Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f244d46-87ad-4224-b593-bd81b505345a.roa
File: 7f244d46-87ad-4224-b593-bd81b505345a.roa (raw, json)
Hash identifier: 8Nq8dmCC0Bd3t6cU/UzMnOh+rVCy/nNPD5ct8qtf2Ec=
Subject key identifier: 06:34:73:B1:D2:6B:94:83:69:70:22:27:12:0B:C8:98:FA:EE:6C:06
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 250BE1B3887F16E524B0B68443058D0919D954D3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f244d46-87ad-4224-b593-bd81b505345a.roa
Signing time: Fri 06 Feb 2026 00:40:29 +0000
ROA not before: Fri 06 Feb 2026 00:40:29 +0000
ROA not after: Thu 07 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 83.119.64.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:0b:e1:b3:88:7f:16:e5:24:b0:b6:84:43:05:8d:09:19:d9:54:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 6 00:40:29 2026 GMT
Not After : May 7 23:59:59 2026 GMT
Subject: serialNumber=050806396c55931e88d6d0640c1e62bc4f217e5fa543be5cfeaad63f902f9034, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:04:89:f1:b1:aa:fb:e6:9d:46:ca:93:91:c8:
3d:84:7d:39:b4:ad:62:6e:ad:28:41:e1:61:a7:e4:
da:8e:be:14:64:42:fb:dc:45:2d:68:50:86:61:65:
ba:0b:2e:09:17:27:91:75:4d:18:8b:4c:d6:59:2c:
45:6e:0c:27:3f:06:08:00:ce:02:32:f0:54:84:dc:
62:09:37:11:f4:49:d7:b8:04:a3:bb:d6:ab:3e:28:
a1:5e:61:f5:c8:f2:0e:ef:a7:7d:3d:61:e1:9a:69:
1c:39:7d:58:11:9c:ff:a6:6c:d5:45:67:f8:25:10:
2a:f0:b7:12:91:52:e4:81:07:44:11:db:10:11:c4:
46:06:02:41:84:59:e5:d8:6b:2c:fb:da:6f:bb:50:
fd:2d:03:de:4b:34:7e:1c:c6:b0:61:48:32:c1:bb:
ed:f8:36:78:a4:14:9d:fa:ad:41:23:58:a1:f0:4c:
fd:b3:39:0d:70:0b:ca:06:6f:12:c6:54:f8:24:1b:
30:b8:3c:f9:38:4e:c9:14:3d:09:1c:8c:35:9c:6e:
20:ee:fc:61:69:ef:e6:ab:db:bd:fc:3d:2d:f6:f1:
59:97:10:94:d7:73:40:e3:07:74:5c:87:e7:f8:32:
e2:ba:db:d0:60:45:78:fe:71:39:c2:56:64:77:ec:
3d:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:34:73:B1:D2:6B:94:83:69:70:22:27:12:0B:C8:98:FA:EE:6C:06
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f244d46-87ad-4224-b593-bd81b505345a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.119.64.0/18
Signature Algorithm: sha256WithRSAEncryption
2f:e2:0d:3b:ff:30:83:ed:f9:83:6f:53:04:2c:53:fc:b7:06:
7f:a5:e4:4d:b5:e2:ce:e4:6f:be:6e:4f:f9:5b:ba:e2:ab:fa:
53:f8:e5:ef:22:5f:ac:e1:92:e7:69:da:4b:e3:0f:f2:92:f3:
3b:ca:d3:88:62:1b:5d:83:d2:01:14:8f:aa:31:a8:7d:ed:22:
0b:69:ac:cc:5a:03:09:9f:45:f9:f1:60:32:5b:d6:4c:2d:04:
51:c1:13:b6:5d:f5:4f:88:ac:eb:6f:96:fd:9d:1a:c7:9f:f7:
b3:d3:2f:1d:4c:26:a1:57:a4:51:54:10:3d:b6:d4:59:b5:93:
05:7d:0b:81:6b:74:ad:1b:c4:b0:98:cf:cf:5d:99:e4:33:42:
3d:86:96:92:b8:b6:b1:95:57:7a:56:f9:65:88:b3:e3:f7:31:
66:46:bd:2b:3f:c8:52:56:6f:54:0d:e6:94:87:81:6a:58:c1:
eb:6b:9c:e6:0b:34:f5:f4:f9:e0:fc:1d:4c:d8:d8:32:b1:6c:
90:b1:32:0c:9a:a2:db:bd:40:79:b0:30:19:21:f8:81:33:26:
20:de:50:92:a4:06:54:6f:6a:68:b5:e0:4f:a6:14:ce:80:44:
71:ba:29:7e:37:56:75:f3:03:13:94:62:f7:21:bc:c8:e6:ee:
79:d8:85:23
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUJQvhs4h/FuUksLaEQwWNCRnZVNMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMDYwMDQwMjlaFw0yNjA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDA1MDgwNjM5NmM1NTkzMWU4OGQ2ZDA2NDBjMWU2MmJjNGYyMTdlNWZhNTQz
YmU1Y2ZlYWFkNjNmOTAyZjkwMzQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPgEifGxqvvmnUbKk5HIPYR9ObStYm6tKEHhYafk2o6+FGRC+9xFLWhQhmFl
ugsuCRcnkXVNGItM1lksRW4MJz8GCADOAjLwVITcYgk3EfRJ17gEo7vWqz4ooV5h
9cjyDu+nfT1h4ZppHDl9WBGc/6Zs1UVn+CUQKvC3EpFS5IEHRBHbEBHERgYCQYRZ
5dhrLPvab7tQ/S0D3ks0fhzGsGFIMsG77fg2eKQUnfqtQSNYofBM/bM5DXALygZv
EsZU+CQbMLg8+ThOyRQ9CRyMNZxuIO78YWnv5qvbvfw9LfbxWZcQlNdzQOMHdFyH
5/gy4rrb0GBFeP5xOcJWZHfsPXUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQGNHOx
0muUg2lwIicSC8iY+u5sBjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2YyNDRkNDYtODdhZC00MjI0LWI1OTMtYmQ4MWI1MDUzNDVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBlN3QDAN
BgkqhkiG9w0BAQsFAAOCAQEAL+INO/8wg+35g29TBCxT/LcGf6XkTbXizuRvvm5P
+Vu64qv6U/jl7yJfrOGS52naS+MP8pLzO8rTiGIbXYPSARSPqjGofe0iC2mszFoD
CZ9F+fFgMlvWTC0EUcETtl31T4is62+W/Z0ax5/3s9MvHUwmoVekUVQQPbbUWbWT
BX0LgWt0rRvEsJjPz12Z5DNCPYaWkri2sZVXelb5ZYiz4/cxZka9Kz/IUlZvVA3m
lIeBaljB62uc5gs09fT54PwdTNjYMrFskLEyDJqi271AebAwGSH4gTMmIN5QkqQG
VG9qaLXgT6YUzoBEcbopfjdWdfMDE5Ri9yG8yObuediFIw==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:41:01 2026 by rpki-client