Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83a3dbd5-059a-4f95-b55b-26c786f91e3b.roa
File: 83a3dbd5-059a-4f95-b55b-26c786f91e3b.roa (raw, json)
Hash identifier: L6KWIxABLeBZW4Ul/N2WV75H096YA3O7IoTtsBTpe5Y=
Subject key identifier: D9:ED:AF:23:94:03:5B:F4:A7:FF:1F:01:B3:7F:6F:44:C1:F3:AE:40
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 060FBBF9740978F04A06BB059AC322271718930F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83a3dbd5-059a-4f95-b55b-26c786f91e3b.roa
Signing time: Sat 28 Feb 2026 06:40:33 +0000
ROA not before: Sat 28 Feb 2026 06:40:33 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 213.72.0.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:0f:bb:f9:74:09:78:f0:4a:06:bb:05:9a:c3:22:27:17:18:93:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 28 06:40:33 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=f4a09c084ab8248cacd50dfa15530ada17e72a932948978b76c2ea4a1399c5da, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:d7:88:2a:99:78:ea:54:8c:4d:75:24:ac:b5:
83:80:b9:83:cb:e5:dc:ad:4f:dd:15:35:0c:b3:62:
f1:86:5e:ee:21:4f:4d:fb:e7:ae:6c:ea:50:53:0f:
cb:a2:be:c7:d4:de:f0:b9:60:b0:54:96:fa:d8:bf:
f7:f8:d1:1c:16:a9:63:c0:f3:0b:5d:68:ed:c8:11:
a8:52:3e:70:bd:94:06:4a:fa:02:3b:70:2b:8c:ab:
bd:87:3f:b4:07:8f:4f:a0:f2:09:bc:df:61:d3:56:
96:7c:28:1d:3f:74:9a:6f:90:02:92:b2:83:33:4d:
8f:68:58:57:17:45:1a:88:30:31:9a:0c:d4:f7:ad:
d5:6d:43:6a:2b:76:88:20:72:e8:8a:70:da:32:c8:
7d:bc:1e:96:e9:38:7b:1b:2d:46:83:c3:fa:04:65:
18:8f:7d:51:b4:81:41:78:fc:f5:de:6c:9e:6c:b3:
bd:85:25:b1:74:da:c7:69:50:68:f8:fe:4f:6e:b0:
ad:ec:4b:7e:55:41:b2:30:62:da:f9:18:89:87:d0:
ce:9d:38:4a:c0:f1:e9:10:09:10:11:e6:67:f1:a3:
8f:62:bb:f2:4c:c2:dd:d3:0c:0c:a8:71:3a:41:be:
da:8b:b2:d3:f2:62:fe:d0:29:e0:03:f9:ce:81:fa:
fa:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:ED:AF:23:94:03:5B:F4:A7:FF:1F:01:B3:7F:6F:44:C1:F3:AE:40
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83a3dbd5-059a-4f95-b55b-26c786f91e3b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.72.0.0/17
Signature Algorithm: sha256WithRSAEncryption
20:52:17:81:dc:5f:58:90:2f:5b:af:79:df:16:9d:30:a5:27:
7f:9d:57:61:eb:e2:04:32:a2:1f:d8:76:8c:52:0e:33:75:b2:
35:d2:e6:e5:fa:b8:57:21:c6:01:89:b6:a1:0a:33:2c:76:73:
83:ed:3d:51:cc:84:eb:d2:17:2c:9d:bd:fc:14:16:d2:bf:c8:
dd:d1:df:5a:7a:5c:a0:d2:21:d2:8e:45:a4:73:8e:14:59:2a:
33:29:87:82:46:7a:37:fa:11:05:a2:72:40:6d:2e:83:80:bf:
6f:2b:b4:f1:2e:03:cc:72:f3:6c:5c:c0:8d:29:7e:6f:b9:fa:
b0:5b:82:58:9e:e0:ae:53:3e:28:56:e9:39:8b:54:d2:6a:25:
1a:85:2b:50:67:cf:94:2e:4f:f4:91:5e:b9:93:d0:8e:d3:a8:
ad:8f:ae:d7:fb:ee:a8:55:14:db:42:15:d2:80:5f:46:cf:5f:
cf:89:67:11:67:8e:c2:75:63:8b:8b:4b:c6:1b:1e:23:75:c0:
cf:c0:cb:f2:83:08:51:7f:24:63:88:d7:0d:06:08:0e:71:dc:
4d:32:6f:9a:17:b1:09:76:47:ac:11:11:a5:4c:13:16:22:1a:
f7:53:a5:94:9f:8e:c8:c7:71:91:8f:a6:59:53:b0:87:07:1a:
b7:b2:2e:0c
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUBg+7+XQJePBKBrsFmsMiJxcYkw8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMjgwNjQwMzNaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGY0YTA5YzA4NGFiODI0OGNhY2Q1MGRmYTE1NTMwYWRhMTdlNzJhOTMyOTQ4
OTc4Yjc2YzJlYTRhMTM5OWM1ZGExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMzXiCqZeOpUjE11JKy1g4C5g8vl3K1P3RU1DLNi8YZe7iFPTfvnrmzqUFMP
y6K+x9Te8LlgsFSW+ti/9/jRHBapY8DzC11o7cgRqFI+cL2UBkr6AjtwK4yrvYc/
tAePT6DyCbzfYdNWlnwoHT90mm+QApKygzNNj2hYVxdFGogwMZoM1Pet1W1Dait2
iCBy6Ipw2jLIfbweluk4exstRoPD+gRlGI99UbSBQXj89d5snmyzvYUlsXTax2lQ
aPj+T26wrexLflVBsjBi2vkYiYfQzp04SsDx6RAJEBHmZ/Gjj2K78kzC3dMMDKhx
OkG+2ouy0/Ji/tAp4AP5zoH6+hsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTZ7a8j
lANb9Kf/HwGzf29EwfOuQDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODNhM2RiZDUtMDU5YS00Zjk1LWI1NWItMjZjNzg2ZjkxZTNiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9VIADAN
BgkqhkiG9w0BAQsFAAOCAQEAIFIXgdxfWJAvW6953xadMKUnf51XYeviBDKiH9h2
jFIOM3WyNdLm5fq4VyHGAYm2oQozLHZzg+09UcyE69IXLJ29/BQW0r/I3dHfWnpc
oNIh0o5FpHOOFFkqMymHgkZ6N/oRBaJyQG0ug4C/byu08S4DzHLzbFzAjSl+b7n6
sFuCWJ7grlM+KFbpOYtU0molGoUrUGfPlC5P9JFeuZPQjtOorY+u1/vuqFUU20IV
0oBfRs9fz4lnEWeOwnVji4tLxhseI3XAz8DL8oMIUX8kY4jXDQYIDnHcTTJvmhex
CXZHrBERpUwTFiIa91OllJ+OyMdxkY+mWVOwhwcat7IuDA==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:41:09 2026 by rpki-client