Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bf3c19cc-7e74-4d47-9e2d-5bcee63041aa.roa
File: bf3c19cc-7e74-4d47-9e2d-5bcee63041aa.roa (raw, json)
Hash identifier: lgYjIiNNm9LWfPOEYzKVV2jw2dDCFzl8ptfRWLpWGA4=
Subject key identifier: DC:20:10:31:89:3E:13:38:1C:66:00:04:9C:68:AB:69:F1:B9:E4:39
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 76CFD6FF97C931A7AEC55D97E0FF3167D8F9B3B8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bf3c19cc-7e74-4d47-9e2d-5bcee63041aa.roa
Signing time: Fri 13 Feb 2026 15:30:38 +0000
ROA not before: Fri 13 Feb 2026 15:30:38 +0000
ROA not after: Thu 14 May 2026 23:59:59 +0000
asID: 14618
IP address blocks: 83.118.234.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Feb 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:cf:d6:ff:97:c9:31:a7:ae:c5:5d:97:e0:ff:31:67:d8:f9:b3:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 13 15:30:38 2026 GMT
Not After : May 14 23:59:59 2026 GMT
Subject: serialNumber=5b201fe9e9a146cabb27ff272ad3231ecd708972572f1485290a86536f6b68d5, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:4d:ce:cc:32:30:41:46:05:97:d4:c9:3c:61:
53:90:56:c7:96:a8:6c:dd:b0:27:71:da:26:cb:ad:
7a:1c:01:0c:e6:c3:35:d6:b3:f8:59:2e:fa:09:a4:
76:e0:d0:e4:61:02:0c:16:b7:d1:d9:03:f6:ff:98:
35:e9:70:ac:2c:43:1a:3b:25:73:e4:d1:15:14:e1:
90:69:f5:29:cd:12:19:9d:bb:c1:59:f4:38:40:ab:
82:46:0b:72:ee:a4:a4:69:4a:d1:62:c8:16:4c:33:
6c:05:a8:e6:e3:06:d4:aa:92:aa:a0:1b:6a:8b:f7:
17:79:a2:0e:6a:10:34:9d:8f:f7:c9:48:dc:de:1d:
81:db:f0:1a:2d:1e:2f:f1:9f:e3:23:85:48:ff:85:
33:8b:19:28:ab:3a:ba:dc:f1:15:e4:e2:72:06:64:
cf:bf:59:ac:49:53:e5:ac:47:98:43:b0:84:9f:a5:
53:66:e8:08:5d:8e:b2:5f:9a:2c:23:e0:b0:b9:88:
6b:16:c6:10:d8:dd:8c:7e:26:7a:a5:ea:5d:40:7e:
93:e5:2f:0c:9b:f3:88:d8:71:48:79:95:7b:c1:ef:
fe:ef:9f:59:1b:0d:47:2f:09:17:e1:18:ee:5f:78:
fd:6c:25:38:6a:5c:f2:e1:aa:bc:a1:f0:57:e6:23:
ff:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:20:10:31:89:3E:13:38:1C:66:00:04:9C:68:AB:69:F1:B9:E4:39
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bf3c19cc-7e74-4d47-9e2d-5bcee63041aa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.118.234.0/23
Signature Algorithm: sha256WithRSAEncryption
38:86:a3:70:8f:9a:c7:c1:98:19:44:28:18:9a:05:df:28:cc:
01:67:97:c3:27:53:65:90:fd:e0:68:fd:cc:56:ae:fc:db:8d:
6e:45:85:f2:7f:a4:a5:58:5d:cd:d4:89:58:55:b2:67:4d:5e:
fb:15:af:40:30:79:3c:7c:bf:28:79:83:b0:a0:0a:88:b8:54:
06:7f:e4:07:af:f5:16:72:c0:d3:e0:70:b1:a7:bc:2b:2f:3e:
f6:1b:bf:d3:df:32:e1:96:4f:71:c1:55:ed:4c:95:07:d2:85:
58:10:93:29:15:d6:b8:eb:c1:88:34:ad:43:79:ca:91:3e:ed:
12:4f:0d:2e:e0:bd:60:50:7e:6d:7f:fc:01:3b:e3:b7:f4:dc:
9a:02:4c:28:93:40:85:78:9e:ad:06:b8:a0:6b:0e:c3:05:30:
bf:60:c0:6d:87:98:ea:06:9f:eb:7d:3d:b6:41:60:13:38:f9:
51:41:02:99:92:2d:59:7d:8f:83:e3:39:c0:fb:94:cd:e0:b9:
ee:96:7c:be:02:d8:6c:b5:8c:d0:a1:ea:5b:c6:84:ca:7c:75:
fc:10:57:03:29:0e:7f:3b:95:d0:a3:c3:3c:0f:f2:39:3e:b7:
64:46:03:23:3a:22:cf:1b:8a:64:74:8a:0d:f8:ba:2a:e6:be:
e2:31:03:02
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUds/W/5fJMaeuxV2X4P8xZ9j5s7gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMTMxNTMwMzhaFw0yNjA1MTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDViMjAxZmU5ZTlhMTQ2Y2FiYjI3ZmYyNzJhZDMyMzFlY2Q3MDg5NzI1NzJm
MTQ4NTI5MGE4NjUzNmY2YjY4ZDUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL5NzswyMEFGBZfUyTxhU5BWx5aobN2wJ3HaJsutehwBDObDNdaz+Fku+gmk
duDQ5GECDBa30dkD9v+YNelwrCxDGjslc+TRFRThkGn1Kc0SGZ27wVn0OECrgkYL
cu6kpGlK0WLIFkwzbAWo5uMG1KqSqqAbaov3F3miDmoQNJ2P98lI3N4dgdvwGi0e
L/Gf4yOFSP+FM4sZKKs6utzxFeTicgZkz79ZrElT5axHmEOwhJ+lU2boCF2Osl+a
LCPgsLmIaxbGENjdjH4meqXqXUB+k+UvDJvziNhxSHmVe8Hv/u+fWRsNRy8JF+EY
7l94/WwlOGpc8uGqvKHwV+Yj/3ECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTcIBAx
iT4TOBxmAAScaKtp8bnkOTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YmYzYzE5Y2MtN2U3NC00ZDQ3LTllMmQtNWJjZWU2MzA0MWFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVN26jAN
BgkqhkiG9w0BAQsFAAOCAQEAOIajcI+ax8GYGUQoGJoF3yjMAWeXwydTZZD94Gj9
zFau/NuNbkWF8n+kpVhdzdSJWFWyZ01e+xWvQDB5PHy/KHmDsKAKiLhUBn/kB6/1
FnLA0+Bwsae8Ky8+9hu/098y4ZZPccFV7UyVB9KFWBCTKRXWuOvBiDStQ3nKkT7t
Ek8NLuC9YFB+bX/8ATvjt/TcmgJMKJNAhXierQa4oGsOwwUwv2DAbYeY6gaf6309
tkFgEzj5UUECmZItWX2Pg+M5wPuUzeC57pZ8vgLYbLWM0KHqW8aEynx1/BBXAykO
fzuV0KPDPA/yOT63ZEYDIzoizxuKZHSKDfi6Kua+4jEDAg==
-----END CERTIFICATE-----
Generated at Thu Feb 26 09:44:50 2026 by rpki-client