Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/383c1f6d-4e0e-4e33-a2ce-f49386dcc1f1.roa
File: 383c1f6d-4e0e-4e33-a2ce-f49386dcc1f1.roa (raw, json)
Hash identifier: 7q72k1SDGo67cuq7wURm59c7VVR397cjgpyxQo+DB5E=
Subject key identifier: AD:6F:7D:60:33:58:6B:ED:F5:7B:90:64:15:FD:9D:46:15:D2:B2:AE
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 56452A6679EDDAF23B45656295612C1CCD4C1CE2
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/383c1f6d-4e0e-4e33-a2ce-f49386dcc1f1.roa
Signing time: Tue 19 May 2026 06:00:53 +0000
ROA not before: Tue 19 May 2026 06:00:53 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 200.224.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Jun 2026 02:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:45:2a:66:79:ed:da:f2:3b:45:65:62:95:61:2c:1c:cd:4c:1c:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 06:00:53 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=bd649b601099321b06635541caea0a73bbb7908b97669be8a6febc7aed316e4d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:8b:09:a0:af:83:9d:11:01:84:9f:db:2f:35:
8a:75:39:8e:14:a6:70:4c:1a:ad:c1:8a:9c:1f:0a:
cc:05:bd:a2:ce:59:ef:da:5e:2a:41:8c:cd:1f:ad:
83:b5:d8:6a:bf:df:55:40:32:7f:ec:f0:8a:c8:63:
d0:40:1a:07:29:e1:bb:4b:6e:c5:a0:0a:d3:bb:ef:
85:9d:78:2c:1a:ad:13:1b:bd:02:54:c8:5f:0c:c0:
7f:29:cb:25:ae:c9:3a:b5:fb:c1:bc:a8:c5:d5:bd:
08:56:ce:4c:3c:2f:d0:c1:61:e7:e8:e6:42:b9:23:
6a:87:f3:f4:7b:64:5b:30:cb:bb:3d:a8:23:85:58:
52:97:97:b1:af:23:eb:ee:78:e4:a9:ae:35:52:f0:
da:a9:d6:42:0e:84:62:0c:c0:55:28:8f:8f:9c:cd:
45:bf:25:12:ac:d9:b7:80:25:c6:bb:63:68:3d:a0:
63:bf:8b:fe:39:f1:82:71:41:0b:95:e8:52:93:ae:
19:2e:9e:fe:39:e4:8a:e3:f2:90:3f:92:3f:1b:e1:
4d:6f:5b:14:5e:f9:aa:fe:58:7f:5f:71:35:12:3b:
bb:16:fd:c4:eb:7d:e2:6d:8a:81:7f:4a:f9:a1:94:
c0:45:45:4a:dc:a1:c0:df:8b:93:51:98:f4:e8:98:
91:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:6F:7D:60:33:58:6B:ED:F5:7B:90:64:15:FD:9D:46:15:D2:B2:AE
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/383c1f6d-4e0e-4e33-a2ce-f49386dcc1f1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
200.224.0.0/16
Signature Algorithm: sha256WithRSAEncryption
06:82:28:63:03:ef:a3:13:40:82:cd:b0:67:c3:8b:7e:a9:7a:
4f:cc:c8:1b:97:96:ed:b2:a0:0d:e2:af:82:57:a8:fa:96:ac:
4c:43:d4:1f:06:83:63:eb:ea:71:6e:82:3d:c5:e6:0d:a7:3e:
8b:49:f8:9f:03:c6:b5:3c:23:ad:4b:18:82:69:09:c1:90:f8:
cb:cb:14:75:b1:4b:ec:cf:d9:e1:07:5b:d5:56:81:e8:79:1e:
89:98:89:46:82:44:34:e8:7e:fc:43:c1:1a:03:63:de:17:29:
5c:47:4b:18:bd:bd:03:3d:4a:e0:bb:5a:9b:d6:bf:36:50:2b:
33:64:38:c3:9d:ac:22:27:45:1f:f2:27:1d:b1:fa:94:0e:ca:
56:e8:c1:07:62:c1:51:9e:02:58:13:f2:b3:5f:13:cd:82:d7:
fe:44:33:64:e1:4a:b8:95:c7:f7:9f:f1:a4:54:9b:85:46:48:
90:d1:57:59:19:2d:6a:bf:56:bb:a7:fb:69:72:f6:f8:57:54:
fc:3a:19:75:ea:6e:f6:04:d2:42:f5:3f:ca:b5:a9:d5:b2:02:
2f:27:bf:3a:65:bc:64:eb:12:a8:67:1d:2c:25:5c:64:86:7b:
0d:51:7d:c7:6b:29:d8:85:f7:b2:32:ae:37:82:0e:96:a6:50:
74:4d:c6:2f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUVkUqZnnt2vI7RWVilWEsHM1MHOIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNjAwNTNaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGJkNjQ5YjYwMTA5OTMyMWIwNjYzNTU0MWNhZWEwYTczYmJiNzkwOGI5NzY2
OWJlOGE2ZmViYzdhZWQzMTZlNGQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOOLCaCvg50RAYSf2y81inU5jhSmcEwarcGKnB8KzAW9os5Z79peKkGMzR+t
g7XYar/fVUAyf+zwishj0EAaBynhu0tuxaAK07vvhZ14LBqtExu9AlTIXwzAfynL
Ja7JOrX7wbyoxdW9CFbOTDwv0MFh5+jmQrkjaofz9HtkWzDLuz2oI4VYUpeXsa8j
6+545KmuNVLw2qnWQg6EYgzAVSiPj5zNRb8lEqzZt4AlxrtjaD2gY7+L/jnxgnFB
C5XoUpOuGS6e/jnkiuPykD+SPxvhTW9bFF75qv5Yf19xNRI7uxb9xOt94m2KgX9K
+aGUwEVFStyhwN+Lk1GY9OiYkaECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBStb31g
M1hr7fV7kGQV/Z1GFdKyrjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MzgzYzFmNmQtNGUwZS00ZTMzLWEyY2UtZjQ5Mzg2ZGNjMWYxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMjgMA0G
CSqGSIb3DQEBCwUAA4IBAQAGgihjA++jE0CCzbBnw4t+qXpPzMgbl5btsqAN4q+C
V6j6lqxMQ9QfBoNj6+pxboI9xeYNpz6LSfifA8a1PCOtSxiCaQnBkPjLyxR1sUvs
z9nhB1vVVoHoeR6JmIlGgkQ06H78Q8EaA2PeFylcR0sYvb0DPUrgu1qb1r82UCsz
ZDjDnawiJ0Uf8icdsfqUDspW6MEHYsFRngJYE/KzXxPNgtf+RDNk4Uq4lcf3n/Gk
VJuFRkiQ0VdZGS1qv1a7p/tpcvb4V1T8Ohl16m72BNJC9T/KtanVsgIvJ786Zbxk
6xKoZx0sJVxkhnsNUX3HaynYhfeyMq43gg6WplB0TcYv
-----END CERTIFICATE-----
Generated at Sat Jun 6 11:58:27 2026 by rpki-client