Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fdb81a1b-3eea-4c1a-97f6-940966a0bde0.roa
File: fdb81a1b-3eea-4c1a-97f6-940966a0bde0.roa (raw, json)
Hash identifier: xm5R6RQdykNmvEtkH+aXBegptG0XzZV3Gpu315Dwt2g=
Subject key identifier: C4:3E:12:11:71:31:B4:88:18:A6:71:AA:17:0B:FA:6C:C0:0D:7B:97
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0C3238B63695AB46253FA1DE41A59D60B81076A8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fdb81a1b-3eea-4c1a-97f6-940966a0bde0.roa
Signing time: Tue 17 Feb 2026 00:00:08 +0000
ROA not before: Tue 17 Feb 2026 00:00:08 +0000
ROA not after: Mon 18 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 83.119.128.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:32:38:b6:36:95:ab:46:25:3f:a1:de:41:a5:9d:60:b8:10:76:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 17 00:00:08 2026 GMT
Not After : May 18 23:59:59 2026 GMT
Subject: serialNumber=2ff54feba67b4df37fd750ad5d25c81c5186c9df53e0270d23f464df63f6c5f7, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ab:01:95:53:bb:fa:53:80:3d:57:2a:89:c9:
b0:a3:56:78:a7:4c:f2:75:9f:a1:96:6e:ca:df:1a:
ca:8f:6f:74:da:c0:1b:4e:dc:f2:03:03:4d:60:46:
06:27:56:ef:ed:ac:2e:5b:41:44:42:43:c6:2e:d8:
d2:0f:39:bc:38:8c:6a:09:6a:4b:b6:a0:bf:fb:ae:
79:a4:52:c8:49:88:f2:61:b9:d5:41:a1:4d:11:8c:
b8:6e:54:b4:d1:f7:e0:57:ff:54:50:d1:e5:43:2f:
7a:16:5e:5b:ce:31:55:ab:07:13:5e:71:c0:93:c3:
d5:37:7d:cc:5b:49:0d:12:0f:49:50:48:b6:fb:72:
21:8c:42:82:52:0a:57:d7:94:ab:15:77:a0:6a:9f:
93:d5:0b:1f:84:3c:c9:0c:fd:7d:70:02:f2:7c:10:
a8:d3:b7:ae:34:11:67:3e:7e:ac:22:0a:85:ac:89:
21:2b:05:7e:ea:27:3c:2a:dc:4a:24:a2:15:cb:e7:
c4:ee:65:bd:e0:13:9c:df:c3:29:24:8c:a0:fb:77:
eb:5a:9a:df:51:c8:0e:1f:2f:0f:29:4c:e1:c7:be:
00:c7:80:1f:81:c4:55:de:9d:fd:4b:a3:a9:f7:ff:
59:f6:b8:b1:4a:38:a5:e1:8a:53:ba:b6:8b:98:48:
9d:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:3E:12:11:71:31:B4:88:18:A6:71:AA:17:0B:FA:6C:C0:0D:7B:97
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fdb81a1b-3eea-4c1a-97f6-940966a0bde0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.119.128.0/19
Signature Algorithm: sha256WithRSAEncryption
0d:a0:26:bd:0a:db:02:c8:b7:73:d0:f4:16:65:bd:ce:ee:e4:
38:41:dc:e3:ec:42:e1:0a:43:5b:fa:9d:f9:15:97:b3:99:f9:
de:ab:7e:f1:51:c7:54:f3:05:77:9b:e2:eb:f9:a4:74:c5:29:
d8:c9:fb:f9:02:9a:e3:5d:9a:ee:70:31:6f:44:c4:08:2f:fa:
de:39:e8:f4:73:bb:af:24:bd:17:95:dd:4b:70:23:40:21:1d:
d4:b4:c4:e8:3e:73:7b:83:eb:4e:c9:e8:e6:b1:b4:86:ce:14:
7b:1e:d5:cb:9f:c2:71:bf:86:67:d9:72:ce:eb:ce:b1:cb:c3:
a0:3c:27:3e:e9:fb:db:a7:4f:87:a9:75:1e:a5:d0:a3:f4:56:
c2:63:b1:9f:a5:29:0b:37:0b:63:81:23:14:ba:e7:f8:e9:af:
86:b1:68:1e:8e:e6:82:66:d4:98:41:56:5c:93:9e:fa:4d:46:
46:82:3b:a3:ae:69:fa:17:71:26:e1:70:33:02:cf:59:92:4a:
89:33:41:7b:ec:e2:5a:f7:8e:b5:b8:f5:e2:9b:13:4d:50:11:
d7:a2:47:fe:15:10:c5:06:f4:53:0a:c5:23:09:fa:d3:2d:23:
f6:bb:1b:f5:55:da:ca:ba:ab:98:1f:36:25:c8:00:12:03:c1:
a0:3d:ee:5e
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUDDI4tjaVq0YlP6HeQaWdYLgQdqgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMTcwMDAwMDhaFw0yNjA1MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDJmZjU0ZmViYTY3YjRkZjM3ZmQ3NTBhZDVkMjVjODFjNTE4NmM5ZGY1M2Uw
MjcwZDIzZjQ2NGRmNjNmNmM1ZjcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKirAZVTu/pTgD1XKonJsKNWeKdM8nWfoZZuyt8ayo9vdNrAG07c8gMDTWBG
BidW7+2sLltBREJDxi7Y0g85vDiMaglqS7agv/uueaRSyEmI8mG51UGhTRGMuG5U
tNH34Ff/VFDR5UMvehZeW84xVasHE15xwJPD1Td9zFtJDRIPSVBItvtyIYxCglIK
V9eUqxV3oGqfk9ULH4Q8yQz9fXAC8nwQqNO3rjQRZz5+rCIKhayJISsFfuonPCrc
SiSiFcvnxO5lveATnN/DKSSMoPt361qa31HIDh8vDylM4ce+AMeAH4HEVd6d/Uuj
qff/Wfa4sUo4peGKU7q2i5hInR8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTEPhIR
cTG0iBimcaoXC/pswA17lzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmRiODFhMWItM2VlYS00YzFhLTk3ZjYtOTQwOTY2YTBiZGUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBVN3gDAN
BgkqhkiG9w0BAQsFAAOCAQEADaAmvQrbAsi3c9D0FmW9zu7kOEHc4+xC4QpDW/qd
+RWXs5n53qt+8VHHVPMFd5vi6/mkdMUp2Mn7+QKa412a7nAxb0TECC/63jno9HO7
ryS9F5XdS3AjQCEd1LTE6D5ze4PrTsno5rG0hs4Uex7Vy5/Ccb+GZ9lyzuvOscvD
oDwnPun726dPh6l1HqXQo/RWwmOxn6UpCzcLY4EjFLrn+OmvhrFoHo7mgmbUmEFW
XJOe+k1GRoI7o65p+hdxJuFwMwLPWZJKiTNBe+ziWveOtbj14psTTVAR16JH/hUQ
xQb0UwrFIwn60y0j9rsb9VXayrqrmB82JcgAEgPBoD3uXg==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:46:10 2026 by rpki-client