Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6df8accc-a525-49ec-ad13-7401de62f775.roa
File: 6df8accc-a525-49ec-ad13-7401de62f775.roa (raw, json)
Hash identifier: uQxPnYGlwoTt9GKfat1ReuluinzsCZ9nTx0D1V6PKKY=
Subject key identifier: F8:AA:E5:AD:FE:A3:D6:F6:81:44:6C:F7:78:63:51:A1:AB:33:E2:A2
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 05417700E678BC5782FAE366B2C89E1E971CAF97
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6df8accc-a525-49ec-ad13-7401de62f775.roa
Signing time: Tue 19 May 2026 05:50:35 +0000
ROA not before: Tue 19 May 2026 05:50:35 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 159.109.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Jun 2026 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:41:77:00:e6:78:bc:57:82:fa:e3:66:b2:c8:9e:1e:97:1c:af:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 05:50:35 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=31ccd04bc5981d9a16f78f1315750520b0677660ae6945430be7e90a867b3d3d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:70:13:7d:ed:47:e6:c0:70:3a:9d:46:42:3d:
d1:14:e1:b2:ac:16:a3:f4:0e:e7:cf:d3:13:d3:84:
4d:b4:77:0d:39:0d:e9:9d:3e:9f:87:45:6e:61:2c:
96:56:86:1b:0e:ff:fc:f9:bb:92:15:1d:68:2b:d2:
f4:2f:e4:c1:98:2c:a4:23:6d:7d:8e:9e:f4:50:6d:
59:ff:a0:bf:54:6c:2c:41:d9:51:77:bb:ab:8f:9d:
b4:6c:8d:4f:94:66:e8:b0:f7:5e:54:e9:73:e5:f4:
c8:4b:1f:52:da:b0:4d:68:6c:ac:4c:4b:74:b6:49:
96:33:50:3a:9c:d4:9d:d2:f3:f5:ad:96:bc:47:a6:
84:e1:22:ab:3b:fd:14:ec:fe:80:99:21:dd:c4:ee:
b6:a0:2a:7a:a0:8b:9d:6a:35:7f:2b:93:7e:aa:88:
6c:19:a3:f7:fd:fa:1b:d8:7d:c1:49:48:79:23:3f:
52:ed:54:80:24:2a:2d:e9:0a:47:e3:2a:c1:69:99:
ae:ed:2f:ef:e2:ba:20:45:61:6f:cf:2a:a1:ba:bd:
f0:b6:6b:72:78:bc:fc:9e:e1:e3:37:98:28:17:76:
88:a1:81:c9:0c:e8:e1:ab:b2:7d:7b:ef:72:ad:b5:
bb:b2:bb:4b:ba:39:5d:63:59:28:0a:66:80:7e:31:
08:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:AA:E5:AD:FE:A3:D6:F6:81:44:6C:F7:78:63:51:A1:AB:33:E2:A2
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6df8accc-a525-49ec-ad13-7401de62f775.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.109.0.0/16
Signature Algorithm: sha256WithRSAEncryption
be:89:0f:f2:1f:b8:ae:97:20:d5:e4:6a:0f:c1:01:37:cf:29:
81:e2:f8:5b:79:ff:13:87:d7:da:63:a4:4a:e2:9c:a7:43:bc:
8a:85:c3:85:3f:f8:bf:4e:ab:cb:61:ff:36:37:f8:5b:22:4d:
e1:e9:9a:d9:be:b8:49:0e:e3:ad:92:26:72:ee:09:0e:58:fc:
87:a6:80:8c:c5:b3:28:2e:12:a4:61:fd:ab:ec:40:50:11:ec:
fb:cc:82:37:70:50:33:63:03:44:ca:25:5e:d7:83:d9:43:52:
2f:f1:ab:29:d7:82:02:21:27:d5:59:e5:3d:9d:90:e0:0a:71:
43:2b:99:60:0c:c2:e3:04:b4:51:1a:d3:bf:02:f1:be:3a:4e:
82:df:fd:82:df:69:5f:c1:bb:df:63:41:cb:33:1a:35:09:f6:
8f:e2:18:6e:42:f4:17:de:97:61:db:e5:89:89:08:82:ca:ed:
5d:80:16:cc:7b:08:43:22:12:b0:81:46:06:f5:a9:bf:c5:db:
00:f4:8c:c9:93:e9:61:9e:3e:c3:d2:25:d7:69:12:bf:9b:7e:
18:85:f6:64:48:e1:73:7c:7e:d3:2d:fe:20:ef:69:89:30:b9:
7e:b4:71:ad:c8:53:54:68:b9:27:67:0e:e2:35:99:f3:b7:b3:
a0:ad:c6:20
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUBUF3AOZ4vFeC+uNmssieHpccr5cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNTUwMzVaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDMxY2NkMDRiYzU5ODFkOWExNmY3OGYxMzE1NzUwNTIwYjA2Nzc2NjBhZTY5
NDU0MzBiZTdlOTBhODY3YjNkM2QxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMZwE33tR+bAcDqdRkI90RThsqwWo/QO58/TE9OETbR3DTkN6Z0+n4dFbmEs
llaGGw7//Pm7khUdaCvS9C/kwZgspCNtfY6e9FBtWf+gv1RsLEHZUXe7q4+dtGyN
T5Rm6LD3XlTpc+X0yEsfUtqwTWhsrExLdLZJljNQOpzUndLz9a2WvEemhOEiqzv9
FOz+gJkh3cTutqAqeqCLnWo1fyuTfqqIbBmj9/36G9h9wUlIeSM/Uu1UgCQqLekK
R+MqwWmZru0v7+K6IEVhb88qobq98LZrcni8/J7h4zeYKBd2iKGByQzo4auyfXvv
cq21u7K7S7o5XWNZKApmgH4xCI0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT4quWt
/qPW9oFEbPd4Y1GhqzPiojAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NmRmOGFjY2MtYTUyNS00OWVjLWFkMTMtNzQwMWRlNjJmNzc1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJ9tMA0G
CSqGSIb3DQEBCwUAA4IBAQC+iQ/yH7iulyDV5GoPwQE3zymB4vhbef8Th9faY6RK
4pynQ7yKhcOFP/i/TqvLYf82N/hbIk3h6ZrZvrhJDuOtkiZy7gkOWPyHpoCMxbMo
LhKkYf2r7EBQEez7zII3cFAzYwNEyiVe14PZQ1Iv8asp14ICISfVWeU9nZDgCnFD
K5lgDMLjBLRRGtO/AvG+Ok6C3/2C32lfwbvfY0HLMxo1CfaP4hhuQvQX3pdh2+WJ
iQiCyu1dgBbMewhDIhKwgUYG9am/xdsA9IzJk+lhnj7D0iXXaRK/m34YhfZkSOFz
fH7TLf4g72mJMLl+tHGtyFNUaLknZw7iNZnzt7OgrcYg
-----END CERTIFICATE-----
Generated at Sat Jun 6 04:33:40 2026 by rpki-client