Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7e4eba0d-9f48-42a3-b449-56ce7143e040.roa
File: 7e4eba0d-9f48-42a3-b449-56ce7143e040.roa (raw, json)
Hash identifier: DW37GLLS6obiwYA5jwMANUENGloZTuvQpvGuj1CCDQE=
Subject key identifier: 80:35:13:EB:67:05:B7:CC:D7:A2:73:0E:65:23:F6:98:5E:B0:E1:DE
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1FC324290885373FFD7D8486EC49B2A227AC0C40
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7e4eba0d-9f48-42a3-b449-56ce7143e040.roa
Signing time: Fri 13 Feb 2026 15:30:12 +0000
ROA not before: Fri 13 Feb 2026 15:30:12 +0000
ROA not after: Thu 14 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 185.72.192.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Feb 2026 23:58:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:c3:24:29:08:85:37:3f:fd:7d:84:86:ec:49:b2:a2:27:ac:0c:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 13 15:30:12 2026 GMT
Not After : May 14 23:59:59 2026 GMT
Subject: serialNumber=3be8b8da07994493eacdc8f306df3581e6610b82f378b2169976d527bca30075, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:04:3b:2d:2b:8d:d3:01:fd:f1:de:e5:d3:0f:
46:b5:2e:67:3c:df:56:25:32:85:20:11:56:11:d3:
b2:1c:bc:95:61:9f:e6:6e:39:1c:6c:15:be:a5:a0:
89:23:28:af:2a:99:de:31:fb:ed:2c:d4:40:d2:8f:
27:cf:4f:7f:6e:e5:a4:2b:68:17:b7:cd:7f:17:0f:
c0:5c:ca:30:21:37:1a:ac:bd:63:bd:29:ef:4c:e0:
a9:8a:c3:04:9c:8c:8e:cc:a4:0d:0b:b9:ff:78:a8:
56:14:8e:0e:29:01:4c:f3:48:ab:46:7a:b7:86:64:
49:a1:c6:54:7d:ca:79:26:82:3e:60:7c:40:18:56:
8a:d0:be:d5:79:a1:6a:74:a5:ba:0c:a2:db:0a:84:
2a:26:29:30:1f:5f:e2:17:44:78:10:1a:0a:7b:9b:
73:91:03:95:d1:4e:7b:8d:44:5a:c7:73:e2:29:8f:
8d:f5:1d:d8:1e:96:b8:56:50:b0:2f:eb:cc:0f:c2:
81:ec:07:e0:b9:13:ae:53:f4:3a:00:9f:96:f0:13:
00:ca:f7:78:bb:ec:c6:de:e5:db:2c:7b:a0:6c:3d:
8c:83:5d:5a:c3:14:11:35:66:e5:1c:ed:1e:96:7b:
9d:1f:37:a1:02:2a:31:04:13:a9:58:16:9c:5a:29:
ff:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:35:13:EB:67:05:B7:CC:D7:A2:73:0E:65:23:F6:98:5E:B0:E1:DE
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7e4eba0d-9f48-42a3-b449-56ce7143e040.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.192.0/22
Signature Algorithm: sha256WithRSAEncryption
63:94:6e:bb:37:0b:54:4b:1a:cc:09:fc:cb:9c:28:a0:55:c2:
89:eb:8e:46:d8:3e:69:41:b2:2f:b3:97:91:97:f6:6e:fe:89:
18:49:94:10:fa:49:9b:13:f1:09:04:69:eb:ab:ad:9d:a9:3c:
ae:5d:c2:cd:7c:f0:8b:e3:6b:89:b0:8e:27:a4:09:dd:31:e1:
7d:a7:fc:31:b6:36:3f:a3:53:de:b8:58:b3:ab:a0:67:1f:cc:
dc:e7:56:bb:9d:b3:d2:1b:76:9f:b7:2d:a1:fe:1a:e3:7d:62:
a0:f4:48:7e:6a:7f:d1:36:bf:6b:26:cd:50:26:b4:da:25:f6:
d2:3c:69:13:9c:0b:93:83:cf:18:68:4d:2d:1d:93:46:92:d8:
72:25:1a:05:7d:0d:fc:2e:c4:14:41:1c:df:73:82:df:1f:56:
30:b8:6b:c6:50:b7:2d:51:58:2e:13:b6:6a:00:5b:c4:63:7c:
c9:48:6c:9b:09:36:ea:3a:d3:a2:ab:e9:36:21:13:a5:1e:5d:
6d:c0:be:a8:15:99:3c:05:96:3b:26:24:4c:cb:4d:83:00:03:
4a:92:4f:57:33:c8:9c:6f:1b:99:90:98:d0:21:d8:20:31:b3:
01:27:b5:f2:d3:b9:7f:09:5e:0e:ac:b6:54:90:7a:4b:f6:20:
40:7e:4e:47
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUH8MkKQiFNz/9fYSG7EmyoiesDEAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMTMxNTMwMTJaFw0yNjA1MTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDNiZThiOGRhMDc5OTQ0OTNlYWNkYzhmMzA2ZGYzNTgxZTY2MTBiODJmMzc4
YjIxNjk5NzZkNTI3YmNhMzAwNzUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ4EOy0rjdMB/fHe5dMPRrUuZzzfViUyhSARVhHTshy8lWGf5m45HGwVvqWg
iSMoryqZ3jH77SzUQNKPJ89Pf27lpCtoF7fNfxcPwFzKMCE3Gqy9Y70p70zgqYrD
BJyMjsykDQu5/3ioVhSODikBTPNIq0Z6t4ZkSaHGVH3KeSaCPmB8QBhWitC+1Xmh
anSlugyi2wqEKiYpMB9f4hdEeBAaCnubc5EDldFOe41EWsdz4imPjfUd2B6WuFZQ
sC/rzA/CgewH4LkTrlP0OgCflvATAMr3eLvsxt7l2yx7oGw9jINdWsMUETVm5Rzt
HpZ7nR83oQIqMQQTqVgWnFop/7kCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSANRPr
ZwW3zNeicw5lI/aYXrDh3jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2U0ZWJhMGQtOWY0OC00MmEzLWI0NDktNTZjZTcxNDNlMDQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArlIwDAN
BgkqhkiG9w0BAQsFAAOCAQEAY5RuuzcLVEsazAn8y5wooFXCieuORtg+aUGyL7OX
kZf2bv6JGEmUEPpJmxPxCQRp66utnak8rl3CzXzwi+NribCOJ6QJ3THhfaf8MbY2
P6NT3rhYs6ugZx/M3OdWu52z0ht2n7ctof4a431ioPRIfmp/0Ta/aybNUCa02iX2
0jxpE5wLk4PPGGhNLR2TRpLYciUaBX0N/C7EFEEc33OC3x9WMLhrxlC3LVFYLhO2
agBbxGN8yUhsmwk26jrToqvpNiETpR5dbcC+qBWZPAWWOyYkTMtNgwADSpJPVzPI
nG8bmZCY0CHYIDGzASe18tO5fwleDqy2VJB6S/YgQH5ORw==
-----END CERTIFICATE-----
Generated at Fri Feb 27 06:33:32 2026 by rpki-client