Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/05d2e6e0-648a-472a-b287-1b954eae646d.roa
File: 05d2e6e0-648a-472a-b287-1b954eae646d.roa (raw, json)
Hash identifier: oq7IZuQnPLsqGefWRSrYlWgEwCxt+Hrjl1e9g0a1JeE=
Subject key identifier: 08:54:00:7E:EC:A5:3E:73:3F:0B:99:27:F4:83:B9:D8:76:D8:78:FE
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 45F3F1A3210A0BD5B4A5850A72B0334DEA70C169
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/05d2e6e0-648a-472a-b287-1b954eae646d.roa
Signing time: Fri 13 Feb 2026 15:30:37 +0000
ROA not before: Fri 13 Feb 2026 15:30:37 +0000
ROA not after: Thu 14 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 83.118.234.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:f3:f1:a3:21:0a:0b:d5:b4:a5:85:0a:72:b0:33:4d:ea:70:c1:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 13 15:30:37 2026 GMT
Not After : May 14 23:59:59 2026 GMT
Subject: serialNumber=a86500705a86bb432b412c5643737554f5110cfefe261655d6f5b31049e2093d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:70:f9:ac:2b:13:40:a1:ef:ac:3c:a1:d1:1f:
1a:59:f9:50:de:58:ee:14:c5:c0:6c:31:42:1b:47:
b1:f2:92:e2:fd:7d:5d:a4:a2:7f:e2:c0:5e:f6:f6:
c2:66:61:e6:30:db:eb:10:d5:5c:9f:c0:d3:c5:b6:
31:7b:0c:c0:79:a3:d6:80:8b:ce:5b:bc:43:4e:c7:
dd:eb:f6:c9:1d:b1:90:a3:a7:55:26:dd:c9:36:0c:
25:4e:4f:2d:4e:37:d7:91:0c:45:ca:b9:24:a2:82:
cd:bd:93:93:8f:da:b2:76:5a:1d:4f:4d:92:e4:13:
e6:bd:cb:24:11:4a:a2:da:4d:dd:70:e4:55:f8:15:
e2:da:f8:47:07:d0:22:3c:c2:23:cb:10:f1:3d:89:
70:b4:46:52:70:04:4a:ec:b9:c1:fe:cb:16:f9:1e:
83:df:30:86:eb:ae:f7:13:ce:d8:49:d1:37:8a:2f:
f0:18:07:3c:34:60:9d:69:9e:aa:aa:fb:5d:c1:95:
e8:5b:65:87:93:8a:ba:04:e0:c5:77:e9:f0:73:2c:
81:7f:92:ed:25:80:8f:e6:8a:4f:67:06:84:60:5d:
d9:2a:48:91:38:38:d8:c6:53:c3:fe:11:45:46:fa:
ae:f3:ea:8e:46:51:ec:74:5e:d2:a3:56:54:d7:6e:
46:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:54:00:7E:EC:A5:3E:73:3F:0B:99:27:F4:83:B9:D8:76:D8:78:FE
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/05d2e6e0-648a-472a-b287-1b954eae646d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.118.234.0/23
Signature Algorithm: sha256WithRSAEncryption
30:4a:05:ba:e0:84:03:fc:e9:86:11:f7:c4:3d:dd:08:24:8a:
56:d0:c3:d3:d7:b5:df:ad:c1:ea:3d:e6:b1:16:04:e4:bb:16:
27:36:97:08:c8:6d:72:5e:9c:ab:c8:33:65:a7:27:b5:5e:25:
6d:84:56:6e:e7:3a:7a:98:a5:d5:d2:ac:30:ac:22:73:46:8d:
a9:35:76:92:71:7b:0c:9f:38:4b:5d:83:4a:05:9e:25:be:fc:
0d:7e:11:f1:a3:30:61:04:74:41:fc:56:6f:43:67:2a:6d:b7:
46:45:ee:55:43:10:5d:c5:c6:8c:3c:ad:ca:ad:b3:50:2d:00:
69:0e:cd:46:f5:47:04:c1:9b:d9:b4:6e:c1:06:c2:84:23:ec:
e1:52:7d:19:ef:a1:2f:b6:3f:13:04:46:4f:c0:b2:d5:ab:cb:
0b:30:52:a1:8a:ed:79:bc:54:57:90:7b:9d:74:14:00:85:68:
12:73:15:49:40:42:c4:21:72:93:12:00:ac:68:d3:c1:c9:5a:
51:49:3d:b0:07:06:d3:b2:da:a7:b3:c1:83:94:53:af:a6:df:
90:db:23:4d:a8:f4:8e:e6:27:4e:08:9e:35:9d:5f:12:3a:04:
9b:56:07:bb:14:11:f7:b5:2b:8e:47:c2:f2:ec:bd:82:8f:02:
72:43:29:7a
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIURfPxoyEKC9W0pYUKcrAzTepwwWkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMTMxNTMwMzdaFw0yNjA1MTQyMzU5NTlaMHoxSTBHBgNV
BAUTQGE4NjUwMDcwNWE4NmJiNDMyYjQxMmM1NjQzNzM3NTU0ZjUxMTBjZmVmZTI2
MTY1NWQ2ZjViMzEwNDllMjA5M2QxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKtw+awrE0Ch76w8odEfGln5UN5Y7hTFwGwxQhtHsfKS4v19XaSif+LAXvb2
wmZh5jDb6xDVXJ/A08W2MXsMwHmj1oCLzlu8Q07H3ev2yR2xkKOnVSbdyTYMJU5P
LU4315EMRcq5JKKCzb2Tk4/asnZaHU9NkuQT5r3LJBFKotpN3XDkVfgV4tr4RwfQ
IjzCI8sQ8T2JcLRGUnAESuy5wf7LFvkeg98whuuu9xPO2EnRN4ov8BgHPDRgnWme
qqr7XcGV6Ftlh5OKugTgxXfp8HMsgX+S7SWAj+aKT2cGhGBd2SpIkTg42MZTw/4R
RUb6rvPqjkZR7HRe0qNWVNduRjUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQIVAB+
7KU+cz8LmSf0g7nYdth4/jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDVkMmU2ZTAtNjQ4YS00NzJhLWIyODctMWI5NTRlYWU2NDZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVN26jAN
BgkqhkiG9w0BAQsFAAOCAQEAMEoFuuCEA/zphhH3xD3dCCSKVtDD09e1363B6j3m
sRYE5LsWJzaXCMhtcl6cq8gzZacntV4lbYRWbuc6epil1dKsMKwic0aNqTV2knF7
DJ84S12DSgWeJb78DX4R8aMwYQR0QfxWb0NnKm23RkXuVUMQXcXGjDytyq2zUC0A
aQ7NRvVHBMGb2bRuwQbChCPs4VJ9Ge+hL7Y/EwRGT8Cy1avLCzBSoYrtebxUV5B7
nXQUAIVoEnMVSUBCxCFykxIArGjTwclaUUk9sAcG07Lap7PBg5RTr6bfkNsjTaj0
juYnTgieNZ1fEjoEm1YHuxQR97UrjkfC8uy9go8CckMpeg==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:49:29 2026 by rpki-client