Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0cdce43b-0ed9-46d0-bf13-e6d99a26e097.roa
File: 0cdce43b-0ed9-46d0-bf13-e6d99a26e097.roa (raw, json)
Hash identifier: zkG2UOYFCP1QyQiZrSrq1OAEe8OhqaOfboSzxekQyeU=
Subject key identifier: FE:9E:FC:72:84:17:6F:E2:08:CC:95:38:77:63:12:41:2C:BE:A6:61
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 610648DA5B3B0AADBB4D0E5E61C91E7A24F21CC4
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0cdce43b-0ed9-46d0-bf13-e6d99a26e097.roa
Signing time: Mon 27 Apr 2026 00:40:06 +0000
ROA not before: Mon 27 Apr 2026 00:40:06 +0000
ROA not after: Sun 26 Jul 2026 23:59:59 +0000
asID: 16509
IP address blocks: 193.57.170.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 04 May 2026 05:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:06:48:da:5b:3b:0a:ad:bb:4d:0e:5e:61:c9:1e:7a:24:f2:1c:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 27 00:40:06 2026 GMT
Not After : Jul 26 23:59:59 2026 GMT
Subject: serialNumber=c71708d6eeb96f738b39c9291ca850a70bdc562ff45803a3b7dfed7ceb5e7a35, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:df:19:eb:b2:cf:12:4b:49:ba:91:04:3d:e1:
55:34:f2:36:ab:71:40:f2:bc:ef:03:af:2a:40:f8:
55:4c:5d:6c:a8:36:d0:94:4e:2c:39:19:ce:bb:95:
a7:c9:87:43:ad:44:14:3d:e7:cd:a1:3f:75:d3:2a:
ad:e0:66:1a:3f:2e:a0:14:3e:25:89:04:74:b7:df:
4d:b4:7b:cc:92:5d:32:9b:a7:9b:0b:7e:15:ec:21:
97:4c:af:f3:b0:74:65:f6:02:84:67:61:38:86:95:
5d:1a:ed:96:08:e9:09:a8:eb:10:0a:ee:8a:0b:21:
f1:9e:dc:eb:85:3e:9b:5b:6c:34:15:cb:a6:66:08:
63:0a:e6:0c:f9:d9:85:d8:db:f9:e6:40:f8:d5:67:
13:6e:a9:64:18:14:85:48:b9:72:a0:0e:94:6f:7b:
e5:e4:76:3d:aa:e6:b1:b0:20:e4:d1:89:1b:d0:88:
73:be:77:39:b0:ef:32:35:e3:da:07:3b:75:ab:11:
28:fa:4d:a2:b9:38:b9:b9:b0:e0:10:37:24:68:79:
c0:60:31:71:be:b4:a9:7e:65:6d:eb:ec:d2:fe:b3:
a0:8b:dc:f3:83:44:eb:3f:50:4b:67:40:54:42:b0:
d7:da:74:78:34:4f:ad:fd:ae:6f:29:23:ab:39:81:
ed:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:9E:FC:72:84:17:6F:E2:08:CC:95:38:77:63:12:41:2C:BE:A6:61
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0cdce43b-0ed9-46d0-bf13-e6d99a26e097.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.170.0/23
Signature Algorithm: sha256WithRSAEncryption
02:6c:b3:21:d3:b0:b3:10:0f:0f:a4:bb:07:cf:da:b8:c5:b2:
22:cc:f9:20:eb:27:47:b1:7b:d6:ce:29:68:f2:12:d9:bb:d5:
81:24:9c:8d:18:21:14:90:05:77:08:7f:11:c1:b3:94:9c:1e:
90:75:f3:98:b1:d3:8e:8a:20:7f:7d:8b:0c:72:4a:05:e8:67:
93:7d:14:11:d0:3d:05:d8:39:1b:e1:e1:dd:f0:b8:29:e7:04:
8e:5e:30:f7:ff:94:b2:39:ad:6b:8d:50:8e:db:7e:f1:5a:81:
52:22:20:de:84:e4:f1:6b:6a:b5:80:4b:c5:df:b0:46:bf:18:
d1:2e:ed:e2:f5:4b:df:98:1d:95:78:88:53:3d:9a:be:ad:57:
43:bc:2a:47:46:fd:04:50:f3:7f:43:97:a9:40:2b:11:1a:a0:
a0:88:8c:a5:b0:c3:a6:b6:7b:e8:fe:60:70:95:ce:ef:87:9f:
c5:64:56:86:4e:b3:8c:de:0e:e4:b4:b3:10:6f:a0:03:ef:e3:
ff:25:3f:9c:3b:eb:ad:e0:12:fb:c5:11:f8:3a:08:ea:95:63:
97:f0:7b:06:3e:cd:d4:2b:67:62:29:b0:60:ed:79:09:79:03:
98:63:48:19:87:94:df:32:6b:c5:c0:9f:be:7a:0c:c5:bd:a7:
aa:30:27:b5
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUYQZI2ls7Cq27TQ5eYckeeiTyHMQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA0MjcwMDQwMDZaFw0yNjA3MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGM3MTcwOGQ2ZWViOTZmNzM4YjM5YzkyOTFjYTg1MGE3MGJkYzU2MmZmNDU4
MDNhM2I3ZGZlZDdjZWI1ZTdhMzUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL7fGeuyzxJLSbqRBD3hVTTyNqtxQPK87wOvKkD4VUxdbKg20JROLDkZzruV
p8mHQ61EFD3nzaE/ddMqreBmGj8uoBQ+JYkEdLffTbR7zJJdMpunmwt+Fewhl0yv
87B0ZfYChGdhOIaVXRrtlgjpCajrEAruigsh8Z7c64U+m1tsNBXLpmYIYwrmDPnZ
hdjb+eZA+NVnE26pZBgUhUi5cqAOlG975eR2ParmsbAg5NGJG9CIc753ObDvMjXj
2gc7dasRKPpNork4ubmw4BA3JGh5wGAxcb60qX5lbevs0v6zoIvc84NE6z9QS2dA
VEKw19p0eDRPrf2ubykjqzmB7dUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT+nvxy
hBdv4gjMlTh3YxJBLL6mYTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MGNkY2U0M2ItMGVkOS00NmQwLWJmMTMtZTZkOTlhMjZlMDk3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcE5qjAN
BgkqhkiG9w0BAQsFAAOCAQEAAmyzIdOwsxAPD6S7B8/auMWyIsz5IOsnR7F71s4p
aPIS2bvVgSScjRghFJAFdwh/EcGzlJwekHXzmLHTjoogf32LDHJKBehnk30UEdA9
Bdg5G+Hh3fC4KecEjl4w9/+Usjmta41Qjtt+8VqBUiIg3oTk8WtqtYBLxd+wRr8Y
0S7t4vVL35gdlXiIUz2avq1XQ7wqR0b9BFDzf0OXqUArERqgoIiMpbDDprZ76P5g
cJXO74efxWRWhk6zjN4O5LSzEG+gA+/j/yU/nDvrreAS+8UR+DoI6pVjl/B7Bj7N
1CtnYimwYO15CXkDmGNIGYeU3zJrxcCfvnoMxb2nqjAntQ==
-----END CERTIFICATE-----
Generated at Sun May 3 16:11:21 2026 by rpki-client