Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83a3dbd5-059a-4f95-b55b-26c786f91e3b.roa
File: 83a3dbd5-059a-4f95-b55b-26c786f91e3b.roa (raw, json)
Hash identifier: 4rL5qyrUGzW5d0aMvXoIS4AEUeOobBpcGJOUfmNTTCg=
Subject key identifier: F4:37:76:59:5F:42:7B:86:FD:BD:D3:A4:91:DF:6B:06:B3:B7:73:C2
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0DD20D35295AF2C26CBCEB50A412377F002636A8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83a3dbd5-059a-4f95-b55b-26c786f91e3b.roa
Signing time: Tue 19 May 2026 06:00:28 +0000
ROA not before: Tue 19 May 2026 06:00:28 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 213.72.0.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 02 Jun 2026 07:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:d2:0d:35:29:5a:f2:c2:6c:bc:eb:50:a4:12:37:7f:00:26:36:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 06:00:28 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=f89ccb5112c4282d7f621e8973a5260b621b439df7d1c0061332e687c3e9a17a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:5d:f1:00:86:09:24:27:95:22:c9:31:f0:54:
e1:ba:1e:89:c1:61:d2:d1:e4:e9:65:67:79:7a:67:
38:61:31:73:a6:1a:a7:85:69:1c:5e:9c:1a:48:77:
03:c1:d0:bd:91:e1:44:e8:0f:24:5d:d2:9b:c7:57:
fe:ff:32:6e:70:e1:6e:e5:74:e6:ef:01:10:eb:75:
91:69:8b:6e:7e:3d:07:86:dc:50:94:5e:e2:4e:34:
ce:be:0c:26:37:2d:cf:44:47:58:af:d1:53:0d:cd:
f0:fd:37:89:7a:7d:99:5b:62:42:68:0b:59:8e:ba:
ca:ea:f9:79:ec:dd:e9:e4:70:4f:41:c7:39:28:bc:
82:47:6c:d9:1e:fb:68:4c:96:98:54:5a:a3:14:48:
6f:a1:8c:e5:72:c9:99:4f:9a:a5:4c:55:e9:cf:d2:
11:57:5d:1c:ca:c9:1e:b4:be:d0:3b:75:97:9a:b0:
46:2e:e0:70:76:7c:11:d6:c4:fb:17:e2:73:cd:c9:
dd:71:64:3f:ce:c0:29:4c:8d:95:ce:76:65:00:07:
df:22:e0:3c:ef:5d:6f:ce:f3:61:54:69:ff:5c:b9:
1a:ec:ca:a5:92:e2:fa:5a:f1:0c:b8:36:1b:09:e7:
68:21:6e:10:fa:40:16:9c:3e:03:28:af:a7:15:9b:
f2:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:37:76:59:5F:42:7B:86:FD:BD:D3:A4:91:DF:6B:06:B3:B7:73:C2
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83a3dbd5-059a-4f95-b55b-26c786f91e3b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.72.0.0/17
Signature Algorithm: sha256WithRSAEncryption
4c:7c:3d:99:a5:a4:68:06:0c:a3:65:48:46:f7:01:ef:6e:65:
b2:0b:46:50:9f:c4:80:5b:7b:f6:b3:a4:07:eb:b8:62:fd:f4:
c4:d1:83:5e:de:e8:66:95:db:ac:70:05:2e:b8:f2:e5:18:a9:
67:19:4d:3f:af:1a:2e:c4:f3:02:d6:38:68:f3:d8:da:e7:41:
91:25:5c:37:bd:34:1f:5f:45:e2:47:e3:63:4d:67:3d:79:1b:
d2:a4:19:af:76:00:44:7e:63:30:98:78:2c:d7:6a:ed:10:17:
3c:0a:ce:a4:e2:cc:d9:dd:51:d3:2a:c1:fb:d4:37:91:97:09:
39:86:35:38:50:83:4b:b8:9e:3b:af:f8:b1:95:5a:1b:fb:f1:
e6:4f:22:98:4c:84:32:f6:13:3c:e0:98:12:a9:99:87:b0:f9:
3e:98:c8:fd:e6:68:06:98:d5:1e:53:38:e6:f4:60:a6:43:be:
8b:3f:6d:b0:be:de:88:3a:f6:17:13:7c:27:91:78:f0:55:fb:
39:12:2a:79:9d:9f:cf:c6:ad:1f:30:f5:d3:fc:d9:05:e0:05:
35:69:28:3d:e2:ad:70:1d:bf:92:13:31:c7:f5:ca:9c:92:e7:
3a:a7:af:b8:81:9f:35:52:30:9d:bd:19:01:7d:af:8b:ad:01:
ea:30:9b:1d
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUDdINNSla8sJsvOtQpBI3fwAmNqgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNjAwMjhaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGY4OWNjYjUxMTJjNDI4MmQ3ZjYyMWU4OTczYTUyNjBiNjIxYjQzOWRmN2Qx
YzAwNjEzMzJlNjg3YzNlOWExN2ExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALBd8QCGCSQnlSLJMfBU4boeicFh0tHk6WVneXpnOGExc6Yap4VpHF6cGkh3
A8HQvZHhROgPJF3Sm8dX/v8ybnDhbuV05u8BEOt1kWmLbn49B4bcUJRe4k40zr4M
Jjctz0RHWK/RUw3N8P03iXp9mVtiQmgLWY66yur5eezd6eRwT0HHOSi8gkds2R77
aEyWmFRaoxRIb6GM5XLJmU+apUxV6c/SEVddHMrJHrS+0Dt1l5qwRi7gcHZ8EdbE
+xfic83J3XFkP87AKUyNlc52ZQAH3yLgPO9db87zYVRp/1y5GuzKpZLi+lrxDLg2
GwnnaCFuEPpAFpw+AyivpxWb8lcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT0N3ZZ
X0J7hv2906SR32sGs7dzwjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODNhM2RiZDUtMDU5YS00Zjk1LWI1NWItMjZjNzg2ZjkxZTNiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9VIADAN
BgkqhkiG9w0BAQsFAAOCAQEATHw9maWkaAYMo2VIRvcB725lsgtGUJ/EgFt79rOk
B+u4Yv30xNGDXt7oZpXbrHAFLrjy5RipZxlNP68aLsTzAtY4aPPY2udBkSVcN700
H19F4kfjY01nPXkb0qQZr3YARH5jMJh4LNdq7RAXPArOpOLM2d1R0yrB+9Q3kZcJ
OYY1OFCDS7ieO6/4sZVaG/vx5k8imEyEMvYTPOCYEqmZh7D5PpjI/eZoBpjVHlM4
5vRgpkO+iz9tsL7eiDr2FxN8J5F48FX7ORIqeZ2fz8atHzD10/zZBeAFNWkoPeKt
cB2/khMxx/XKnJLnOqevuIGfNVIwnb0ZAX2vi60B6jCbHQ==
-----END CERTIFICATE-----
Generated at Mon Jun 1 15:30:16 2026 by rpki-client