Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/05d2e6e0-648a-472a-b287-1b954eae646d.roa
File: 05d2e6e0-648a-472a-b287-1b954eae646d.roa (raw, json)
Hash identifier: fXz7woqj/n6EN0aAPBxuUqqB8qKJKedqgqXQropw9NY=
Subject key identifier: FC:2D:65:CC:C8:88:4C:45:8B:B7:44:36:C2:AE:66:7C:F7:66:B1:E2
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 37DD7D029CA851DFDDF951C100FE0F9753CF301C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/05d2e6e0-648a-472a-b287-1b954eae646d.roa
Signing time: Mon 04 May 2026 15:30:20 +0000
ROA not before: Mon 04 May 2026 15:30:20 +0000
ROA not after: Sun 02 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 83.118.234.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 07 May 2026 07:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:dd:7d:02:9c:a8:51:df:dd:f9:51:c1:00:fe:0f:97:53:cf:30:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 4 15:30:20 2026 GMT
Not After : Aug 2 23:59:59 2026 GMT
Subject: serialNumber=8c2d0553e52f3a5f4f97479904e01203bbc12d283c1b261abde2eba804b3af8d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:d3:65:76:ba:ce:38:d2:7d:00:86:75:41:8a:
0d:d7:20:8b:2d:53:6a:8f:e6:85:f6:7a:00:a0:7b:
7f:e7:df:3c:3f:9a:26:b7:87:1b:08:4e:ba:bb:30:
70:18:1e:b5:07:21:9a:19:70:22:f0:6e:56:5e:99:
13:ed:ca:9d:ec:10:2d:15:7b:f0:76:c8:fe:1b:83:
d7:66:ae:31:a3:54:63:12:7a:6e:79:18:3d:b0:85:
57:b6:31:7a:e5:75:d4:ed:8d:62:e8:30:a6:70:4d:
94:24:6a:e6:64:a2:5e:ff:09:1f:02:43:6b:c7:f6:
cc:5e:48:47:34:d7:77:b2:6c:49:7c:96:0b:9d:22:
8d:39:c3:9a:92:ab:5c:77:dd:36:a5:88:bd:1b:e9:
2f:77:ea:48:6d:62:16:fd:ae:bc:d3:4a:8a:b5:6e:
31:9d:5e:11:9a:2c:e5:24:5e:aa:6f:f9:1b:54:21:
b7:1c:1e:ce:f1:bd:b7:99:94:71:04:5e:71:8f:85:
01:62:91:42:12:e9:f6:cc:18:83:91:c7:4d:1f:c4:
7d:09:e5:52:b4:3d:e5:3b:d4:5a:57:55:fc:f1:d8:
17:e9:85:3c:f8:1f:8e:20:56:1b:3e:c3:65:3f:d8:
d4:c8:73:79:fa:d6:39:08:c5:ae:a2:03:4d:33:8a:
40:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:2D:65:CC:C8:88:4C:45:8B:B7:44:36:C2:AE:66:7C:F7:66:B1:E2
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/05d2e6e0-648a-472a-b287-1b954eae646d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.118.234.0/23
Signature Algorithm: sha256WithRSAEncryption
b6:d3:dc:63:36:b7:15:94:5f:44:3c:3a:57:d5:be:a2:d2:ae:
5f:d2:16:5f:ef:6c:1a:07:5f:77:46:be:92:90:50:a9:e6:a3:
c2:13:fd:6c:8f:c8:d2:c6:e0:a9:fa:cf:bf:68:eb:a7:23:d3:
70:76:a7:06:a9:13:a7:30:97:63:a4:a0:02:e3:26:c2:4b:ef:
d6:56:a7:4d:b2:16:9c:db:4d:41:f7:dd:a7:94:a3:61:a5:64:
f5:a6:1b:5d:53:a9:38:91:41:79:f4:d4:dd:ba:17:9e:8d:22:
7c:ac:ae:64:57:32:89:13:85:d2:08:e5:27:95:4c:82:5b:9d:
c8:49:8c:97:ed:df:dc:b5:fe:d7:d1:8d:3e:05:71:31:d7:b6:
a3:5a:58:05:bb:7d:3a:f1:98:cb:0b:5e:68:4e:80:7b:db:d4:
a5:60:88:c4:eb:b9:5a:72:b3:05:df:01:84:8c:58:ef:0e:6e:
73:43:f6:47:76:47:c9:e2:c3:79:eb:e8:db:b7:24:06:39:da:
bb:c8:0b:34:ad:e6:5e:30:78:53:9c:1f:23:18:c0:2f:dc:51:
b3:05:9a:11:83:15:5f:75:35:da:4b:25:74:cd:5d:03:c7:2b:
e1:7d:c2:26:ad:35:fe:f7:b8:48:3c:60:f1:e8:dd:99:74:b0:
aa:96:ce:a2
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUN919ApyoUd/d+VHBAP4Pl1PPMBwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MDQxNTMwMjBaFw0yNjA4MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDhjMmQwNTUzZTUyZjNhNWY0Zjk3NDc5OTA0ZTAxMjAzYmJjMTJkMjgzYzFi
MjYxYWJkZTJlYmE4MDRiM2FmOGQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAInTZXa6zjjSfQCGdUGKDdcgiy1Tao/mhfZ6AKB7f+ffPD+aJreHGwhOursw
cBgetQchmhlwIvBuVl6ZE+3KnewQLRV78HbI/huD12auMaNUYxJ6bnkYPbCFV7Yx
euV11O2NYugwpnBNlCRq5mSiXv8JHwJDa8f2zF5IRzTXd7JsSXyWC50ijTnDmpKr
XHfdNqWIvRvpL3fqSG1iFv2uvNNKirVuMZ1eEZos5SReqm/5G1QhtxwezvG9t5mU
cQRecY+FAWKRQhLp9swYg5HHTR/EfQnlUrQ95TvUWldV/PHYF+mFPPgfjiBWGz7D
ZT/Y1MhzefrWOQjFrqIDTTOKQBMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT8LWXM
yIhMRYu3RDbCrmZ892ax4jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDVkMmU2ZTAtNjQ4YS00NzJhLWIyODctMWI5NTRlYWU2NDZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVN26jAN
BgkqhkiG9w0BAQsFAAOCAQEAttPcYza3FZRfRDw6V9W+otKuX9IWX+9sGgdfd0a+
kpBQqeajwhP9bI/I0sbgqfrPv2jrpyPTcHanBqkTpzCXY6SgAuMmwkvv1lanTbIW
nNtNQffdp5SjYaVk9aYbXVOpOJFBefTU3boXno0ifKyuZFcyiROF0gjlJ5VMglud
yEmMl+3f3LX+19GNPgVxMde2o1pYBbt9OvGYywteaE6Ae9vUpWCIxOu5WnKzBd8B
hIxY7w5uc0P2R3ZHyeLDeevo27ckBjnau8gLNK3mXjB4U5wfIxjAL9xRswWaEYMV
X3U12ksldM1dA8cr4X3CJq01/ve4SDxg8ejdmXSwqpbOog==
-----END CERTIFICATE-----
Generated at Wed May 6 10:19:03 2026 by rpki-client