Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fb2bc1bb-cbbe-4f6c-8ef3-eabfdb4fa7b9.roa
File: fb2bc1bb-cbbe-4f6c-8ef3-eabfdb4fa7b9.roa (raw, json)
Hash identifier: y9POOlMtYgehupIAYkL1h2AdBa9NvhaSLEggGCibO1k=
Subject key identifier: BD:B7:62:B9:13:54:F9:CE:91:58:42:4C:A1:B9:56:E2:29:8A:6C:06
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2AA61066EB1E1DAC154651E8D56B45617E03D79B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fb2bc1bb-cbbe-4f6c-8ef3-eabfdb4fa7b9.roa
Signing time: Sat 28 Feb 2026 06:30:12 +0000
ROA not before: Sat 28 Feb 2026 06:30:12 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 212.167.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:a6:10:66:eb:1e:1d:ac:15:46:51:e8:d5:6b:45:61:7e:03:d7:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 28 06:30:12 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=f4b011799f80323fe0f8183f3bb7feac1e44e1a5d7c68396154b4841ff2bb3bc, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:8c:e2:4f:a2:ff:e3:2c:a5:41:9b:18:4e:f3:
80:3c:0c:9c:90:da:d1:af:28:84:8d:3f:5c:f7:a2:
09:a0:c4:a8:d7:46:5a:b6:69:a4:e2:38:27:4c:01:
c3:21:df:73:cf:02:e3:f0:6c:f2:dd:79:41:9f:3d:
d5:aa:be:50:55:a7:81:48:d1:c3:c8:36:8b:f3:bf:
da:ef:00:12:83:74:f7:dd:e0:98:f4:fe:e5:b7:bb:
9d:d5:e7:67:2a:f4:2b:7d:8d:47:c2:c4:22:35:17:
ed:5a:85:3a:71:82:6a:85:39:92:ac:5d:4a:c8:57:
6c:dd:f4:69:b0:89:b5:55:85:96:10:80:e5:dc:db:
c7:49:1a:01:52:34:60:21:15:7b:1b:60:70:59:f1:
e5:70:f0:3d:79:5c:54:19:a1:12:35:7d:bc:51:11:
ba:ad:14:ed:c7:70:9b:4f:9d:a6:fd:0a:e4:3b:1b:
ed:ca:3a:24:32:b4:71:c2:3a:d0:a2:d9:ef:f2:12:
12:91:28:ec:1a:96:aa:fa:86:fa:49:49:90:4b:3b:
f7:d6:5e:b7:5c:9c:a8:f2:3d:80:8e:e5:55:d2:2f:
3d:8a:86:5d:5d:f0:e8:ff:1e:6c:ca:44:c2:23:53:
81:29:d5:c8:ec:44:6d:e4:21:a7:be:c4:f7:a1:84:
40:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:B7:62:B9:13:54:F9:CE:91:58:42:4C:A1:B9:56:E2:29:8A:6C:06
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fb2bc1bb-cbbe-4f6c-8ef3-eabfdb4fa7b9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.167.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9a:8f:cb:46:60:79:df:d7:93:87:88:96:e5:07:3d:71:42:83:
8c:62:b5:00:95:b8:df:91:d9:0b:e9:a2:71:29:db:2b:fa:83:
c8:fc:94:d0:c9:25:07:6f:90:1e:9f:1f:5f:89:54:2e:20:06:
51:16:b4:be:28:2f:03:cc:cf:f0:9d:92:75:79:be:f0:e2:ae:
57:dc:db:8a:14:05:0b:d5:02:e9:1a:58:13:bb:4e:4b:1c:c7:
53:58:5f:49:67:6c:3f:51:f9:ab:be:59:bf:a1:2a:b2:09:5f:
75:99:40:21:cf:df:c1:52:32:24:71:99:0d:c7:b6:62:8f:36:
8c:dd:20:c6:0e:e8:6b:23:38:38:d0:6c:4f:7e:15:f7:7a:2c:
85:65:24:7f:d7:34:83:59:84:4b:76:86:14:25:1c:55:34:9a:
d8:13:10:de:9b:0f:6f:c9:8c:3c:3b:ac:cb:b1:7e:2e:05:a4:
e8:bc:fe:c9:cf:c1:53:57:af:73:11:2d:9f:0c:16:e4:fb:cd:
7e:08:ab:48:ce:af:35:e4:ec:eb:aa:be:ac:61:27:97:80:67:
de:9a:e4:4e:a9:79:f7:1e:ae:db:86:2e:d2:96:1d:09:a5:86:
d5:52:1a:57:69:1f:4e:68:90:49:66:de:05:da:99:e0:39:b5:
85:a9:0a:54
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUKqYQZuseHawVRlHo1WtFYX4D15swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMjgwNjMwMTJaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGY0YjAxMTc5OWY4MDMyM2ZlMGY4MTgzZjNiYjdmZWFjMWU0NGUxYTVkN2M2
ODM5NjE1NGI0ODQxZmYyYmIzYmMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMyM4k+i/+MspUGbGE7zgDwMnJDa0a8ohI0/XPeiCaDEqNdGWrZppOI4J0wB
wyHfc88C4/Bs8t15QZ891aq+UFWngUjRw8g2i/O/2u8AEoN0993gmPT+5be7ndXn
Zyr0K32NR8LEIjUX7VqFOnGCaoU5kqxdSshXbN30abCJtVWFlhCA5dzbx0kaAVI0
YCEVextgcFnx5XDwPXlcVBmhEjV9vFERuq0U7cdwm0+dpv0K5Dsb7co6JDK0ccI6
0KLZ7/ISEpEo7BqWqvqG+klJkEs799Zet1ycqPI9gI7lVdIvPYqGXV3w6P8ebMpE
wiNTgSnVyOxEbeQhp77E96GEQBkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS9t2K5
E1T5zpFYQkyhuVbiKYpsBjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmIyYmMxYmItY2JiZS00ZjZjLThlZjMtZWFiZmRiNGZhN2I5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDANSnMA0G
CSqGSIb3DQEBCwUAA4IBAQCaj8tGYHnf15OHiJblBz1xQoOMYrUAlbjfkdkL6aJx
Kdsr+oPI/JTQySUHb5Aenx9fiVQuIAZRFrS+KC8DzM/wnZJ1eb7w4q5X3NuKFAUL
1QLpGlgTu05LHMdTWF9JZ2w/Ufmrvlm/oSqyCV91mUAhz9/BUjIkcZkNx7ZijzaM
3SDGDuhrIzg40GxPfhX3eiyFZSR/1zSDWYRLdoYUJRxVNJrYExDemw9vyYw8O6zL
sX4uBaTovP7Jz8FTV69zES2fDBbk+81+CKtIzq815Ozrqr6sYSeXgGfemuROqXn3
Hq7bhi7Slh0JpYbVUhpXaR9OaJBJZt4F2pngObWFqQpU
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:25:50 2026 by rpki-client