Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f0cb36ae-21ee-4e99-93c6-e63ae570e483.roa
File: f0cb36ae-21ee-4e99-93c6-e63ae570e483.roa (raw, json)
Hash identifier: CJmsax9YlOEDNiu1XIlhQMTNgmM3cVBcTfcRHzWKY6U=
Subject key identifier: 9C:EA:17:D1:06:23:D0:BF:02:72:1B:9C:C7:68:C1:99:ED:1D:12:5E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3292DA81824081033879E8B6DC9CC083F51186C5
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f0cb36ae-21ee-4e99-93c6-e63ae570e483.roa
Signing time: Tue 19 May 2026 05:50:34 +0000
ROA not before: Tue 19 May 2026 05:50:34 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 193.26.64.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:92:da:81:82:40:81:03:38:79:e8:b6:dc:9c:c0:83:f5:11:86:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 05:50:34 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=227ac61dc7c16f6993689d6edc90e651266631c99a5b6192e035de5881b85350, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:dc:81:6a:0b:da:04:b6:df:a6:53:93:c7:7b:
df:f0:6e:83:24:e5:a6:b0:c8:32:81:a9:24:6d:f5:
0d:5b:33:23:e7:2f:12:c0:0f:59:03:6e:51:2c:5d:
bb:31:dc:e7:c6:99:50:2e:89:57:22:c0:bc:e5:55:
f4:f7:2a:ed:f3:47:41:39:00:21:21:53:9b:d2:d8:
eb:f0:6e:95:74:3e:15:56:79:d5:28:f3:b8:b3:48:
aa:19:a5:fa:d8:2d:59:a5:0d:72:c4:a2:bc:d9:7f:
5e:b8:46:c7:a5:88:10:84:3f:4e:da:43:7c:cb:21:
b9:ab:b6:db:8a:53:68:83:36:cf:8c:01:c2:e6:10:
ef:4e:03:06:78:a5:4a:69:2d:9f:25:a1:96:dd:56:
51:e0:6f:fa:57:c6:4a:56:1a:51:05:ba:26:df:b2:
e3:b8:f1:f3:81:93:ce:d3:21:a9:ef:c0:ff:4c:9a:
bc:b6:f2:c8:bd:ec:ed:c3:47:44:58:b2:d4:1f:16:
a1:2c:ac:2f:94:4d:c3:eb:bf:56:53:6e:14:df:ee:
43:4c:75:df:0e:41:84:7a:52:7f:5d:1e:ac:68:97:
23:c4:19:cb:7e:7e:69:fd:ab:4e:17:3c:97:24:c5:
f7:45:5b:6a:06:df:0c:fd:bb:09:f9:d6:99:31:4a:
cf:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:EA:17:D1:06:23:D0:BF:02:72:1B:9C:C7:68:C1:99:ED:1D:12:5E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f0cb36ae-21ee-4e99-93c6-e63ae570e483.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.26.64.0/19
Signature Algorithm: sha256WithRSAEncryption
56:2d:cd:42:82:fb:5d:69:c3:ee:4e:73:ed:99:14:65:78:56:
97:8d:c0:4e:53:7d:be:d3:f5:ad:b5:9c:57:17:b4:8e:13:a1:
cb:a7:06:a9:eb:29:b0:bc:8c:da:f2:30:b9:09:9e:ed:1c:68:
4f:63:6f:98:5a:51:dc:72:2f:61:2f:87:fd:49:16:0f:6a:48:
0b:57:bd:6c:89:cd:11:4e:09:fb:b1:d7:ba:50:68:bd:19:66:
95:46:4f:57:ac:57:d1:6a:41:64:1e:02:3b:af:31:0a:42:60:
82:50:a2:f5:45:57:b3:bf:d0:94:49:0f:cf:f2:dc:42:af:d0:
bf:21:78:91:6d:27:7c:52:82:60:a8:54:7d:96:96:40:e7:d6:
76:8b:ad:63:ce:b9:1f:a2:52:10:af:eb:e7:57:e3:ad:d7:4d:
9a:04:f1:73:6d:0b:81:be:26:75:bd:25:76:49:e1:42:e9:d4:
55:c3:26:e3:f5:e7:1d:3e:6e:07:c2:f9:cd:a1:54:02:19:9b:
ce:a3:d3:3d:68:68:82:43:75:dd:df:00:ce:ee:0e:a8:0a:db:
78:c9:a7:d4:01:4f:1d:d8:66:10:d1:be:85:e7:92:e9:d8:ff:
1c:9b:f1:1f:50:b3:1e:be:21:fa:6d:27:be:69:54:10:a1:d5:
d6:fd:37:49
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUMpLagYJAgQM4eei23JzAg/URhsUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNTUwMzRaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDIyN2FjNjFkYzdjMTZmNjk5MzY4OWQ2ZWRjOTBlNjUxMjY2NjMxYzk5YTVi
NjE5MmUwMzVkZTU4ODFiODUzNTAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANfcgWoL2gS236ZTk8d73/BugyTlprDIMoGpJG31DVszI+cvEsAPWQNuUSxd
uzHc58aZUC6JVyLAvOVV9Pcq7fNHQTkAISFTm9LY6/BulXQ+FVZ51SjzuLNIqhml
+tgtWaUNcsSivNl/XrhGx6WIEIQ/TtpDfMshuau224pTaIM2z4wBwuYQ704DBnil
SmktnyWhlt1WUeBv+lfGSlYaUQW6Jt+y47jx84GTztMhqe/A/0yavLbyyL3s7cNH
RFiy1B8WoSysL5RNw+u/VlNuFN/uQ0x13w5BhHpSf10erGiXI8QZy35+af2rThc8
lyTF90VbagbfDP27CfnWmTFKzxkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSc6hfR
BiPQvwJyG5zHaMGZ7R0SXjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjBjYjM2YWUtMjFlZS00ZTk5LTkzYzYtZTYzYWU1NzBlNDgzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBcEaQDAN
BgkqhkiG9w0BAQsFAAOCAQEAVi3NQoL7XWnD7k5z7ZkUZXhWl43ATlN9vtP1rbWc
Vxe0jhOhy6cGqespsLyM2vIwuQme7RxoT2NvmFpR3HIvYS+H/UkWD2pIC1e9bInN
EU4J+7HXulBovRlmlUZPV6xX0WpBZB4CO68xCkJgglCi9UVXs7/QlEkPz/LcQq/Q
vyF4kW0nfFKCYKhUfZaWQOfWdoutY865H6JSEK/r51fjrddNmgTxc20Lgb4mdb0l
dknhQunUVcMm4/XnHT5uB8L5zaFUAhmbzqPTPWhogkN13d8Azu4OqArbeMmn1AFP
HdhmENG+heeS6dj/HJvxH1CzHr4h+m0nvmlUEKHV1v03SQ==
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:10:58 2026 by rpki-client