Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e935d64-1d66-4e52-ada3-30f1ed26d564.roa
File: 1e935d64-1d66-4e52-ada3-30f1ed26d564.roa (raw, json)
Hash identifier: Yw2bsxdgeRFxnu6KHFPsdkQ1oIzkcd7CjpnGWUml4OM=
Subject key identifier: F6:B1:9F:91:20:A8:7C:67:65:F7:C7:86:3B:5D:6C:7A:95:34:F9:C7
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 65D54D33F892FC88EEF04200FFAE14CEF0B9F61E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e935d64-1d66-4e52-ada3-30f1ed26d564.roa
Signing time: Tue 19 May 2026 05:40:07 +0000
ROA not before: Tue 19 May 2026 05:40:07 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 145.17.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 02 Jun 2026 07:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:d5:4d:33:f8:92:fc:88:ee:f0:42:00:ff:ae:14:ce:f0:b9:f6:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 05:40:07 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=d9c2a06bf758dfb38a2b407ce13ed5cc84e59ad6016eb51a993bb0d9e5868784, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:93:a1:1c:eb:3e:1d:2a:37:c0:b9:c0:59:3e:
21:11:8e:c5:76:4c:72:97:3d:1e:31:8a:32:f6:17:
21:b1:b5:93:72:70:f2:df:88:5c:b8:33:80:60:f3:
03:99:8f:cc:22:cb:14:a1:d6:6e:ca:dc:a7:f7:69:
3b:84:92:ff:37:f9:5a:b3:83:5f:ab:e9:8b:69:0a:
ed:b0:20:09:d0:cc:a1:5f:06:3f:48:89:e9:60:b4:
3d:fa:53:cd:ef:33:7a:e6:54:16:68:81:49:6d:72:
6e:3c:b3:d1:75:97:bf:40:ca:94:de:c6:73:f8:6c:
a5:2b:b0:ca:fd:47:da:f5:08:da:d6:cf:35:f6:c3:
51:1f:a4:01:27:a4:b7:1a:ad:65:e4:a3:8c:eb:fa:
92:8b:23:94:a0:52:a5:d3:ff:2f:1e:98:17:53:af:
79:87:d4:9e:47:b8:1f:b7:30:79:35:97:c9:d1:f6:
9e:10:19:5e:d9:8d:95:4a:ac:9a:3e:32:79:81:a8:
8b:2e:ce:93:80:73:bf:a4:2a:f9:fb:0b:27:1b:12:
10:ab:72:c6:2c:56:a0:f0:ac:46:6a:2d:6f:a0:64:
0b:e2:57:c9:13:f3:d7:9f:15:49:bd:42:c2:d5:3e:
23:e5:4e:89:30:03:68:b8:e9:aa:8e:d3:32:0b:33:
fa:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:B1:9F:91:20:A8:7C:67:65:F7:C7:86:3B:5D:6C:7A:95:34:F9:C7
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e935d64-1d66-4e52-ada3-30f1ed26d564.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.17.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7f:87:a3:34:ec:14:ab:84:16:35:12:29:99:9f:78:c2:2b:a2:
c0:3d:e7:66:08:eb:2b:3e:10:e2:ef:15:cc:9c:7a:7e:35:5f:
fd:ee:e5:84:5d:b2:1b:3c:44:0d:eb:40:ce:3d:40:5f:5f:b6:
c9:d2:e0:e3:33:a5:72:03:a4:d0:74:78:1a:e0:91:23:73:37:
e3:45:ce:dc:ae:07:6a:ef:a7:39:ee:59:bb:db:d6:e3:6e:83:
9e:a1:bd:65:44:0e:40:c0:7e:88:02:fb:4f:a1:a8:25:0c:8e:
d6:3f:65:d2:db:62:8a:cf:91:ba:07:77:b9:aa:75:44:1e:15:
79:83:50:84:ee:c0:39:b6:a1:d8:41:cf:01:f2:67:e5:f8:6e:
51:11:4a:87:28:a0:cd:15:c6:6d:5f:43:7a:a9:34:f2:5c:30:
dd:37:88:dd:5b:bd:da:0e:09:42:86:7e:e4:9f:fc:b1:b1:49:
16:0c:14:14:31:0c:d7:9f:db:bd:9f:28:3d:bd:62:45:9d:12:
31:51:f6:5a:26:5c:29:91:5b:3f:d9:c1:5e:74:f1:34:74:c5:
6e:4d:0f:f9:c0:85:07:2d:95:18:9e:aa:e0:81:e1:7b:c3:59:
44:b5:f8:b2:16:3e:58:97:32:82:02:1d:24:4b:94:a2:db:19:
8c:de:2b:ad
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUZdVNM/iS/Iju8EIA/64UzvC59h4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNTQwMDdaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ5YzJhMDZiZjc1OGRmYjM4YTJiNDA3Y2UxM2VkNWNjODRlNTlhZDYwMTZl
YjUxYTk5M2JiMGQ5ZTU4Njg3ODQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALWToRzrPh0qN8C5wFk+IRGOxXZMcpc9HjGKMvYXIbG1k3Jw8t+IXLgzgGDz
A5mPzCLLFKHWbsrcp/dpO4SS/zf5WrODX6vpi2kK7bAgCdDMoV8GP0iJ6WC0PfpT
ze8zeuZUFmiBSW1ybjyz0XWXv0DKlN7Gc/hspSuwyv1H2vUI2tbPNfbDUR+kASek
txqtZeSjjOv6kosjlKBSpdP/Lx6YF1OveYfUnke4H7cweTWXydH2nhAZXtmNlUqs
mj4yeYGoiy7Ok4Bzv6Qq+fsLJxsSEKtyxixWoPCsRmotb6BkC+JXyRPz158VSb1C
wtU+I+VOiTADaLjpqo7TMgsz+nECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT2sZ+R
IKh8Z2X3x4Y7XWx6lTT5xzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWU5MzVkNjQtMWQ2Ni00ZTUyLWFkYTMtMzBmMWVkMjZkNTY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJERMA0G
CSqGSIb3DQEBCwUAA4IBAQB/h6M07BSrhBY1EimZn3jCK6LAPedmCOsrPhDi7xXM
nHp+NV/97uWEXbIbPEQN60DOPUBfX7bJ0uDjM6VyA6TQdHga4JEjczfjRc7crgdq
76c57lm729bjboOeob1lRA5AwH6IAvtPoaglDI7WP2XS22KKz5G6B3e5qnVEHhV5
g1CE7sA5tqHYQc8B8mfl+G5REUqHKKDNFcZtX0N6qTTyXDDdN4jdW73aDglChn7k
n/yxsUkWDBQUMQzXn9u9nyg9vWJFnRIxUfZaJlwpkVs/2cFedPE0dMVuTQ/5wIUH
LZUYnqrggeF7w1lEtfiyFj5YlzKCAh0kS5Si2xmM3iut
-----END CERTIFICATE-----
Generated at Mon Jun 1 16:51:26 2026 by rpki-client