Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fb2bc1bb-cbbe-4f6c-8ef3-eabfdb4fa7b9.roa
File: fb2bc1bb-cbbe-4f6c-8ef3-eabfdb4fa7b9.roa (raw, json)
Hash identifier: y+Bjm/ZCHIVZ7m9GjVpPXYaOyUs4n6CDb4gbVNt6beY=
Subject key identifier: B7:28:33:F0:C2:C0:A8:AA:67:7E:25:84:3F:86:40:78:21:E7:89:42
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7869E93977C0AE874024A9B41A3D6E315C73C5E6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fb2bc1bb-cbbe-4f6c-8ef3-eabfdb4fa7b9.roa
Signing time: Tue 19 May 2026 05:50:08 +0000
ROA not before: Tue 19 May 2026 05:50:08 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 212.167.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:69:e9:39:77:c0:ae:87:40:24:a9:b4:1a:3d:6e:31:5c:73:c5:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 05:50:08 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=7d6cf557ed6406606cb4c0e131ab563d2f9fe733fb084c100db85c510f1627a1, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:32:79:b6:b5:97:5e:88:5f:99:55:d1:3f:11:
a8:0b:0b:91:b3:b4:00:ca:7e:c6:ff:08:a4:a3:a0:
54:f4:a2:24:4b:af:fa:21:3e:0f:d2:f3:bf:01:32:
26:c5:2b:0a:80:c3:27:78:bc:17:74:04:4e:ae:37:
26:a7:56:6d:5f:fe:97:73:14:95:b5:1b:18:54:b9:
a4:ae:2d:e2:56:44:47:18:83:67:79:40:a9:76:5d:
1a:b5:14:a9:f7:2f:4d:18:26:7e:ed:3f:42:8a:39:
b6:21:e5:c8:83:9c:4d:85:99:dc:82:4f:64:8d:6e:
94:fe:6d:19:44:6a:52:92:a6:2f:38:e5:a9:21:b8:
14:f8:aa:95:b2:8a:d7:3b:c9:ef:26:b2:ca:e1:50:
99:2c:5e:3b:25:cd:93:bc:86:f4:61:2d:1b:8c:b1:
ac:2b:1d:54:de:16:c7:af:68:97:ef:0b:22:6d:85:
29:b0:ff:4a:b6:54:99:a1:bb:0f:74:87:71:90:03:
44:91:ed:fa:ad:62:47:cf:0b:f8:cc:07:11:60:5a:
b0:f4:3c:62:14:82:84:98:d4:18:c6:a3:c5:e4:89:
2f:f9:0a:c8:d9:c2:52:60:a3:af:9c:56:c0:b9:a0:
03:e9:54:e8:1d:7c:1a:a9:d6:e3:62:2a:ac:24:e8:
f3:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:28:33:F0:C2:C0:A8:AA:67:7E:25:84:3F:86:40:78:21:E7:89:42
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fb2bc1bb-cbbe-4f6c-8ef3-eabfdb4fa7b9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.167.0.0/16
Signature Algorithm: sha256WithRSAEncryption
af:5e:a2:15:52:70:07:d9:76:ac:05:b3:c2:58:e8:8f:8f:73:
24:0b:fe:3a:76:4a:d4:9a:bc:cb:49:09:44:5b:6d:98:b4:fd:
77:c4:2f:ec:31:1d:10:9a:0c:ef:15:29:cb:c0:6c:99:bc:5e:
b1:8b:af:b9:4a:48:5c:f5:bc:a5:8a:33:6a:b7:fe:6e:55:e7:
8c:8b:62:3e:74:db:e4:bf:8c:b3:8d:8f:7f:00:84:6a:8a:70:
d5:bc:e4:ca:87:b7:ce:0d:09:18:8f:ec:8c:7c:15:16:a6:a4:
18:1e:06:fe:7f:9b:16:7b:99:5d:e4:55:d1:45:11:e1:bf:a7:
47:73:e4:86:38:1e:7a:04:5f:6f:84:2c:99:de:9f:37:a1:5d:
f4:f5:d4:c7:54:23:17:ca:6e:24:0d:09:42:0c:a1:8e:2a:4e:
89:c0:15:3c:68:71:28:c7:72:d7:c4:95:55:10:7f:da:7a:6c:
8b:da:ae:95:47:aa:4a:62:30:57:66:2a:90:9f:a7:21:31:df:
aa:66:a6:cb:08:d3:ec:0b:49:9e:6d:fa:a7:d5:70:c3:0e:3a:
cc:dd:96:d0:61:4a:5b:bf:1e:a3:28:99:09:92:bb:7d:8d:c3:
0d:5d:79:a0:3b:f8:07:64:e3:da:e5:b1:60:21:5e:9a:f9:ad:
fe:52:e5:29
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUeGnpOXfArodAJKm0Gj1uMVxzxeYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNTUwMDhaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDdkNmNmNTU3ZWQ2NDA2NjA2Y2I0YzBlMTMxYWI1NjNkMmY5ZmU3MzNmYjA4
NGMxMDBkYjg1YzUxMGYxNjI3YTExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL8yeba1l16IX5lV0T8RqAsLkbO0AMp+xv8IpKOgVPSiJEuv+iE+D9LzvwEy
JsUrCoDDJ3i8F3QETq43JqdWbV/+l3MUlbUbGFS5pK4t4lZERxiDZ3lAqXZdGrUU
qfcvTRgmfu0/Qoo5tiHlyIOcTYWZ3IJPZI1ulP5tGURqUpKmLzjlqSG4FPiqlbKK
1zvJ7yayyuFQmSxeOyXNk7yG9GEtG4yxrCsdVN4Wx69ol+8LIm2FKbD/SrZUmaG7
D3SHcZADRJHt+q1iR88L+MwHEWBasPQ8YhSChJjUGMajxeSJL/kKyNnCUmCjr5xW
wLmgA+lU6B18GqnW42IqrCTo8/UCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS3KDPw
wsCoqmd+JYQ/hkB4IeeJQjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmIyYmMxYmItY2JiZS00ZjZjLThlZjMtZWFiZmRiNGZhN2I5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDANSnMA0G
CSqGSIb3DQEBCwUAA4IBAQCvXqIVUnAH2XasBbPCWOiPj3MkC/46dkrUmrzLSQlE
W22YtP13xC/sMR0QmgzvFSnLwGyZvF6xi6+5Skhc9bylijNqt/5uVeeMi2I+dNvk
v4yzjY9/AIRqinDVvOTKh7fODQkYj+yMfBUWpqQYHgb+f5sWe5ld5FXRRRHhv6dH
c+SGOB56BF9vhCyZ3p83oV309dTHVCMXym4kDQlCDKGOKk6JwBU8aHEox3LXxJVV
EH/aemyL2q6VR6pKYjBXZiqQn6chMd+qZqbLCNPsC0mebfqn1XDDDjrM3ZbQYUpb
vx6jKJkJkrt9jcMNXXmgO/gHZOPa5bFgIV6a+a3+UuUp
-----END CERTIFICATE-----
Generated at Sat Jun 13 07:58:32 2026 by rpki-client