Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/01c4adee-b8dc-44e3-959a-e4ab13e63ba7.roa
File: 01c4adee-b8dc-44e3-959a-e4ab13e63ba7.roa (raw, json)
Hash identifier: EShqu5HOHCtFrRxvJ7hG8VeANLa3XjZyWPqdbGEYta0=
Subject key identifier: FC:74:11:29:EB:C3:5A:54:B0:06:DA:67:A2:26:3B:D6:7B:BC:5A:1D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3EE05D63273EDB7DA19C2C1C30382F19B4316EA1
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/01c4adee-b8dc-44e3-959a-e4ab13e63ba7.roa
Signing time: Fri 13 Feb 2026 15:30:37 +0000
ROA not before: Fri 13 Feb 2026 15:30:37 +0000
ROA not after: Thu 14 May 2026 23:59:59 +0000
asID: 8987
IP address blocks: 83.118.234.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:e0:5d:63:27:3e:db:7d:a1:9c:2c:1c:30:38:2f:19:b4:31:6e:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 13 15:30:37 2026 GMT
Not After : May 14 23:59:59 2026 GMT
Subject: serialNumber=1a9d94ada968cb78fb66c3172f2333ab3a206ac75f3a9dd0c53956e4d67805fb, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:25:50:90:68:07:2f:b8:e1:a8:2e:46:2f:6c:
2f:ec:68:e1:c5:c6:9c:db:18:b3:66:54:a1:81:15:
cd:00:c9:f2:ab:2c:b0:07:b2:08:6a:12:77:cd:30:
1a:72:6c:b3:4f:91:c3:42:bb:45:fe:ce:c3:4b:7f:
77:ce:c9:33:11:d9:ed:11:37:3c:2f:53:24:5e:05:
19:9f:fc:33:90:48:8b:a1:96:4d:83:61:9c:42:f5:
7d:b9:e7:4d:c0:f0:f8:f7:8b:03:21:5d:e2:0f:7a:
91:df:d7:ce:8c:e0:e1:1c:35:ac:63:4e:35:52:96:
21:b3:04:c2:18:0a:f9:6e:20:f5:b5:b0:67:0b:60:
76:0d:9f:ab:98:9d:df:bb:a2:14:cb:a6:39:f3:a8:
44:4e:c4:40:99:1b:cb:ae:34:48:10:73:8c:88:ce:
cb:b6:b1:3c:12:d2:f1:10:41:84:15:b3:a9:37:bb:
98:df:36:9f:28:f0:8e:0d:21:45:4a:42:e7:9a:83:
d4:de:83:d7:19:fd:65:8c:13:c4:cb:6f:69:1b:88:
d7:7f:ac:00:74:e5:07:ee:d9:de:eb:c5:2e:0f:e8:
74:71:8b:25:0e:17:a7:94:83:86:4c:3c:e0:62:e2:
db:c3:3f:bb:57:4f:35:c8:4d:ec:4a:13:f2:77:ab:
4b:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:74:11:29:EB:C3:5A:54:B0:06:DA:67:A2:26:3B:D6:7B:BC:5A:1D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/01c4adee-b8dc-44e3-959a-e4ab13e63ba7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.118.234.0/23
Signature Algorithm: sha256WithRSAEncryption
b2:54:b7:da:42:96:64:9a:db:52:60:aa:53:07:e4:63:c1:eb:
cc:98:07:5d:25:a0:b7:ff:98:56:e0:14:f8:4d:91:d9:f2:e2:
db:19:20:bf:65:19:63:91:50:e4:38:d1:56:f4:4c:f5:08:7f:
66:1f:95:4a:3a:bb:6c:d4:62:bc:d8:bd:03:2e:65:f5:43:de:
75:c4:13:11:2c:04:c7:e7:00:9d:06:ed:25:37:8e:8f:3e:2a:
d6:b1:04:60:92:30:04:f7:78:4d:05:fc:da:cb:40:4d:62:8e:
20:fe:fc:f9:ea:5e:4b:af:af:01:eb:5b:7d:1e:29:0e:62:6e:
b6:87:72:05:f0:e6:e7:b4:d8:dd:9a:15:d1:39:2d:ed:1c:63:
c4:f6:05:73:b5:f8:3a:88:16:bb:37:d2:c4:64:d2:23:cf:7b:
b0:28:86:a1:a3:d2:84:a4:41:aa:e0:ed:38:5b:ea:de:10:60:
c8:48:f8:07:d0:96:ae:d7:4d:a0:ed:7b:d4:c2:0a:05:24:85:
19:0a:2a:3a:b1:8c:5a:ab:af:f3:06:c5:72:a3:a3:b4:64:f1:
83:00:45:f4:6d:9f:de:48:dd:f4:ab:c6:5a:06:4b:83:a5:10:
4d:20:18:a8:1e:4b:04:f3:b0:a2:70:23:66:1c:42:42:8b:f0:
f4:bb:30:41
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUPuBdYyc+232hnCwcMDgvGbQxbqEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMTMxNTMwMzdaFw0yNjA1MTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDFhOWQ5NGFkYTk2OGNiNzhmYjY2YzMxNzJmMjMzM2FiM2EyMDZhYzc1ZjNh
OWRkMGM1Mzk1NmU0ZDY3ODA1ZmIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKElUJBoBy+44aguRi9sL+xo4cXGnNsYs2ZUoYEVzQDJ8qsssAeyCGoSd80w
GnJss0+Rw0K7Rf7Ow0t/d87JMxHZ7RE3PC9TJF4FGZ/8M5BIi6GWTYNhnEL1fbnn
TcDw+PeLAyFd4g96kd/Xzozg4Rw1rGNONVKWIbMEwhgK+W4g9bWwZwtgdg2fq5id
37uiFMumOfOoRE7EQJkby640SBBzjIjOy7axPBLS8RBBhBWzqTe7mN82nyjwjg0h
RUpC55qD1N6D1xn9ZYwTxMtvaRuI13+sAHTlB+7Z3uvFLg/odHGLJQ4Xp5SDhkw8
4GLi28M/u1dPNchN7EoT8nerSzUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT8dBEp
68NaVLAG2meiJjvWe7xaHTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDFjNGFkZWUtYjhkYy00NGUzLTk1OWEtZTRhYjEzZTYzYmE3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVN26jAN
BgkqhkiG9w0BAQsFAAOCAQEAslS32kKWZJrbUmCqUwfkY8HrzJgHXSWgt/+YVuAU
+E2R2fLi2xkgv2UZY5FQ5DjRVvRM9Qh/Zh+VSjq7bNRivNi9Ay5l9UPedcQTESwE
x+cAnQbtJTeOjz4q1rEEYJIwBPd4TQX82stATWKOIP78+epeS6+vAetbfR4pDmJu
todyBfDm57TY3ZoV0Tkt7RxjxPYFc7X4OogWuzfSxGTSI897sCiGoaPShKRBquDt
OFvq3hBgyEj4B9CWrtdNoO171MIKBSSFGQoqOrGMWquv8wbFcqOjtGTxgwBF9G2f
3kjd9KvGWgZLg6UQTSAYqB5LBPOwonAjZhxCQovw9LswQQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:23:29 2026 by rpki-client