Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ff2e2d46-44f0-4790-a453-0090beda0015.roa
File: ff2e2d46-44f0-4790-a453-0090beda0015.roa (raw, json)
Hash identifier: A7Oij+Mhn4OXzjVwgSElg8+0Wf1lCYNJRcZhr4Xn8Ps=
Subject key identifier: E8:83:71:29:59:AD:DC:D3:26:E6:B9:51:59:8C:BE:64:31:02:3E:18
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 10DE042E55859C8F3D75927DC6464F2DB43F21B0
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ff2e2d46-44f0-4790-a453-0090beda0015.roa
Signing time: Tue 19 May 2026 05:50:34 +0000
ROA not before: Tue 19 May 2026 05:50:34 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 195.247.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:de:04:2e:55:85:9c:8f:3d:75:92:7d:c6:46:4f:2d:b4:3f:21:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 05:50:34 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=db0a8f79fd1e0e7a8fddb5bacc9f963684e22ef05fc008d76102d9a9eb32ad4b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:f7:c4:cc:ec:66:14:c2:0f:86:fe:c4:64:14:
08:3d:fc:d8:48:4d:85:f1:b8:45:c0:2f:bd:8c:db:
64:8d:2e:cc:0d:9e:db:96:3c:be:42:7d:a9:22:fd:
cd:ff:08:6c:56:e8:06:88:18:f7:c5:c9:34:b9:2a:
63:eb:61:6f:fd:af:00:52:2e:62:73:eb:a2:83:03:
1d:31:23:7e:6a:77:d9:be:8d:22:ca:1c:fc:b6:2b:
83:4a:5c:65:e3:40:89:2c:99:b8:d8:96:84:bb:0a:
a3:e9:a5:50:c3:96:c7:65:d7:c4:f7:19:98:d0:d5:
42:6f:3a:8f:de:64:8e:b3:0a:f4:57:8d:bc:4f:a0:
21:72:39:f5:75:73:87:c6:4b:b8:d3:d1:e0:84:40:
3f:91:07:55:e3:f4:05:cb:f4:26:e2:fe:20:56:8b:
4f:18:33:07:bc:a2:aa:a7:be:07:b3:a9:31:47:67:
06:ef:07:59:f2:05:e6:6c:57:42:cb:e9:b2:61:8a:
6d:95:39:7f:85:a8:cf:97:4d:5a:df:9f:f1:1d:7b:
bb:df:02:b5:e9:fe:2f:f2:1b:a5:19:79:45:44:18:
64:1f:a2:0f:12:24:c3:a5:48:c7:31:59:89:ac:a6:
0c:2e:72:54:18:48:06:fc:88:91:d4:09:64:8c:d5:
a5:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:83:71:29:59:AD:DC:D3:26:E6:B9:51:59:8C:BE:64:31:02:3E:18
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ff2e2d46-44f0-4790-a453-0090beda0015.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.247.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1e:47:3f:fe:12:78:18:8b:d5:6b:94:24:9d:76:3b:11:eb:29:
54:07:b4:22:62:cb:2d:63:2f:ee:07:d0:b8:18:82:ae:c5:d8:
9a:1f:51:d3:9e:3e:b9:19:32:4a:a4:1d:40:d5:d7:4d:c6:a9:
e6:6e:4f:5f:57:80:39:ea:c7:cd:5f:ba:67:ec:ca:74:c9:36:
ed:44:1e:95:a4:a8:ac:de:22:68:c2:fd:84:6f:47:cf:b2:3e:
64:09:50:80:f7:3e:c7:b7:90:64:57:dd:bc:0b:8a:c8:ce:4f:
63:1c:51:bb:bd:1e:8a:74:ef:20:ad:92:9c:91:8b:56:c6:1b:
db:8e:1f:a6:b3:ad:26:3b:09:8d:31:32:c6:d2:24:b0:a5:c3:
6c:68:ac:d1:20:46:ee:85:3e:a7:93:eb:e4:52:a5:1e:01:2a:
39:76:5a:ab:50:23:2f:92:85:20:ac:60:da:eb:76:84:64:09:
4c:95:b9:f1:42:07:9a:b6:22:1c:02:d0:d5:cd:5b:72:e9:0a:
43:d0:fa:b7:64:04:82:e2:bb:f2:6b:1f:10:20:a3:ee:b8:da:
bf:ef:3d:f9:fd:e9:ea:c8:5d:4c:b8:1b:57:fd:ce:ee:b4:0a:
22:47:11:06:35:b4:05:41:b3:86:c5:7b:68:88:18:32:12:56:
9b:ea:2a:93
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUEN4ELlWFnI89dZJ9xkZPLbQ/IbAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNTUwMzRaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGRiMGE4Zjc5ZmQxZTBlN2E4ZmRkYjViYWNjOWY5NjM2ODRlMjJlZjA1ZmMw
MDhkNzYxMDJkOWE5ZWIzMmFkNGIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPf3xMzsZhTCD4b+xGQUCD382EhNhfG4RcAvvYzbZI0uzA2e25Y8vkJ9qSL9
zf8IbFboBogY98XJNLkqY+thb/2vAFIuYnProoMDHTEjfmp32b6NIsoc/LYrg0pc
ZeNAiSyZuNiWhLsKo+mlUMOWx2XXxPcZmNDVQm86j95kjrMK9FeNvE+gIXI59XVz
h8ZLuNPR4IRAP5EHVeP0Bcv0JuL+IFaLTxgzB7yiqqe+B7OpMUdnBu8HWfIF5mxX
QsvpsmGKbZU5f4Woz5dNWt+f8R17u98Cten+L/IbpRl5RUQYZB+iDxIkw6VIxzFZ
iaymDC5yVBhIBvyIkdQJZIzVpZECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTog3Ep
Wa3c0ybmuVFZjL5kMQI+GDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmYyZTJkNDYtNDRmMC00NzkwLWE0NTMtMDA5MGJlZGEwMDE1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMP3MA0G
CSqGSIb3DQEBCwUAA4IBAQAeRz/+EngYi9VrlCSddjsR6ylUB7QiYsstYy/uB9C4
GIKuxdiaH1HTnj65GTJKpB1A1ddNxqnmbk9fV4A56sfNX7pn7Mp0yTbtRB6VpKis
3iJowv2Eb0fPsj5kCVCA9z7Ht5BkV928C4rIzk9jHFG7vR6KdO8grZKckYtWxhvb
jh+ms60mOwmNMTLG0iSwpcNsaKzRIEbuhT6nk+vkUqUeASo5dlqrUCMvkoUgrGDa
63aEZAlMlbnxQgeatiIcAtDVzVty6QpD0Pq3ZASC4rvyax8QIKPuuNq/7z35/enq
yF1MuBtX/c7utAoiRxEGNbQFQbOGxXtoiBgyElab6iqT
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:13:21 2026 by rpki-client