Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7a9d4970-8e9c-4d11-a1c6-772a571334fd.roa
File: 7a9d4970-8e9c-4d11-a1c6-772a571334fd.roa (raw, json)
Hash identifier: MO97I17uOSFlqBNSXO3/xQC+qo9PjAIygl9n1K1GXLQ=
Subject key identifier: 36:CA:8D:38:DC:D3:26:87:1D:D4:FD:A4:E3:18:37:79:EE:F3:31:FC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 06E388FD08CAA05159095B044E624E84C82F257F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7a9d4970-8e9c-4d11-a1c6-772a571334fd.roa
Signing time: Fri 13 Feb 2026 15:30:36 +0000
ROA not before: Fri 13 Feb 2026 15:30:36 +0000
ROA not after: Thu 14 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 185.143.16.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 20 Feb 2026 15:25:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:e3:88:fd:08:ca:a0:51:59:09:5b:04:4e:62:4e:84:c8:2f:25:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 13 15:30:36 2026 GMT
Not After : May 14 23:59:59 2026 GMT
Subject: serialNumber=9c8e4f2b13b07ee1bf83d90d43929610582aeab2cb85579b00a39ebfa56b23e1, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:2e:84:cc:26:3e:f3:50:38:92:03:9e:27:a7:
60:84:c6:75:da:e9:64:d8:b7:71:14:46:4d:a6:1d:
62:7c:d5:c8:05:15:37:da:6c:fd:06:68:d3:9a:1f:
62:51:9f:c4:53:43:8e:b1:31:12:5b:eb:c5:7e:87:
c6:a9:aa:be:07:10:56:1b:39:fc:ec:21:8c:e3:a2:
67:e3:26:cf:bb:84:48:8e:4e:6a:7f:91:03:9f:15:
ad:38:7e:4f:e2:2d:13:42:04:ec:8c:66:fd:9d:f2:
93:16:84:19:dd:e0:f3:ba:df:cc:7a:f2:d5:f3:5f:
f7:a5:cf:d1:51:95:9d:56:a2:22:6f:46:1e:48:64:
16:72:24:4a:e2:2e:35:99:29:85:17:de:8c:c0:90:
fa:0a:46:22:00:b9:38:52:d9:13:49:41:c2:30:2e:
74:72:de:f0:8d:53:64:de:ab:13:bd:c6:5e:74:f1:
03:e0:69:14:c0:89:ba:ee:c6:66:da:ae:c5:cd:a1:
af:3f:49:b4:28:59:37:5f:e3:13:e1:d2:67:aa:a6:
01:f0:3e:4f:57:e6:cb:33:bf:f6:0d:5a:e5:cc:ed:
ba:ca:3a:0e:79:c7:e4:77:89:30:94:a1:ac:58:c7:
67:b1:9a:28:08:99:5e:73:ba:d0:c0:59:5f:28:cd:
83:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:CA:8D:38:DC:D3:26:87:1D:D4:FD:A4:E3:18:37:79:EE:F3:31:FC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7a9d4970-8e9c-4d11-a1c6-772a571334fd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.143.16.0/22
Signature Algorithm: sha256WithRSAEncryption
5a:04:d8:ba:ff:47:ea:41:75:54:1d:dd:86:76:d2:0f:16:66:
18:04:91:88:0e:e8:ad:36:2c:dc:8b:a2:ef:1e:41:70:91:e3:
59:6d:41:1b:ca:64:f5:6e:48:c4:09:c0:d1:bd:49:35:67:f2:
d6:ba:1a:0a:32:29:61:d8:ef:be:88:4c:ba:42:7c:58:01:14:
10:3a:85:66:9d:45:47:02:76:a5:8f:29:b0:44:1b:23:ca:db:
5b:c0:7b:64:79:e8:d0:7c:7f:06:8f:a8:20:8f:b4:d1:1c:ca:
61:18:b6:9c:f9:e2:b6:6b:d5:4e:0c:2a:d3:96:dd:95:1f:0f:
c7:a0:59:d1:98:43:fd:1e:77:3b:38:9d:29:0c:aa:26:8b:93:
a3:af:49:d6:e3:9e:95:2d:34:fd:9f:df:cb:91:53:b4:e1:d0:
23:f6:a8:1a:f2:74:cb:fa:87:22:b4:d9:33:0e:f0:46:25:ee:
a5:70:99:e2:10:de:ad:23:fa:e1:4f:e5:08:c9:8c:47:35:21:
a7:90:73:39:8e:67:d6:40:24:72:96:e6:db:ab:97:81:04:4b:
ab:eb:ce:51:0e:c7:87:14:df:04:8b:2b:dc:3a:00:1a:0e:0a:
d9:4d:53:88:c9:49:b4:26:01:15:9e:db:ce:89:a2:8d:97:71:
d9:63:ce:15
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUBuOI/QjKoFFZCVsETmJOhMgvJX8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMTMxNTMwMzZaFw0yNjA1MTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDljOGU0ZjJiMTNiMDdlZTFiZjgzZDkwZDQzOTI5NjEwNTgyYWVhYjJjYjg1
NTc5YjAwYTM5ZWJmYTU2YjIzZTExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALkuhMwmPvNQOJIDnienYITGddrpZNi3cRRGTaYdYnzVyAUVN9ps/QZo05of
YlGfxFNDjrExElvrxX6HxqmqvgcQVhs5/OwhjOOiZ+Mmz7uESI5Oan+RA58VrTh+
T+ItE0IE7Ixm/Z3ykxaEGd3g87rfzHry1fNf96XP0VGVnVaiIm9GHkhkFnIkSuIu
NZkphRfejMCQ+gpGIgC5OFLZE0lBwjAudHLe8I1TZN6rE73GXnTxA+BpFMCJuu7G
Ztquxc2hrz9JtChZN1/jE+HSZ6qmAfA+T1fmyzO/9g1a5cztuso6DnnH5HeJMJSh
rFjHZ7GaKAiZXnO60MBZXyjNg+UCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ2yo04
3NMmhx3U/aTjGDd57vMx/DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2E5ZDQ5NzAtOGU5Yy00ZDExLWExYzYtNzcyYTU3MTMzNGZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArmPEDAN
BgkqhkiG9w0BAQsFAAOCAQEAWgTYuv9H6kF1VB3dhnbSDxZmGASRiA7orTYs3Iui
7x5BcJHjWW1BG8pk9W5IxAnA0b1JNWfy1roaCjIpYdjvvohMukJ8WAEUEDqFZp1F
RwJ2pY8psEQbI8rbW8B7ZHno0Hx/Bo+oII+00RzKYRi2nPnitmvVTgwq05bdlR8P
x6BZ0ZhD/R53OzidKQyqJouTo69J1uOelS00/Z/fy5FTtOHQI/aoGvJ0y/qHIrTZ
Mw7wRiXupXCZ4hDerSP64U/lCMmMRzUhp5BzOY5n1kAkcpbm26uXgQRLq+vOUQ7H
hxTfBIsr3DoAGg4K2U1TiMlJtCYBFZ7bzomijZdx2WPOFQ==
-----END CERTIFICATE-----
Generated at Thu Feb 19 23:01:58 2026 by rpki-client