Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f0cb36ae-21ee-4e99-93c6-e63ae570e483.roa
File: f0cb36ae-21ee-4e99-93c6-e63ae570e483.roa (raw, json)
Hash identifier: TFz7OqpkUwl+YTTGIxkUQuXR9xIrjk7zzcv2aS/FH9Q=
Subject key identifier: C7:32:03:03:DF:78:57:9B:2F:68:A0:51:FF:33:C9:A2:12:B5:67:57
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 199396F0AE92EB7481123BE7963E9555FFCB55FF
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f0cb36ae-21ee-4e99-93c6-e63ae570e483.roa
Signing time: Sat 28 Feb 2026 06:30:41 +0000
ROA not before: Sat 28 Feb 2026 06:30:41 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 193.26.64.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:93:96:f0:ae:92:eb:74:81:12:3b:e7:96:3e:95:55:ff:cb:55:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 28 06:30:41 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=f6f286a82706470080b7836b60da0ab13557e5f9588507ead5bc08e16dedf72a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:8a:ab:c9:b7:fa:58:19:f5:25:cc:a3:40:01:
74:ef:71:ee:07:ea:63:be:c9:a6:af:09:07:cc:03:
eb:c2:a4:f7:c2:ec:e9:c1:02:78:3f:68:43:51:a8:
d4:f0:e8:92:c7:59:ec:71:27:71:9d:eb:29:3a:c3:
88:80:c3:b0:1f:8c:bf:11:c2:dc:a1:8f:8a:01:e8:
74:aa:92:5a:2c:d2:ec:32:ba:36:22:0c:b7:7b:9e:
6b:b6:75:76:5f:49:3b:5b:b6:08:01:66:a6:3f:4f:
a2:56:30:5e:9e:a7:4a:83:f7:c2:d0:c0:d3:35:17:
c4:32:74:0f:56:f7:20:ef:de:00:4f:74:7b:db:f5:
6f:39:3b:a9:96:a0:62:86:85:7e:43:fc:24:88:59:
7c:37:44:1b:79:d7:fc:68:72:9c:7d:0c:66:04:03:
7b:da:ea:da:7b:ad:54:c5:41:10:dd:bf:88:f8:b9:
16:55:f5:28:c8:48:85:a6:75:02:18:6b:28:74:74:
e0:6d:1e:68:e4:6b:d8:73:a4:c2:c5:55:41:1a:2b:
72:75:42:d3:d4:95:da:54:5e:6c:77:43:10:76:27:
25:45:55:3d:8a:6b:82:82:28:d4:55:c0:15:d5:78:
94:db:ca:19:e6:5a:15:a2:df:4a:30:dd:d0:90:49:
85:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:32:03:03:DF:78:57:9B:2F:68:A0:51:FF:33:C9:A2:12:B5:67:57
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f0cb36ae-21ee-4e99-93c6-e63ae570e483.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.26.64.0/19
Signature Algorithm: sha256WithRSAEncryption
46:a4:05:fb:80:c0:86:05:72:88:1e:96:a5:83:3e:be:71:10:
0f:b9:8a:14:18:75:67:d1:12:a1:36:7f:6d:34:24:70:35:d8:
f1:87:ac:1c:ce:50:4f:ad:5e:06:87:9c:1c:a2:1a:03:da:9a:
d2:06:b9:27:2b:1e:a8:30:43:61:4d:14:47:fa:54:79:0c:77:
0c:2b:97:9a:3a:24:b2:81:64:20:f2:67:5e:2c:d7:de:8b:c6:
3b:74:87:18:ac:7d:df:ea:f8:1b:ce:a0:ad:6b:cb:66:60:cb:
86:09:b4:07:3c:6d:54:f4:1a:3e:d5:b6:c9:29:35:56:c6:1e:
16:5b:08:ea:ed:ce:41:4f:d2:07:45:1a:79:14:b8:ef:c1:4f:
ba:aa:f5:fe:e9:49:c9:fb:ee:4e:8e:7f:35:57:d2:2a:66:f7:
24:24:88:c3:df:ac:6f:47:93:96:7b:5a:2a:08:65:f2:df:bb:
ce:f3:03:de:e7:cc:35:18:1c:8d:f1:1d:80:96:95:65:21:b3:
79:65:41:57:fe:30:6e:d0:9e:f9:93:d1:f4:49:61:39:5b:99:
22:44:fa:d8:24:3b:01:ef:97:76:23:4e:4d:ab:e8:7f:41:0f:
97:f9:51:7f:ad:55:4a:38:e8:18:a4:20:63:6a:50:48:c6:30:
76:da:90:e2
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUGZOW8K6S63SBEjvnlj6VVf/LVf8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMjgwNjMwNDFaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGY2ZjI4NmE4MjcwNjQ3MDA4MGI3ODM2YjYwZGEwYWIxMzU1N2U1Zjk1ODg1
MDdlYWQ1YmMwOGUxNmRlZGY3MmExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALqKq8m3+lgZ9SXMo0ABdO9x7gfqY77Jpq8JB8wD68Kk98Ls6cECeD9oQ1Go
1PDoksdZ7HEncZ3rKTrDiIDDsB+MvxHC3KGPigHodKqSWizS7DK6NiIMt3uea7Z1
dl9JO1u2CAFmpj9PolYwXp6nSoP3wtDA0zUXxDJ0D1b3IO/eAE90e9v1bzk7qZag
YoaFfkP8JIhZfDdEG3nX/GhynH0MZgQDe9rq2nutVMVBEN2/iPi5FlX1KMhIhaZ1
AhhrKHR04G0eaORr2HOkwsVVQRorcnVC09SV2lRebHdDEHYnJUVVPYprgoIo1FXA
FdV4lNvKGeZaFaLfSjDd0JBJhckCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTHMgMD
33hXmy9ooFH/M8miErVnVzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjBjYjM2YWUtMjFlZS00ZTk5LTkzYzYtZTYzYWU1NzBlNDgzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBcEaQDAN
BgkqhkiG9w0BAQsFAAOCAQEARqQF+4DAhgVyiB6WpYM+vnEQD7mKFBh1Z9ESoTZ/
bTQkcDXY8YesHM5QT61eBoecHKIaA9qa0ga5JyseqDBDYU0UR/pUeQx3DCuXmjok
soFkIPJnXizX3ovGO3SHGKx93+r4G86grWvLZmDLhgm0BzxtVPQaPtW2ySk1VsYe
FlsI6u3OQU/SB0UaeRS478FPuqr1/ulJyfvuTo5/NVfSKmb3JCSIw9+sb0eTlnta
Kghl8t+7zvMD3ufMNRgcjfEdgJaVZSGzeWVBV/4wbtCe+ZPR9ElhOVuZIkT62CQ7
Ae+XdiNOTavof0EPl/lRf61VSjjoGKQgY2pQSMYwdtqQ4g==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:42:38 2026 by rpki-client