Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f244d46-87ad-4224-b593-bd81b505345a.roa
File: 7f244d46-87ad-4224-b593-bd81b505345a.roa (raw, json)
Hash identifier: /9B5/XW+3f6IruoTa/db5cWuXi3z1jwFsPXP3XtzZjY=
Subject key identifier: 27:71:45:58:AC:A8:74:71:DF:99:26:13:DE:FC:E8:F9:98:A9:14:88
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 14A656071CEA364787C6FECB4CB87A1A2812EC5B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f244d46-87ad-4224-b593-bd81b505345a.roa
Signing time: Mon 27 Apr 2026 00:40:09 +0000
ROA not before: Mon 27 Apr 2026 00:40:09 +0000
ROA not after: Sun 26 Jul 2026 23:59:59 +0000
asID: 16509
IP address blocks: 83.119.64.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 04 May 2026 11:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:a6:56:07:1c:ea:36:47:87:c6:fe:cb:4c:b8:7a:1a:28:12:ec:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 27 00:40:09 2026 GMT
Not After : Jul 26 23:59:59 2026 GMT
Subject: serialNumber=434c62b942e7a87d0673ad008c36f9b060bb1507404304f20b460c0256d03c85, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b5:b2:34:68:0a:c8:03:16:49:00:c6:62:38:
9c:8a:ad:1b:1b:c5:a5:2b:46:6b:69:10:fc:d9:a5:
2c:77:e0:e9:ad:74:e0:bf:80:88:83:85:ca:85:93:
f0:ef:60:13:60:32:2b:1a:90:e1:ab:77:4b:cc:4a:
f9:18:ed:e9:c8:4e:70:35:67:df:d7:6b:cc:0a:6c:
ae:e5:34:26:7b:39:5f:9d:11:cb:11:dc:59:32:95:
09:0e:62:fe:bc:56:1b:65:1f:66:34:80:ed:f0:9f:
02:84:ed:a9:df:18:c3:84:a4:a4:82:9c:82:4e:80:
64:0b:61:b3:22:e5:4b:ce:ca:9d:84:dc:eb:35:a0:
16:f0:27:1f:e4:22:ce:f4:5f:fd:c5:f6:75:76:c3:
84:e8:d0:44:95:86:6d:ac:4c:6e:21:d5:eb:7b:19:
46:6e:52:c9:f0:a4:f5:7d:8a:63:00:34:7e:01:bc:
6a:5e:d1:e4:15:77:b5:e6:98:4f:48:fe:f1:32:21:
f5:c8:d8:1f:32:2e:dd:b1:70:c7:b2:43:68:f8:98:
e8:30:98:c0:a6:e3:64:a9:de:a4:d7:d8:81:be:11:
ab:1e:90:24:e3:66:74:06:9a:52:8d:62:7c:cf:de:
6e:d5:9c:0f:73:17:8d:01:85:17:92:dd:9d:34:66:
a5:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:71:45:58:AC:A8:74:71:DF:99:26:13:DE:FC:E8:F9:98:A9:14:88
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f244d46-87ad-4224-b593-bd81b505345a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.119.64.0/18
Signature Algorithm: sha256WithRSAEncryption
3e:ca:ea:ba:93:87:50:4b:22:c5:92:40:13:3a:9e:ed:65:5e:
ae:55:f9:12:06:56:8a:4b:4a:0e:b5:9a:cd:b9:fa:15:55:2e:
e5:65:f7:c4:b2:87:2c:d8:c3:d6:c3:a2:a7:cc:e8:aa:bc:3e:
f2:4a:13:17:a3:ad:6a:14:65:8a:b8:08:3f:2f:61:6e:7a:be:
cc:68:84:cf:f7:15:36:cf:ac:a9:6d:75:89:45:33:28:39:42:
14:8c:cc:09:38:fc:28:6c:c2:e4:34:19:1e:a3:81:0d:15:c7:
4d:94:eb:88:64:53:74:74:73:39:aa:a8:c1:00:bf:67:16:88:
62:c4:b3:de:99:48:b4:be:ef:11:18:1c:7e:9b:ce:ae:f1:7a:
a5:3e:10:78:87:02:7f:87:21:55:8a:eb:bb:b8:c7:9e:54:6c:
c5:42:a6:f9:46:1e:2e:28:e9:7a:dc:57:5f:ab:ad:5d:24:02:
9d:0f:58:ac:08:64:0d:e9:a0:3a:30:7b:bf:b7:17:35:53:f3:
25:37:2e:fc:4b:a4:8b:13:04:27:7e:6c:a4:af:5f:fc:83:32:
7d:54:bb:80:d4:f6:85:f9:52:15:74:d5:1c:56:67:41:96:1d:
c2:04:f6:cd:8c:aa:e5:f7:b3:94:14:52:35:b3:00:4e:6c:8a:
0d:8b:f9:19
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUFKZWBxzqNkeHxv7LTLh6GigS7FswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA0MjcwMDQwMDlaFw0yNjA3MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDQzNGM2MmI5NDJlN2E4N2QwNjczYWQwMDhjMzZmOWIwNjBiYjE1MDc0MDQz
MDRmMjBiNDYwYzAyNTZkMDNjODUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALO1sjRoCsgDFkkAxmI4nIqtGxvFpStGa2kQ/NmlLHfg6a104L+AiIOFyoWT
8O9gE2AyKxqQ4at3S8xK+Rjt6chOcDVn39drzApsruU0Jns5X50RyxHcWTKVCQ5i
/rxWG2UfZjSA7fCfAoTtqd8Yw4SkpIKcgk6AZAthsyLlS87KnYTc6zWgFvAnH+Qi
zvRf/cX2dXbDhOjQRJWGbaxMbiHV63sZRm5SyfCk9X2KYwA0fgG8al7R5BV3teaY
T0j+8TIh9cjYHzIu3bFwx7JDaPiY6DCYwKbjZKnepNfYgb4Rqx6QJONmdAaaUo1i
fM/ebtWcD3MXjQGFF5LdnTRmpRECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQncUVY
rKh0cd+ZJhPe/Oj5mKkUiDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2YyNDRkNDYtODdhZC00MjI0LWI1OTMtYmQ4MWI1MDUzNDVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBlN3QDAN
BgkqhkiG9w0BAQsFAAOCAQEAPsrqupOHUEsixZJAEzqe7WVerlX5EgZWiktKDrWa
zbn6FVUu5WX3xLKHLNjD1sOip8zoqrw+8koTF6OtahRlirgIPy9hbnq+zGiEz/cV
Ns+sqW11iUUzKDlCFIzMCTj8KGzC5DQZHqOBDRXHTZTriGRTdHRzOaqowQC/ZxaI
YsSz3plItL7vERgcfpvOrvF6pT4QeIcCf4chVYrru7jHnlRsxUKm+UYeLijpetxX
X6utXSQCnQ9YrAhkDemgOjB7v7cXNVPzJTcu/EukixMEJ35spK9f/IMyfVS7gNT2
hflSFXTVHFZnQZYdwgT2zYyq5fezlBRSNbMATmyKDYv5GQ==
-----END CERTIFICATE-----
Generated at Sun May 3 16:52:50 2026 by rpki-client