Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8ee7bd52-fc09-4c49-af31-341b51b405e0.roa
File: 8ee7bd52-fc09-4c49-af31-341b51b405e0.roa (raw, json)
Hash identifier: seJlfZqC3C86D2QGUbJllYX9Z6P21ms0hNxSdo32nT8=
Subject key identifier: A6:7B:8E:1B:44:B2:12:76:0D:E4:B4:B8:02:76:DB:CD:92:7D:36:6B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5716A0BCEA5C5F5579E8BA867CAF5BB1301C3BA8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8ee7bd52-fc09-4c49-af31-341b51b405e0.roa
Signing time: Tue 19 May 2026 05:50:09 +0000
ROA not before: Tue 19 May 2026 05:50:09 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 194.234.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jun 2026 01:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:16:a0:bc:ea:5c:5f:55:79:e8:ba:86:7c:af:5b:b1:30:1c:3b:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 05:50:09 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=62a37292cabe25147f4e1ebec42fe41e5f961608dafc29dcf7e98f70b99ac82a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:c5:e7:91:7c:a2:d1:9b:c3:25:f1:f1:8a:94:
5a:73:5c:0e:aa:be:6d:a9:7a:4c:38:b9:c7:79:b0:
8f:65:60:ac:65:91:40:47:0f:40:54:5b:6d:5f:30:
71:ae:22:14:10:54:d9:dc:73:10:31:5e:5b:bc:cc:
c4:82:5e:86:3c:51:e7:62:d0:c8:10:19:a9:c6:64:
b7:dc:df:e0:68:8b:f1:7c:78:b6:3b:91:5c:84:ae:
47:6a:00:8d:99:03:13:8a:8a:70:e4:c2:05:bd:74:
53:a7:08:7f:77:a5:6f:ee:b0:fa:af:4b:f2:82:bd:
bb:1d:73:35:ca:12:41:2c:10:bc:20:d1:f3:32:41:
7e:e3:6f:39:2b:9c:3a:93:4c:4a:9b:82:31:71:5a:
dc:0f:fd:55:e8:cc:15:63:83:8d:67:94:c1:b6:8a:
06:1c:1d:ee:9e:d5:7d:5c:46:de:bb:3b:04:5f:21:
64:46:ea:f9:57:ba:1e:54:c4:ce:99:41:eb:84:75:
b9:10:b0:7b:94:2b:ab:1c:e7:68:a3:6f:77:33:ff:
50:12:53:fe:23:b8:6f:37:e2:7d:d1:ac:97:ea:00:
df:97:4f:16:af:0e:5f:d1:e6:8a:eb:3c:4f:df:0c:
33:0d:b6:30:55:6f:17:fc:5d:80:2a:76:ba:4e:d9:
b5:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:7B:8E:1B:44:B2:12:76:0D:E4:B4:B8:02:76:DB:CD:92:7D:36:6B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8ee7bd52-fc09-4c49-af31-341b51b405e0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.234.0.0/15
Signature Algorithm: sha256WithRSAEncryption
6f:58:81:00:07:51:10:3e:68:d5:48:4e:d4:bf:b0:4f:55:dc:
09:33:f0:a4:99:21:34:9d:ef:c6:51:cb:89:3c:e4:ae:6b:91:
05:ab:54:10:91:13:dd:62:b0:66:55:dd:78:32:ba:72:a3:fb:
60:b6:36:8b:76:d5:2e:f7:97:cd:42:4b:b7:72:59:67:76:f7:
b8:a2:fc:00:4c:ec:99:ae:31:c4:d6:1b:9c:d5:87:13:66:15:
a9:da:27:e5:98:fe:31:74:96:ea:e1:f9:b8:39:57:ca:05:26:
be:3b:c0:e6:30:38:fb:f0:02:a1:8e:17:47:6f:8c:f1:18:29:
ca:c0:b5:6b:e5:3b:2c:d2:8a:5b:b8:fc:56:19:3d:c1:e0:fb:
5e:05:95:4b:ef:61:45:54:0e:d7:68:fd:3a:b6:08:49:9a:3e:
1c:c4:93:77:c1:04:eb:bf:b1:07:be:ee:4f:bc:b5:d3:ac:5b:
3e:11:fe:5e:f8:85:ce:c4:63:bf:ac:50:55:d1:0d:56:f4:d3:
b3:bb:2b:8c:d8:0c:a5:08:59:28:b6:cb:ba:d9:19:91:c2:75:
ca:9a:03:15:9a:15:1e:1c:cd:ff:82:e0:ee:fd:1a:19:b6:96:
8f:30:f8:08:d5:38:c9:81:be:2e:51:70:2a:9b:5c:d4:82:26:
95:ae:15:53
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUVxagvOpcX1V56LqGfK9bsTAcO6gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNTUwMDlaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDYyYTM3MjkyY2FiZTI1MTQ3ZjRlMWViZWM0MmZlNDFlNWY5NjE2MDhkYWZj
MjlkY2Y3ZTk4ZjcwYjk5YWM4MmExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJTF55F8otGbwyXx8YqUWnNcDqq+bal6TDi5x3mwj2VgrGWRQEcPQFRbbV8w
ca4iFBBU2dxzEDFeW7zMxIJehjxR52LQyBAZqcZkt9zf4GiL8Xx4tjuRXISuR2oA
jZkDE4qKcOTCBb10U6cIf3elb+6w+q9L8oK9ux1zNcoSQSwQvCDR8zJBfuNvOSuc
OpNMSpuCMXFa3A/9VejMFWODjWeUwbaKBhwd7p7VfVxG3rs7BF8hZEbq+Ve6HlTE
zplB64R1uRCwe5QrqxznaKNvdzP/UBJT/iO4bzfifdGsl+oA35dPFq8OX9Hmius8
T98MMw22MFVvF/xdgCp2uk7ZtacCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSme44b
RLISdg3ktLgCdtvNkn02azAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGVlN2JkNTItZmMwOS00YzQ5LWFmMzEtMzQxYjUxYjQwNWUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAcLqMA0G
CSqGSIb3DQEBCwUAA4IBAQBvWIEAB1EQPmjVSE7Uv7BPVdwJM/CkmSE0ne/GUcuJ
POSua5EFq1QQkRPdYrBmVd14Mrpyo/tgtjaLdtUu95fNQku3cllndve4ovwATOyZ
rjHE1huc1YcTZhWp2iflmP4xdJbq4fm4OVfKBSa+O8DmMDj78AKhjhdHb4zxGCnK
wLVr5Tss0opbuPxWGT3B4PteBZVL72FFVA7XaP06tghJmj4cxJN3wQTrv7EHvu5P
vLXTrFs+Ef5e+IXOxGO/rFBV0Q1W9NOzuyuM2AylCFkotsu62RmRwnXKmgMVmhUe
HM3/guDu/RoZtpaPMPgI1TjJgb4uUXAqm1zUgiaVrhVT
-----END CERTIFICATE-----
Generated at Tue Jun 2 07:04:35 2026 by rpki-client