Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecd45447-b567-4c62-b588-28bb50cce889.roa
File: ecd45447-b567-4c62-b588-28bb50cce889.roa (raw, json)
Hash identifier: prxKHODFyLVNu1DATb4jOnjMnZn8/yX759o8wBzf6hw=
Subject key identifier: 6F:AF:FF:63:60:85:04:B5:35:95:87:12:4E:F0:DF:9C:32:ED:56:9D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2226633EE12771AEC1460C56B366AFB153060456
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecd45447-b567-4c62-b588-28bb50cce889.roa
Signing time: Tue 19 May 2026 05:50:34 +0000
ROA not before: Tue 19 May 2026 05:50:34 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 195.17.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:26:63:3e:e1:27:71:ae:c1:46:0c:56:b3:66:af:b1:53:06:04:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 05:50:34 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=c19a1b8ea51d37eef2ded1e133fd3c3449331341f7c1f9a38140dea4bde94f73, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:7d:03:c9:a7:c8:b4:84:f3:c5:c0:da:d1:af:
41:d6:41:6e:58:18:b4:96:b6:a6:f8:df:ff:18:bb:
a5:3b:a9:0b:b0:6a:a5:a1:34:ea:c1:49:66:21:9f:
e4:b0:2a:ca:5b:b7:52:5a:fa:21:f4:03:e1:af:99:
93:28:ad:7e:ca:f2:b5:3d:c9:89:bf:13:9f:a8:f0:
63:74:8f:ca:6b:59:f7:59:7a:61:af:16:64:c9:9c:
40:b1:1d:c3:3c:2f:18:41:16:51:7e:0b:7c:0b:90:
ca:1f:75:bd:bd:8a:5c:6d:84:af:e1:ea:5d:10:cf:
9b:e1:47:c9:ed:74:ee:9a:14:76:f8:75:51:6e:8c:
c3:7e:15:f6:e3:a8:dd:d6:0a:57:c8:e8:9a:04:ee:
c5:f0:46:e2:01:94:e5:03:f5:ef:d5:dc:fb:bf:1a:
2a:94:88:87:b7:33:ae:19:59:5e:86:99:c7:f4:65:
e8:10:66:8e:8a:3f:04:c0:f4:5d:10:f3:8c:3e:7e:
3d:49:9d:1a:94:2d:65:2f:9b:03:1b:d2:ab:a5:d4:
42:17:a3:9b:85:4c:a1:0a:e6:b4:ad:d6:ff:f0:4d:
03:91:e3:f4:2d:ee:22:bc:5a:ef:6a:b0:a2:04:1f:
36:26:97:18:3b:25:bf:b8:be:43:01:c8:f5:fa:e1:
e6:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:AF:FF:63:60:85:04:B5:35:95:87:12:4E:F0:DF:9C:32:ED:56:9D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecd45447-b567-4c62-b588-28bb50cce889.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.17.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a6:a5:b7:e0:80:0c:53:19:d1:c6:a9:09:5c:42:75:d3:00:b4:
c9:10:dc:42:d7:ca:c2:6c:8d:84:b1:1d:b8:53:8f:97:5a:18:
e2:d8:d3:de:83:5e:e4:e6:8f:a0:84:c5:e8:db:4c:85:b8:b7:
0e:e9:d8:b3:83:f4:fb:93:16:24:18:77:85:92:4d:1e:30:8d:
bb:e0:ba:51:02:c7:f7:be:a1:6b:98:9f:04:db:b0:0a:de:87:
0c:e4:82:4d:25:b3:e6:9f:c7:1b:b0:26:e4:96:b6:8c:7f:bb:
6b:f5:31:9b:af:22:c8:2d:83:99:20:a6:34:a3:8d:4a:a8:b0:
4d:09:88:c9:a3:52:d3:74:53:ed:4d:1b:19:46:26:1f:68:d5:
81:68:e2:b4:c6:d3:24:9e:6f:e1:75:02:b9:46:73:15:1f:1b:
90:be:19:43:ef:e8:1e:f4:99:4a:6c:88:36:ad:2b:8b:0d:cb:
90:ee:e7:81:b8:5c:ef:cf:7b:0d:6a:a0:32:5d:60:41:c6:36:
f0:6f:28:d6:7b:f1:cf:b4:29:34:84:a4:7f:08:fb:d7:18:89:
db:f3:68:2e:17:91:45:cc:2a:f8:38:bc:9a:87:35:b8:4e:f0:
86:40:e4:24:c3:ac:78:75:92:84:29:ce:7a:4f:83:d6:ca:8a:
89:8b:1f:df
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUIiZjPuEnca7BRgxWs2avsVMGBFYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNTUwMzRaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGMxOWExYjhlYTUxZDM3ZWVmMmRlZDFlMTMzZmQzYzM0NDkzMzEzNDFmN2Mx
ZjlhMzgxNDBkZWE0YmRlOTRmNzMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPZ9A8mnyLSE88XA2tGvQdZBblgYtJa2pvjf/xi7pTupC7BqpaE06sFJZiGf
5LAqylu3Ulr6IfQD4a+ZkyitfsrytT3Jib8Tn6jwY3SPymtZ91l6Ya8WZMmcQLEd
wzwvGEEWUX4LfAuQyh91vb2KXG2Er+HqXRDPm+FHye107poUdvh1UW6Mw34V9uOo
3dYKV8jomgTuxfBG4gGU5QP179Xc+78aKpSIh7czrhlZXoaZx/Rl6BBmjoo/BMD0
XRDzjD5+PUmdGpQtZS+bAxvSq6XUQhejm4VMoQrmtK3W//BNA5Hj9C3uIrxa72qw
ogQfNiaXGDslv7i+QwHI9frh5mcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRvr/9j
YIUEtTWVhxJO8N+cMu1WnTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZWNkNDU0NDctYjU2Ny00YzYyLWI1ODgtMjhiYjUwY2NlODg5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMMRMA0G
CSqGSIb3DQEBCwUAA4IBAQCmpbfggAxTGdHGqQlcQnXTALTJENxC18rCbI2EsR24
U4+XWhji2NPeg17k5o+ghMXo20yFuLcO6dizg/T7kxYkGHeFkk0eMI274LpRAsf3
vqFrmJ8E27AK3ocM5IJNJbPmn8cbsCbklraMf7tr9TGbryLILYOZIKY0o41KqLBN
CYjJo1LTdFPtTRsZRiYfaNWBaOK0xtMknm/hdQK5RnMVHxuQvhlD7+ge9JlKbIg2
rSuLDcuQ7ueBuFzvz3sNaqAyXWBBxjbwbyjWe/HPtCk0hKR/CPvXGInb82guF5FF
zCr4OLyahzW4TvCGQOQkw6x4dZKEKc56T4PWyoqJix/f
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:24:35 2026 by rpki-client