Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ff2e2d46-44f0-4790-a453-0090beda0015.roa
File: ff2e2d46-44f0-4790-a453-0090beda0015.roa (raw, json)
Hash identifier: Sjc/ZvCIkc7Sl65CZYcipCnhvLImvbEyh4QNNIF5TOE=
Subject key identifier: B3:30:7F:56:BD:EB:32:0B:95:EA:AB:FE:A5:3B:30:87:A2:08:69:0C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 44FCB6B5067814058BBBA3121A6D6646CA5CE96F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ff2e2d46-44f0-4790-a453-0090beda0015.roa
Signing time: Sat 28 Feb 2026 06:30:42 +0000
ROA not before: Sat 28 Feb 2026 06:30:42 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 195.247.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:fc:b6:b5:06:78:14:05:8b:bb:a3:12:1a:6d:66:46:ca:5c:e9:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 28 06:30:42 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=c19433a777fb1e9fb63cd721e98c06ea785d5430730ec3d2aa9543b264ffbbef, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:5a:d1:70:c6:ab:26:81:a1:1b:fd:36:07:a4:
e4:70:ac:a5:90:f2:40:d4:e4:d5:00:11:af:59:b3:
87:df:e3:32:04:ad:0c:cb:aa:c9:d4:66:ce:7d:27:
0d:1b:d9:29:52:cd:ce:2d:cd:45:71:e5:e0:72:d0:
12:63:bc:0e:6b:32:bd:d0:6c:31:20:ba:32:48:13:
b3:42:42:f6:71:f7:18:0d:ce:07:3d:c9:6b:a9:dd:
fe:c9:15:ed:d4:a6:1b:b5:fe:0e:b7:f4:11:ea:35:
0d:f7:7a:1c:1a:e6:42:37:e1:02:95:1d:a7:e0:0b:
6d:6c:d4:02:72:37:40:97:27:00:05:3e:26:78:e2:
13:10:28:14:e2:68:d2:7b:24:53:72:2c:c5:38:bc:
a3:ac:13:50:fd:41:66:83:d9:a1:70:72:8b:42:f0:
c1:89:1b:a1:35:9d:a2:35:81:7c:d6:3c:fe:63:e1:
51:02:4a:39:62:b1:b1:6e:10:3b:cf:a2:5a:37:58:
8c:8e:2e:a5:3f:fa:b3:ed:d3:40:8d:fe:fc:c7:a2:
d6:49:80:87:b0:72:83:78:e4:94:54:44:0b:48:17:
b3:c4:9c:68:58:fe:24:04:7f:2d:57:ac:ec:d8:c2:
75:ed:00:3b:1f:b2:b9:87:db:b0:f3:26:2b:74:50:
8a:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:30:7F:56:BD:EB:32:0B:95:EA:AB:FE:A5:3B:30:87:A2:08:69:0C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ff2e2d46-44f0-4790-a453-0090beda0015.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.247.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c7:1d:07:33:68:2b:b8:71:a4:37:9f:9e:3b:c5:48:77:5f:52:
5f:df:b9:f3:0a:3c:51:55:e6:4b:a5:86:ef:11:1c:0f:6f:7b:
63:f8:3f:d7:a6:a8:b5:ac:0f:d4:ef:77:e0:e1:78:38:1b:30:
2e:d8:73:1b:a7:08:24:e4:46:35:f8:ca:86:69:03:3c:cd:79:
5b:4e:ab:d8:ce:09:dd:16:33:60:63:db:9c:91:bd:3c:50:67:
8c:0e:27:bf:26:a4:cf:eb:a4:a0:94:43:25:81:ec:49:0c:24:
ac:26:1d:f4:0f:5e:3d:b7:8a:39:4b:f2:4d:b4:ac:cb:6c:14:
fb:22:71:36:23:d8:e0:58:1a:b1:49:96:09:9e:5e:e2:73:63:
60:90:76:49:00:6b:c5:e4:4a:78:04:56:54:60:88:08:97:03:
88:32:52:88:87:43:65:df:3c:37:a0:b0:8c:86:83:94:4b:89:
d2:cb:54:1d:a8:41:2c:70:1a:e9:d3:73:59:2a:a5:60:c0:fb:
51:e8:7e:a5:72:66:22:42:d8:0c:7b:0c:88:28:f6:77:47:54:
7e:5c:34:e6:bc:2d:40:4a:78:92:80:72:87:e5:69:98:f2:db:
8d:af:52:58:a9:36:b6:42:90:60:42:94:15:ca:fe:0b:f7:3b:
0a:f6:1a:d0
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIURPy2tQZ4FAWLu6MSGm1mRspc6W8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMjgwNjMwNDJaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGMxOTQzM2E3NzdmYjFlOWZiNjNjZDcyMWU5OGMwNmVhNzg1ZDU0MzA3MzBl
YzNkMmFhOTU0M2IyNjRmZmJiZWYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO1a0XDGqyaBoRv9Ngek5HCspZDyQNTk1QARr1mzh9/jMgStDMuqydRmzn0n
DRvZKVLNzi3NRXHl4HLQEmO8DmsyvdBsMSC6MkgTs0JC9nH3GA3OBz3Ja6nd/skV
7dSmG7X+Drf0Eeo1Dfd6HBrmQjfhApUdp+ALbWzUAnI3QJcnAAU+JnjiExAoFOJo
0nskU3IsxTi8o6wTUP1BZoPZoXByi0LwwYkboTWdojWBfNY8/mPhUQJKOWKxsW4Q
O8+iWjdYjI4upT/6s+3TQI3+/Mei1kmAh7Byg3jklFREC0gXs8ScaFj+JAR/LVes
7NjCde0AOx+yuYfbsPMmK3RQio0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSzMH9W
vesyC5Xqq/6lOzCHoghpDDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmYyZTJkNDYtNDRmMC00NzkwLWE0NTMtMDA5MGJlZGEwMDE1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMP3MA0G
CSqGSIb3DQEBCwUAA4IBAQDHHQczaCu4caQ3n547xUh3X1Jf37nzCjxRVeZLpYbv
ERwPb3tj+D/Xpqi1rA/U73fg4Xg4GzAu2HMbpwgk5EY1+MqGaQM8zXlbTqvYzgnd
FjNgY9uckb08UGeMDie/JqTP66SglEMlgexJDCSsJh30D149t4o5S/JNtKzLbBT7
InE2I9jgWBqxSZYJnl7ic2NgkHZJAGvF5Ep4BFZUYIgIlwOIMlKIh0Nl3zw3oLCM
hoOUS4nSy1QdqEEscBrp03NZKqVgwPtR6H6lcmYiQtgMewyIKPZ3R1R+XDTmvC1A
SniSgHKH5WmY8tuNr1JYqTa2QpBgQpQVyv4L9zsK9hrQ
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:51:13 2026 by rpki-client