Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/15288dfc-bb6b-43a2-9ec3-7275954dae14.roa
File: 15288dfc-bb6b-43a2-9ec3-7275954dae14.roa (raw, json)
Hash identifier: UZn8xffU8L+b2Kp9hbsuv4eM0/RhRTIdhwHDjLaw0bg=
Subject key identifier: 05:F2:2C:00:03:CE:D8:A6:8D:A5:32:9B:45:03:14:D0:DA:CE:84:11
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7017BCC3ED820D40CB14CD74FEB3F2C556D7C8AA
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/15288dfc-bb6b-43a2-9ec3-7275954dae14.roa
Signing time: Tue 17 Feb 2026 00:00:07 +0000
ROA not before: Tue 17 Feb 2026 00:00:07 +0000
ROA not after: Mon 18 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 83.119.160.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:17:bc:c3:ed:82:0d:40:cb:14:cd:74:fe:b3:f2:c5:56:d7:c8:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 17 00:00:07 2026 GMT
Not After : May 18 23:59:59 2026 GMT
Subject: serialNumber=3f135166161670698b5c90b7e7a59f0d6e0b675c84d2a4eb51b60a24f8904597, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:e2:ac:e3:6e:14:8b:f8:5f:ee:d7:e0:89:66:
51:ec:f1:dd:e7:9b:73:8a:42:c0:d3:3d:d3:49:e6:
4d:18:d0:10:c5:7a:03:53:1c:7a:f7:82:6b:b4:95:
f6:90:14:9b:a8:29:d3:90:94:1d:78:a3:4a:10:75:
e3:1a:84:82:89:33:ea:0f:bc:74:b1:72:a7:46:53:
61:33:06:c3:27:14:0e:0c:50:10:43:8a:2f:d0:28:
55:aa:ec:58:26:a4:4e:d6:fa:5c:39:41:90:a9:e2:
2f:a5:db:8e:d1:72:c1:c9:d7:a9:6a:e3:32:57:2b:
25:11:a1:70:b9:fa:d8:1f:6f:8d:07:58:f8:01:f4:
07:4a:1d:5d:a3:c5:58:f8:c1:08:6c:7a:f3:e6:6b:
a4:41:f3:9d:bb:b6:73:bc:13:06:a4:6c:6d:dd:3f:
47:41:99:73:32:35:d2:7c:cc:f4:d1:64:51:8b:6e:
f6:24:8a:3a:46:48:ad:fb:f4:86:a7:67:ed:e2:2c:
6f:cb:35:14:0e:9d:75:d4:f1:5d:1a:cb:9c:58:51:
8c:07:f0:a7:0b:fd:b9:70:6a:29:13:cb:03:0f:b1:
e6:6a:bd:ea:a2:a7:b9:23:c2:37:13:85:b0:3c:13:
82:15:d4:49:00:e8:a7:da:af:f8:19:35:03:c7:04:
7d:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:F2:2C:00:03:CE:D8:A6:8D:A5:32:9B:45:03:14:D0:DA:CE:84:11
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/15288dfc-bb6b-43a2-9ec3-7275954dae14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.119.160.0/19
Signature Algorithm: sha256WithRSAEncryption
92:fb:4d:09:94:ce:19:74:4e:4a:48:73:b8:ba:17:93:1b:bd:
85:96:cf:cc:93:61:92:44:c6:a5:3d:23:eb:0f:a8:f0:bc:af:
30:14:d3:5d:8c:5b:e7:64:d1:6c:06:94:ab:d8:55:a4:64:e0:
5b:80:a7:10:3d:31:4e:1a:77:76:84:36:77:7b:39:81:b9:aa:
1b:e3:00:2e:8c:5f:ac:f4:6d:f0:d9:45:93:87:d9:35:04:19:
8c:12:9b:74:ad:60:86:77:4e:fc:b9:0b:13:c7:5a:13:18:c1:
3c:3e:bc:45:e6:ae:a2:35:b0:1f:c2:b3:e4:ea:23:bd:a3:f9:
f8:73:80:63:09:86:cc:6a:c5:60:1d:2c:1e:4f:e9:a2:46:8b:
f6:c6:b1:ed:4b:9f:16:47:d6:06:2c:63:7c:a5:8e:41:96:8b:
32:4f:f2:0d:c4:37:81:29:10:a3:1f:ad:ba:ab:b2:2d:44:a6:
9e:14:33:27:01:51:b5:2d:08:4c:21:e0:bb:f3:cf:33:e8:1b:
8c:ac:c8:53:44:0f:62:a6:12:01:b1:10:f1:70:8d:62:3d:b0:
b5:e0:bb:d3:c9:8e:e0:7a:f7:34:a9:cc:27:27:74:81:5e:dc:
8b:79:3e:25:11:ab:8b:b2:a1:5d:06:de:02:98:bc:42:68:a2:
a5:4a:df:7c
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUcBe8w+2CDUDLFM10/rPyxVbXyKowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMTcwMDAwMDdaFw0yNjA1MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDNmMTM1MTY2MTYxNjcwNjk4YjVjOTBiN2U3YTU5ZjBkNmUwYjY3NWM4NGQy
YTRlYjUxYjYwYTI0Zjg5MDQ1OTcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALzirONuFIv4X+7X4IlmUezx3eebc4pCwNM900nmTRjQEMV6A1MceveCa7SV
9pAUm6gp05CUHXijShB14xqEgokz6g+8dLFyp0ZTYTMGwycUDgxQEEOKL9AoVars
WCakTtb6XDlBkKniL6XbjtFywcnXqWrjMlcrJRGhcLn62B9vjQdY+AH0B0odXaPF
WPjBCGx68+ZrpEHznbu2c7wTBqRsbd0/R0GZczI10nzM9NFkUYtu9iSKOkZIrfv0
hqdn7eIsb8s1FA6dddTxXRrLnFhRjAfwpwv9uXBqKRPLAw+x5mq96qKnuSPCNxOF
sDwTghXUSQDop9qv+Bk1A8cEfY0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQF8iwA
A87Ypo2lMptFAxTQ2s6EETAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTUyODhkZmMtYmI2Yi00M2EyLTllYzMtNzI3NTk1NGRhZTE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBVN3oDAN
BgkqhkiG9w0BAQsFAAOCAQEAkvtNCZTOGXROSkhzuLoXkxu9hZbPzJNhkkTGpT0j
6w+o8LyvMBTTXYxb52TRbAaUq9hVpGTgW4CnED0xThp3doQ2d3s5gbmqG+MALoxf
rPRt8NlFk4fZNQQZjBKbdK1ghndO/LkLE8daExjBPD68ReauojWwH8Kz5OojvaP5
+HOAYwmGzGrFYB0sHk/pokaL9sax7UufFkfWBixjfKWOQZaLMk/yDcQ3gSkQox+t
uquyLUSmnhQzJwFRtS0ITCHgu/PPM+gbjKzIU0QPYqYSAbEQ8XCNYj2wteC708mO
4Hr3NKnMJyd0gV7ci3k+JRGri7KhXQbeApi8QmiipUrffA==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:51:29 2026 by rpki-client