Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b5ec0568-ce5c-41f8-ae3e-0c14783e4068.roa
File: b5ec0568-ce5c-41f8-ae3e-0c14783e4068.roa (raw, json)
Hash identifier: 2Iw6FGjcm7eFo2urs7/bpSVXrCVFTrmiatsxYnSwa8U=
Subject key identifier: 4E:3C:F7:1A:37:B0:51:FA:B4:1A:E1:67:94:B5:BC:8A:4A:5D:F8:B0
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4E00FBC9B89257B29613AFED523E5630638286E9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b5ec0568-ce5c-41f8-ae3e-0c14783e4068.roa
Signing time: Tue 19 May 2026 06:00:54 +0000
ROA not before: Tue 19 May 2026 06:00:54 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 194.198.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jun 2026 01:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:00:fb:c9:b8:92:57:b2:96:13:af:ed:52:3e:56:30:63:82:86:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 06:00:54 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=649210cb1a2be2af66259ebd0420741f33e96f6ab1acb13d63731875d504ff55, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:3a:dd:8c:2d:6a:68:76:1c:a2:40:cf:ea:11:
da:ea:d3:6e:e0:a0:e1:db:42:40:3d:51:68:f7:70:
4f:a7:b1:c7:fe:eb:34:66:fe:01:a1:e6:cf:31:ca:
74:8d:24:67:00:72:88:16:cf:0b:e8:97:ae:c8:fe:
7f:67:61:60:fd:72:fb:cf:74:f7:80:a3:5c:e9:8f:
6d:08:24:14:0d:f4:2e:e4:38:35:25:01:55:41:9f:
b8:15:7a:67:7f:3b:40:cf:f3:5a:08:87:77:4c:1d:
39:d9:a7:9e:9b:8a:2a:87:35:88:c3:81:17:dd:71:
0e:c1:3f:97:5a:c4:c5:23:0e:e4:1b:af:5d:e2:f5:
00:ac:64:50:f1:13:45:2f:77:5e:3c:93:34:70:28:
82:01:8d:23:22:a9:ac:e6:fc:98:83:4a:4c:b9:bf:
21:66:e6:f5:a0:b2:00:c6:e2:71:05:89:f3:c1:87:
6c:d2:63:ad:70:0c:ec:43:27:6a:c2:16:9f:78:a4:
16:65:7d:8b:0d:af:1c:63:c2:47:68:5a:64:1e:21:
cb:83:f3:08:a9:9b:7e:e1:54:3b:d2:0b:37:95:8c:
32:a5:0f:33:4c:a5:0f:df:90:46:7b:92:31:02:7f:
2a:1b:6e:7a:2a:ca:c4:21:08:08:43:2b:30:72:86:
7d:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:3C:F7:1A:37:B0:51:FA:B4:1A:E1:67:94:B5:BC:8A:4A:5D:F8:B0
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b5ec0568-ce5c-41f8-ae3e-0c14783e4068.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.198.0.0/16
Signature Algorithm: sha256WithRSAEncryption
57:a5:09:d5:0c:18:ab:bf:a4:6b:be:8c:af:9f:ff:8c:3f:3e:
86:3a:69:f3:65:d6:e5:0e:58:5c:60:a6:b5:28:41:7b:09:b9:
df:fd:d2:62:05:cc:38:c2:61:76:f6:62:cb:6f:c5:b7:5f:01:
a8:2b:a3:0b:77:23:c2:fa:e8:c2:2d:3c:b3:e3:a1:8b:9f:0c:
fe:4e:7b:51:5e:42:31:b2:24:4d:3e:8d:fd:1b:77:6e:25:28:
3d:70:bd:71:d4:c9:65:54:68:46:c8:3a:8c:de:0a:7a:df:df:
19:c0:8f:9e:3f:bd:2c:79:74:9f:5b:3b:ff:9c:55:72:f3:83:
b7:ad:39:68:bb:46:fc:ed:3e:db:18:d6:58:ff:95:02:1e:c4:
f2:71:06:47:31:0b:7f:5e:2f:e9:2f:20:c5:7b:3d:db:81:db:
b5:e7:32:f6:90:24:74:4d:ae:5f:14:6e:de:5c:7b:ca:62:68:
6c:ca:5a:bd:b0:cf:89:0d:c7:94:1a:0a:d9:1d:a4:9a:08:83:
83:d3:6e:14:da:67:ba:1a:2b:70:42:cc:62:62:2c:57:66:b7:
54:a1:cb:9d:39:8b:88:a4:7f:c8:47:bb:60:fa:66:f1:53:eb:
9f:e1:16:fe:59:e6:f2:7b:dc:54:43:60:e8:82:99:29:a2:63:
86:6c:a7:49
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUTgD7ybiSV7KWE6/tUj5WMGOChukwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNjAwNTRaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDY0OTIxMGNiMWEyYmUyYWY2NjI1OWViZDA0MjA3NDFmMzNlOTZmNmFiMWFj
YjEzZDYzNzMxODc1ZDUwNGZmNTUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMQ63Ywtamh2HKJAz+oR2urTbuCg4dtCQD1RaPdwT6exx/7rNGb+AaHmzzHK
dI0kZwByiBbPC+iXrsj+f2dhYP1y+89094CjXOmPbQgkFA30LuQ4NSUBVUGfuBV6
Z387QM/zWgiHd0wdOdmnnpuKKoc1iMOBF91xDsE/l1rExSMO5BuvXeL1AKxkUPET
RS93XjyTNHAoggGNIyKprOb8mINKTLm/IWbm9aCyAMbicQWJ88GHbNJjrXAM7EMn
asIWn3ikFmV9iw2vHGPCR2haZB4hy4PzCKmbfuFUO9ILN5WMMqUPM0ylD9+QRnuS
MQJ/KhtueirKxCEICEMrMHKGfdECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBROPPca
N7BR+rQa4WeUtbyKSl34sDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjVlYzA1NjgtY2U1Yy00MWY4LWFlM2UtMGMxNDc4M2U0MDY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMLGMA0G
CSqGSIb3DQEBCwUAA4IBAQBXpQnVDBirv6Rrvoyvn/+MPz6GOmnzZdblDlhcYKa1
KEF7Cbnf/dJiBcw4wmF29mLLb8W3XwGoK6MLdyPC+ujCLTyz46GLnwz+TntRXkIx
siRNPo39G3duJSg9cL1x1MllVGhGyDqM3gp6398ZwI+eP70seXSfWzv/nFVy84O3
rTlou0b87T7bGNZY/5UCHsTycQZHMQt/Xi/pLyDFez3bgdu15zL2kCR0Ta5fFG7e
XHvKYmhsylq9sM+JDceUGgrZHaSaCIOD024U2me6GitwQsxiYixXZrdUocudOYuI
pH/IR7tg+mbxU+uf4Rb+Webye9xUQ2DogpkpomOGbKdJ
-----END CERTIFICATE-----
Generated at Tue Jun 2 04:23:51 2026 by rpki-client