Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2dbc9912-b766-4000-9f7c-cb9e37916980.roa
File: 2dbc9912-b766-4000-9f7c-cb9e37916980.roa (raw, json)
Hash identifier: w7VjUeyOTihjMJHSZbnbUv7DIoR1NjV9f3i+FlwkVrY=
Subject key identifier: B0:70:AD:41:B1:B8:93:AA:1A:F2:15:A3:7F:79:76:59:83:77:DA:EA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2EA21F1B56EAF72118098FBFE59202580E5BC0CA
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2dbc9912-b766-4000-9f7c-cb9e37916980.roa
Signing time: Tue 17 Feb 2026 00:00:07 +0000
ROA not before: Tue 17 Feb 2026 00:00:07 +0000
ROA not after: Mon 18 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 83.119.128.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:a2:1f:1b:56:ea:f7:21:18:09:8f:bf:e5:92:02:58:0e:5b:c0:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 17 00:00:07 2026 GMT
Not After : May 18 23:59:59 2026 GMT
Subject: serialNumber=5434017713a195ac65aa480aced837fa0c95096e4d7daded3add18585c1d00ac, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:fa:03:70:a8:82:ea:c5:f6:dc:a6:7c:2b:65:
76:31:b2:34:6b:7c:88:9b:e8:59:28:a8:0a:15:5f:
0f:01:80:77:6e:8c:cf:6d:1c:a4:35:86:f3:66:f9:
89:4b:2b:b7:7c:84:25:24:bf:eb:5d:d2:c3:03:86:
ba:d4:cc:f8:8c:f7:27:ae:c0:ac:6d:6f:cf:8f:94:
12:c9:35:fd:35:30:1e:f4:7e:fa:02:bb:b4:65:cf:
ec:1a:f4:56:f6:8b:47:94:95:be:04:7f:9a:fb:20:
82:64:aa:64:83:05:3a:23:33:2e:b6:61:53:b2:f1:
f1:0f:89:69:63:33:ae:76:34:c4:82:63:b1:68:d7:
3f:61:43:11:ef:e8:5b:82:9f:92:0a:7c:f7:5a:4f:
e8:a1:cc:85:1c:ba:e6:8f:c8:e0:68:f2:00:fd:8f:
d2:ad:84:71:fd:24:ed:c3:10:67:1d:44:69:1d:33:
82:f7:62:da:f9:de:dd:38:ec:02:80:9c:fb:6b:39:
c0:cc:83:09:a9:3c:45:2d:3a:d2:ca:0e:24:a2:c3:
20:12:79:5f:d2:29:1a:3d:4f:b5:6f:8a:3d:92:92:
71:39:0e:38:fc:ec:22:c7:9f:e8:f2:c4:0d:0e:29:
ae:5f:dd:ac:70:f2:e6:8c:6f:0d:95:29:d0:53:51:
ef:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:70:AD:41:B1:B8:93:AA:1A:F2:15:A3:7F:79:76:59:83:77:DA:EA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2dbc9912-b766-4000-9f7c-cb9e37916980.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.119.128.0/18
Signature Algorithm: sha256WithRSAEncryption
87:e5:58:a0:fc:43:6e:74:3c:f1:b4:07:a6:f5:cf:a8:9f:1e:
5f:57:cc:6f:24:8c:b8:89:d2:2a:b4:b3:b4:a9:fa:5c:8c:3e:
0b:ab:7a:f9:82:2e:66:da:f7:81:98:4b:8e:83:0e:3d:e3:86:
9a:f8:f1:9e:3d:c0:5f:46:01:19:ba:db:25:44:ce:ee:1f:83:
de:d5:40:93:5a:c3:9f:e0:e9:d8:51:ea:8a:40:56:df:96:24:
68:78:91:f5:72:bc:5f:88:ca:40:98:e8:01:2e:3e:0e:21:52:
9a:1a:a1:7d:56:37:96:c9:39:cd:e7:dc:1f:1f:c7:4d:4d:e0:
92:09:55:e8:5d:e1:f9:8e:d3:16:c3:1f:51:32:7e:35:4a:f4:
32:db:42:3e:d8:05:9e:f5:df:7d:36:1a:a8:99:48:6d:8c:53:
24:87:58:28:69:84:82:24:7c:a1:07:bb:4f:9f:f8:6e:bc:fd:
b4:1b:c9:6f:26:d3:9d:34:ae:09:a9:93:36:4d:67:19:7a:42:
83:cf:84:10:86:ee:23:5e:49:fb:08:38:54:7f:ec:bf:2a:21:
19:7b:56:da:73:5d:ed:95:61:dc:80:4b:fa:3d:97:c0:6c:5d:
f5:8f:4a:80:44:b2:fc:0c:7b:60:63:6c:e3:61:b3:a9:5e:97:
e6:db:67:85
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIULqIfG1bq9yEYCY+/5ZICWA5bwMowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMTcwMDAwMDdaFw0yNjA1MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDU0MzQwMTc3MTNhMTk1YWM2NWFhNDgwYWNlZDgzN2ZhMGM5NTA5NmU0ZDdk
YWRlZDNhZGQxODU4NWMxZDAwYWMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALL6A3CogurF9tymfCtldjGyNGt8iJvoWSioChVfDwGAd26Mz20cpDWG82b5
iUsrt3yEJSS/613SwwOGutTM+Iz3J67ArG1vz4+UEsk1/TUwHvR++gK7tGXP7Br0
VvaLR5SVvgR/mvsggmSqZIMFOiMzLrZhU7Lx8Q+JaWMzrnY0xIJjsWjXP2FDEe/o
W4Kfkgp891pP6KHMhRy65o/I4GjyAP2P0q2Ecf0k7cMQZx1EaR0zgvdi2vne3Tjs
AoCc+2s5wMyDCak8RS060soOJKLDIBJ5X9IpGj1PtW+KPZKScTkOOPzsIsef6PLE
DQ4prl/drHDy5oxvDZUp0FNR71sCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSwcK1B
sbiTqhryFaN/eXZZg3fa6jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmRiYzk5MTItYjc2Ni00MDAwLTlmN2MtY2I5ZTM3OTE2OTgwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBlN3gDAN
BgkqhkiG9w0BAQsFAAOCAQEAh+VYoPxDbnQ88bQHpvXPqJ8eX1fMbySMuInSKrSz
tKn6XIw+C6t6+YIuZtr3gZhLjoMOPeOGmvjxnj3AX0YBGbrbJUTO7h+D3tVAk1rD
n+Dp2FHqikBW35YkaHiR9XK8X4jKQJjoAS4+DiFSmhqhfVY3lsk5zefcHx/HTU3g
kglV6F3h+Y7TFsMfUTJ+NUr0MttCPtgFnvXffTYaqJlIbYxTJIdYKGmEgiR8oQe7
T5/4brz9tBvJbybTnTSuCamTNk1nGXpCg8+EEIbuI15J+wg4VH/svyohGXtW2nNd
7ZVh3IBL+j2XwGxd9Y9KgESy/Ax7YGNs42GzqV6X5ttnhQ==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:52:50 2026 by rpki-client