Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e6379fd6-eaa8-4348-8280-afb9b8552668.roa
File: e6379fd6-eaa8-4348-8280-afb9b8552668.roa (raw, json)
Hash identifier: B5ltSidO2oSg7fIYFd90hZNxk65ZnEefQpIuDKIk3ZI=
Subject key identifier: 40:EE:16:84:E2:C8:D4:D3:3C:8B:AA:FC:A5:EB:45:7A:D8:0B:0A:65
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 37784593FAD3291702B4FE9FFCDEAE73918EEB8E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e6379fd6-eaa8-4348-8280-afb9b8552668.roa
Signing time: Fri 06 Feb 2026 00:40:11 +0000
ROA not before: Fri 06 Feb 2026 00:40:11 +0000
ROA not after: Thu 07 May 2026 23:59:59 +0000
asID: 7224
IP address blocks: 83.118.228.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:78:45:93:fa:d3:29:17:02:b4:fe:9f:fc:de:ae:73:91:8e:eb:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 6 00:40:11 2026 GMT
Not After : May 7 23:59:59 2026 GMT
Subject: serialNumber=bbd060c8b14bfd12ed6ed7623ae2c3ffc530727a00119dddfbf836855b825c27, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:73:91:21:24:0a:22:56:7f:98:b8:cf:bd:49:
35:d3:35:f0:47:bc:de:21:f4:bf:23:ba:1d:2c:d7:
ae:07:fd:0e:b6:16:44:cb:e7:5a:5f:15:aa:fd:13:
2b:63:b4:5f:58:6d:15:97:33:0b:eb:e1:6e:1d:82:
cd:36:28:e2:16:8c:da:7c:5f:4d:ed:89:ab:cf:ce:
c8:cc:24:4c:94:a3:0b:1e:ff:75:c9:78:4c:7d:13:
6b:ec:01:99:8a:e7:16:6d:25:d4:ee:90:ab:25:28:
ee:09:cb:3f:aa:40:d0:3a:33:8e:50:04:01:ba:75:
da:4c:ae:8e:9a:d2:7d:96:1e:63:67:f0:59:18:6b:
b2:2c:04:68:5d:83:64:31:30:9c:66:40:3a:a7:59:
dd:09:1c:53:d3:ab:f6:5f:44:b0:6f:7b:89:e0:4d:
4f:65:0d:2a:cd:fb:d5:65:cf:24:a6:fe:03:05:9c:
6e:d2:74:24:c6:a5:76:5e:92:67:9e:fa:6a:79:e3:
da:09:15:a4:0b:2d:d5:1c:1a:65:2a:6f:fc:25:34:
85:74:47:1f:10:63:a3:cb:b4:80:26:37:58:0e:eb:
4e:8a:10:39:22:68:d7:a2:ba:75:71:c2:cd:8f:8c:
98:a1:01:3e:de:1a:0c:77:2f:9d:fc:30:56:6d:45:
dd:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:EE:16:84:E2:C8:D4:D3:3C:8B:AA:FC:A5:EB:45:7A:D8:0B:0A:65
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e6379fd6-eaa8-4348-8280-afb9b8552668.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.118.228.0/22
Signature Algorithm: sha256WithRSAEncryption
cd:cb:d7:28:ba:4a:fa:dc:74:f5:23:f0:64:84:85:40:0b:de:
7b:2d:6f:38:cd:00:1f:02:8b:af:ea:a4:d5:17:82:c4:57:24:
a1:e0:d4:9e:57:9f:90:59:72:85:96:eb:87:67:85:66:00:07:
37:c6:d8:4f:b6:00:b1:68:b1:51:c7:0c:43:8a:c2:67:3d:ba:
a6:7c:1d:1f:3e:f1:f6:4e:57:20:c8:91:45:a1:e4:36:b6:a4:
1a:c4:9e:a2:a4:77:63:79:fb:7c:99:11:42:0c:c6:fe:de:0d:
a9:e2:bd:c9:17:10:99:20:9a:8d:9e:68:d9:ca:cb:00:7b:c1:
68:83:fe:f6:65:fe:76:5f:01:38:1d:e2:5b:71:23:be:45:f6:
3a:27:5e:1c:64:33:56:2a:03:ff:07:02:e9:08:04:64:24:d2:
a5:c9:f3:36:0e:37:7c:15:74:95:3f:43:45:1a:fd:4d:ee:68:
4c:2e:8b:54:30:e3:62:e6:76:2b:32:92:85:02:87:ed:9f:96:
f0:af:19:2d:f3:f8:79:bc:19:c6:70:7f:0a:d0:41:0c:7a:24:
07:b9:c7:8e:78:58:10:8f:ea:b2:0c:86:70:3d:39:a7:d9:d0:
53:0e:7d:43:e9:cb:46:db:83:71:60:d7:fb:8d:41:93:4b:cf:
2e:91:7b:55
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUN3hFk/rTKRcCtP6f/N6uc5GO644wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMDYwMDQwMTFaFw0yNjA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQGJiZDA2MGM4YjE0YmZkMTJlZDZlZDc2MjNhZTJjM2ZmYzUzMDcyN2EwMDEx
OWRkZGZiZjgzNjg1NWI4MjVjMjcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALpzkSEkCiJWf5i4z71JNdM18Ee83iH0vyO6HSzXrgf9DrYWRMvnWl8Vqv0T
K2O0X1htFZczC+vhbh2CzTYo4haM2nxfTe2Jq8/OyMwkTJSjCx7/dcl4TH0Ta+wB
mYrnFm0l1O6QqyUo7gnLP6pA0DozjlAEAbp12kyujprSfZYeY2fwWRhrsiwEaF2D
ZDEwnGZAOqdZ3QkcU9Or9l9EsG97ieBNT2UNKs371WXPJKb+AwWcbtJ0JMaldl6S
Z576annj2gkVpAst1RwaZSpv/CU0hXRHHxBjo8u0gCY3WA7rTooQOSJo16K6dXHC
zY+MmKEBPt4aDHcvnfwwVm1F3R8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRA7haE
4sjU0zyLqvyl60V62AsKZTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTYzNzlmZDYtZWFhOC00MzQ4LTgyODAtYWZiOWI4NTUyNjY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlN25DAN
BgkqhkiG9w0BAQsFAAOCAQEAzcvXKLpK+tx09SPwZISFQAveey1vOM0AHwKLr+qk
1ReCxFckoeDUnlefkFlyhZbrh2eFZgAHN8bYT7YAsWixUccMQ4rCZz26pnwdHz7x
9k5XIMiRRaHkNrakGsSeoqR3Y3n7fJkRQgzG/t4NqeK9yRcQmSCajZ5o2crLAHvB
aIP+9mX+dl8BOB3iW3EjvkX2OideHGQzVioD/wcC6QgEZCTSpcnzNg43fBV0lT9D
RRr9Te5oTC6LVDDjYuZ2KzKShQKH7Z+W8K8ZLfP4ebwZxnB/CtBBDHokB7nHjnhY
EI/qsgyGcD05p9nQUw59Q+nLRtuDcWDX+41Bk0vPLpF7VQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:01:06 2026 by rpki-client