Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecd45447-b567-4c62-b588-28bb50cce889.roa
File: ecd45447-b567-4c62-b588-28bb50cce889.roa (raw, json)
Hash identifier: J5UsY3G3I+f7oyyxOjTBiafDCvo/IAQ4Yy1gqKAfG28=
Subject key identifier: EE:D4:83:15:C8:BD:91:2E:83:26:66:0C:6A:12:5D:6F:6C:21:A4:76
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7D203C2E21AC659F622E0FBB914AC2CB0D0DC559
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecd45447-b567-4c62-b588-28bb50cce889.roa
Signing time: Sat 28 Feb 2026 06:30:42 +0000
ROA not before: Sat 28 Feb 2026 06:30:42 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 195.17.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:20:3c:2e:21:ac:65:9f:62:2e:0f:bb:91:4a:c2:cb:0d:0d:c5:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 28 06:30:42 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=4d284b26d80e27e6433afe89c65d7dc824ee6f17fcbd3df3a8e0b76fece55557, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:cc:a4:cb:26:46:f8:69:62:17:06:b4:2b:15:
22:84:76:06:13:32:0a:37:3a:fd:08:e4:be:64:62:
89:8e:e5:c8:47:ba:56:c3:02:15:43:57:b6:5b:dc:
1d:f6:ec:ab:12:9e:c0:63:17:96:b7:78:8d:01:6d:
81:86:5c:f0:c7:9c:ea:71:77:51:5e:99:f9:08:9d:
89:b2:9a:b6:c0:f2:e4:0b:21:8f:c8:32:68:6b:86:
ec:b4:9b:87:b6:77:94:6a:38:20:21:65:64:9b:30:
b7:5c:47:a0:af:96:e5:ef:a2:c5:96:3c:86:6b:84:
7d:05:e5:ee:5d:5a:20:d2:cc:17:8b:88:3e:3e:13:
a2:e4:5f:26:ac:dc:c0:8e:d1:7e:78:a2:04:c7:4a:
a0:00:93:bf:45:d3:b6:06:95:2d:2e:5e:80:93:aa:
09:93:e0:d8:36:e2:63:fc:57:d4:b6:22:9a:33:99:
51:08:f2:bf:04:71:65:05:f7:56:7d:83:3f:ae:d5:
12:db:20:f0:ad:ca:99:e9:04:e9:f0:1b:a9:ca:ba:
fb:98:20:7d:5b:a2:22:8e:73:09:19:d6:1a:c5:ff:
15:72:34:33:fc:71:90:16:92:71:06:d0:cc:b4:04:
a2:d1:d4:49:bb:f6:63:ec:7a:10:1c:13:20:be:34:
a8:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:D4:83:15:C8:BD:91:2E:83:26:66:0C:6A:12:5D:6F:6C:21:A4:76
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecd45447-b567-4c62-b588-28bb50cce889.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.17.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c2:5e:99:57:46:9c:49:a8:20:b2:2f:6a:c5:29:9c:8e:46:20:
66:26:c8:fc:bc:5d:78:00:59:5b:37:2a:60:ae:7d:10:90:18:
e1:d5:04:e1:be:f7:38:ad:1c:23:9a:56:15:8c:90:b5:b3:33:
3d:57:fe:0a:ec:83:2f:40:03:71:5e:e5:51:76:af:2c:53:4a:
bc:b7:01:cf:68:9c:68:37:6a:95:4c:73:4d:ed:43:f1:f3:07:
18:ec:56:dc:1b:8c:aa:0d:45:df:c0:72:fa:0b:95:32:f2:73:
b1:34:47:6c:50:bd:df:f1:da:c3:2c:14:bd:d6:bd:34:0d:82:
b0:ca:94:f1:fa:5b:0f:6c:02:f0:05:29:bd:46:ba:49:1e:b2:
aa:16:f9:5a:a8:0c:36:a7:10:d6:0f:20:59:a5:61:5c:4c:4c:
28:04:c8:e5:97:b5:89:cb:34:68:01:83:80:24:b8:50:fa:c4:
95:eb:74:7b:f3:ab:85:0e:5f:7e:f2:89:c0:b8:21:8d:bf:ec:
0e:db:ca:27:fc:4e:bb:ef:bf:4a:53:9d:45:96:0e:94:fc:b9:
da:f5:59:4b:b3:83:10:98:1b:83:6b:ac:e0:bf:2f:1b:67:19:
57:d2:55:90:2c:75:53:48:b5:72:cf:8c:25:c2:95:65:7b:02:
d7:9a:e1:83
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUfSA8LiGsZZ9iLg+7kUrCyw0NxVkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMjgwNjMwNDJaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDRkMjg0YjI2ZDgwZTI3ZTY0MzNhZmU4OWM2NWQ3ZGM4MjRlZTZmMTdmY2Jk
M2RmM2E4ZTBiNzZmZWNlNTU1NTcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ7MpMsmRvhpYhcGtCsVIoR2BhMyCjc6/QjkvmRiiY7lyEe6VsMCFUNXtlvc
HfbsqxKewGMXlrd4jQFtgYZc8Mec6nF3UV6Z+QidibKatsDy5Ashj8gyaGuG7LSb
h7Z3lGo4ICFlZJswt1xHoK+W5e+ixZY8hmuEfQXl7l1aINLMF4uIPj4TouRfJqzc
wI7RfniiBMdKoACTv0XTtgaVLS5egJOqCZPg2DbiY/xX1LYimjOZUQjyvwRxZQX3
Vn2DP67VEtsg8K3KmekE6fAbqcq6+5ggfVuiIo5zCRnWGsX/FXI0M/xxkBaScQbQ
zLQEotHUSbv2Y+x6EBwTIL40qO8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTu1IMV
yL2RLoMmZgxqEl1vbCGkdjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZWNkNDU0NDctYjU2Ny00YzYyLWI1ODgtMjhiYjUwY2NlODg5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMMRMA0G
CSqGSIb3DQEBCwUAA4IBAQDCXplXRpxJqCCyL2rFKZyORiBmJsj8vF14AFlbNypg
rn0QkBjh1QThvvc4rRwjmlYVjJC1szM9V/4K7IMvQANxXuVRdq8sU0q8twHPaJxo
N2qVTHNN7UPx8wcY7FbcG4yqDUXfwHL6C5Uy8nOxNEdsUL3f8drDLBS91r00DYKw
ypTx+lsPbALwBSm9RrpJHrKqFvlaqAw2pxDWDyBZpWFcTEwoBMjll7WJyzRoAYOA
JLhQ+sSV63R786uFDl9+8onAuCGNv+wO28on/E67779KU51Flg6U/Lna9VlLs4MQ
mBuDa6zgvy8bZxlX0lWQLHVTSLVyz4wlwpVlewLXmuGD
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:52:11 2026 by rpki-client