Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d485a465-65e9-4a19-a397-f29d1a36d166.roa
File: d485a465-65e9-4a19-a397-f29d1a36d166.roa (raw, json)
Hash identifier: WXgfm6dC4uR8OEH54n37FEGjVLeTmBPDHhqRjlig4zI=
Subject key identifier: BB:FD:BD:02:9C:03:C3:19:C2:18:6B:B8:D2:35:FC:79:3B:A1:05:DE
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1AF48EAEC426111DC6537927CA619C3A315B7C67
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d485a465-65e9-4a19-a397-f29d1a36d166.roa
Signing time: Tue 19 May 2026 06:00:10 +0000
ROA not before: Tue 19 May 2026 06:00:10 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 195.17.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jun 2026 01:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:f4:8e:ae:c4:26:11:1d:c6:53:79:27:ca:61:9c:3a:31:5b:7c:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 06:00:10 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=22c7ea15c7632c37d62d8461760fc06790b57c2d0e065ab741c5778d2fda7fa5, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:c1:02:ed:17:29:30:3d:b7:53:c2:ca:88:44:
ec:1a:0a:7f:93:ee:26:9d:b8:56:2c:06:81:70:73:
e2:a7:76:48:2f:10:69:02:56:25:e6:a1:03:91:c7:
64:27:a8:b1:e3:0a:e3:56:20:61:87:0f:95:93:62:
24:5d:cd:62:bf:8f:66:b6:b8:86:9a:78:81:8f:ad:
d8:e1:7c:d1:4d:f5:48:a0:96:82:69:aa:85:b6:86:
c4:53:11:42:9f:83:28:fb:1a:75:63:41:8c:3b:c2:
eb:7b:30:c3:82:d3:64:23:59:e3:5f:8d:b2:99:97:
44:5d:0a:c8:db:73:8d:3c:e4:cf:a6:8b:bf:d1:f0:
be:e1:d8:08:62:32:ba:e8:f2:6d:b0:57:54:dc:49:
2e:04:62:fd:5b:6c:2a:66:06:18:99:93:ad:b1:75:
62:cf:1a:e8:ad:96:34:69:49:a8:cb:90:0a:81:8d:
c7:3a:58:69:c6:c9:ff:64:4c:7f:ea:a2:88:3f:be:
07:6c:41:cf:ea:a6:29:db:e1:51:43:c2:95:49:34:
00:85:5a:83:dc:ae:7e:14:09:f6:ea:89:70:c6:f0:
a6:19:ae:43:0c:a7:31:e5:47:19:fb:c8:ad:2a:52:
fe:3f:05:c6:60:fa:02:0e:ea:81:d9:58:e0:6b:57:
cf:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:FD:BD:02:9C:03:C3:19:C2:18:6B:B8:D2:35:FC:79:3B:A1:05:DE
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d485a465-65e9-4a19-a397-f29d1a36d166.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.17.0.0/24
Signature Algorithm: sha256WithRSAEncryption
c5:5c:07:14:be:37:5d:e0:e5:ae:98:13:e1:14:14:d7:70:d9:
5d:94:98:c0:3d:9b:5a:97:27:9f:28:be:40:18:a0:a3:09:ce:
e0:05:f8:8c:5b:06:fe:36:c1:15:62:35:3c:bb:b0:99:10:d4:
68:03:a7:5e:46:d9:b4:c2:d0:ff:4e:5c:0c:65:5f:38:c9:c4:
90:9f:9b:ae:b0:0c:d5:4a:78:76:e6:87:cc:12:4e:c3:72:26:
11:0f:45:8a:2f:2e:85:fd:6a:0a:02:42:a7:5a:26:cb:02:84:
a1:7b:13:12:58:4a:79:39:a8:9d:c4:2a:d7:cf:5b:14:96:42:
dc:71:8c:f2:fa:8d:25:72:d3:1f:08:b1:b2:31:af:f9:cf:6e:
7c:2b:a9:00:8d:9c:f7:97:a2:f1:a2:71:0d:d4:f1:0a:1f:45:
dd:fd:0e:c2:b9:26:59:db:d9:ee:50:8e:18:23:e9:70:c4:07:
b1:ee:c4:07:15:76:d9:65:df:9e:96:9f:a4:dc:eb:8f:59:50:
0d:63:8f:1e:3b:b0:10:11:7d:88:cd:b2:c7:e2:cb:f8:19:ad:
7a:ca:fb:0f:27:b7:80:f6:2d:f7:be:97:4d:54:a6:2f:f9:7b:
ab:99:ae:cd:5c:0d:9a:c5:96:f8:3d:58:91:c9:cc:19:5f:76:
21:62:1a:db
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUGvSOrsQmER3GU3knymGcOjFbfGcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNjAwMTBaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDIyYzdlYTE1Yzc2MzJjMzdkNjJkODQ2MTc2MGZjMDY3OTBiNTdjMmQwZTA2
NWFiNzQxYzU3NzhkMmZkYTdmYTUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMDBAu0XKTA9t1PCyohE7BoKf5PuJp24ViwGgXBz4qd2SC8QaQJWJeahA5HH
ZCeoseMK41YgYYcPlZNiJF3NYr+PZra4hpp4gY+t2OF80U31SKCWgmmqhbaGxFMR
Qp+DKPsadWNBjDvC63sww4LTZCNZ41+NspmXRF0KyNtzjTzkz6aLv9HwvuHYCGIy
uujybbBXVNxJLgRi/VtsKmYGGJmTrbF1Ys8a6K2WNGlJqMuQCoGNxzpYacbJ/2RM
f+qiiD++B2xBz+qmKdvhUUPClUk0AIVag9yufhQJ9uqJcMbwphmuQwynMeVHGfvI
rSpS/j8FxmD6Ag7qgdlY4GtXzxECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBS7/b0C
nAPDGcIYa7jSNfx5O6EF3jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDQ4NWE0NjUtNjVlOS00YTE5LWEzOTctZjI5ZDFhMzZkMTY2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMMRADAN
BgkqhkiG9w0BAQsFAAOCAQEAxVwHFL43XeDlrpgT4RQU13DZXZSYwD2bWpcnnyi+
QBigownO4AX4jFsG/jbBFWI1PLuwmRDUaAOnXkbZtMLQ/05cDGVfOMnEkJ+brrAM
1Up4duaHzBJOw3ImEQ9Fii8uhf1qCgJCp1omywKEoXsTElhKeTmoncQq189bFJZC
3HGM8vqNJXLTHwixsjGv+c9ufCupAI2c95ei8aJxDdTxCh9F3f0OwrkmWdvZ7lCO
GCPpcMQHse7EBxV22WXfnpafpNzrj1lQDWOPHjuwEBF9iM2yx+LL+Bmtesr7Dye3
gPYt976XTVSmL/l7q5muzVwNmsWW+D1YkcnMGV92IWIa2w==
-----END CERTIFICATE-----
Generated at Tue Jun 2 08:54:48 2026 by rpki-client