hNPaBM71mOeiS33NxrorNpNOaeTharO8E
ll2x3b2GQ6+sm/ISps4JmSCnNcqTNNC+CEDccw+aeNDMhcaXcelXbWZIGsoIukUo
0braXg6EHO0mWQrC3x/OXHWDbvcR56Y/Co3CTc1520gYEeeejtGfmypzW+37OfQ7
y51uuYOJnZxvbqOanfK4k83N/D13qrm6xNm5qNb/lD+p
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:49:34 2026 by rpki-client