Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/01c4adee-b8dc-44e3-959a-e4ab13e63ba7.roa
File: 01c4adee-b8dc-44e3-959a-e4ab13e63ba7.roa (raw, json)
Hash identifier: K8IdiOV2lEGdAdYpAtq3Neu+MJu1LfBxGLiJvZUfTDM=
Subject key identifier: FF:42:CF:86:DE:93:79:42:BB:00:87:0D:B9:AE:8C:6D:8C:85:6B:66
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 70359262DE5ABDDDCD22F228A878D5EA94BFB3F2
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/01c4adee-b8dc-44e3-959a-e4ab13e63ba7.roa
Signing time: Mon 04 May 2026 15:30:20 +0000
ROA not before: Mon 04 May 2026 15:30:20 +0000
ROA not after: Sun 02 Aug 2026 23:59:59 +0000
asID: 8987
IP address blocks: 83.118.234.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:35:92:62:de:5a:bd:dd:cd:22:f2:28:a8:78:d5:ea:94:bf:b3:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 4 15:30:20 2026 GMT
Not After : Aug 2 23:59:59 2026 GMT
Subject: serialNumber=064cd0b9bc2ffe23bae38dc977be093a5729383899dd40666d8dbc248088107c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:f1:4d:f7:42:a3:ac:36:27:be:ea:ba:76:ad:
b5:a3:c6:64:0e:d2:19:63:fa:66:28:b1:9c:28:f2:
b0:87:d3:b5:d1:df:13:db:47:bd:f5:de:db:b8:bc:
5d:1e:64:2e:8a:3b:80:f3:f6:88:63:32:66:8c:dd:
ee:48:bf:6a:09:28:93:5a:4e:b2:10:0a:18:0e:02:
de:be:16:29:f7:67:7c:b4:5b:62:0e:05:80:55:7a:
cf:d1:a8:65:43:ca:0f:f7:c8:d2:c8:06:1c:2b:16:
24:fd:e5:f5:1b:d3:19:ad:9d:86:8b:9c:13:1c:1d:
ac:b3:d8:f4:95:6d:57:bd:8f:c7:22:7d:d5:fd:7b:
9c:4e:e6:eb:bf:2e:c6:16:99:e5:82:bd:97:68:4c:
40:82:01:40:1a:64:de:0e:7f:60:d1:8a:90:3d:9a:
d2:21:c8:75:4f:85:0c:ed:4a:04:47:e2:1a:fe:46:
0f:17:75:6e:71:9a:bb:f9:9c:c2:0e:42:c0:99:0c:
6c:1b:b4:55:38:d0:14:ef:d1:df:4a:fe:83:ca:f7:
18:e0:f9:03:d3:ae:e6:03:b6:f2:55:4d:cd:f6:32:
41:63:1a:d3:8d:60:e8:a0:30:6f:00:ac:df:1f:2c:
de:74:99:e0:1e:20:01:79:47:b3:77:38:d2:7f:e6:
2c:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:42:CF:86:DE:93:79:42:BB:00:87:0D:B9:AE:8C:6D:8C:85:6B:66
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/01c4adee-b8dc-44e3-959a-e4ab13e63ba7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.118.234.0/23
Signature Algorithm: sha256WithRSAEncryption
2d:17:df:0c:49:32:6d:a7:a1:7c:75:91:eb:dd:ee:9e:d3:dc:
84:68:de:49:f0:93:d7:e3:4e:b4:6f:00:db:06:ac:61:72:e3:
6a:6d:2f:28:78:4b:ee:48:76:e5:21:ac:3c:05:06:43:f0:57:
d4:4a:c4:0f:ad:80:c2:68:68:bb:e0:88:3a:d8:4d:d1:2b:a3:
63:78:6d:5c:92:b3:0b:2b:fe:a2:76:41:61:f3:8d:de:eb:48:
da:18:d9:4f:c7:a0:a8:f7:64:ea:77:a7:0d:30:57:cc:49:e6:
1b:45:26:25:9f:9f:be:2d:51:a8:7b:40:98:95:a6:9b:e3:61:
3f:c9:56:e7:b4:c5:fb:ef:1d:d7:f5:e4:ce:53:25:b6:22:28:
af:5d:76:57:9e:96:0c:bd:f2:54:27:80:4b:65:e3:1b:8b:6c:
d1:15:00:32:14:e3:d5:a9:e5:6a:48:d7:dc:ee:16:ff:06:88:
ae:fd:50:a5:17:b5:19:18:ef:5b:c1:4d:0f:0a:91:4d:80:a0:
e0:6e:28:9e:5d:61:28:f7:48:ff:87:c6:b3:37:11:9f:34:7e:
51:ce:4a:be:72:ae:8d:53:05:fb:36:03:7e:27:cb:66:fe:4f:
a4:0b:0d:09:50:11:ba:8a:ec:e8:64:6a:e6:c8:b3:5e:d3:7a:
20:e6:0d:08
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUcDWSYt5avd3NIvIoqHjV6pS/s/IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MDQxNTMwMjBaFw0yNjA4MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDA2NGNkMGI5YmMyZmZlMjNiYWUzOGRjOTc3YmUwOTNhNTcyOTM4Mzg5OWRk
NDA2NjZkOGRiYzI0ODA4ODEwN2MxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALXxTfdCo6w2J77qunattaPGZA7SGWP6ZiixnCjysIfTtdHfE9tHvfXe27i8
XR5kLoo7gPP2iGMyZozd7ki/agkok1pOshAKGA4C3r4WKfdnfLRbYg4FgFV6z9Go
ZUPKD/fI0sgGHCsWJP3l9RvTGa2dhoucExwdrLPY9JVtV72PxyJ91f17nE7m678u
xhaZ5YK9l2hMQIIBQBpk3g5/YNGKkD2a0iHIdU+FDO1KBEfiGv5GDxd1bnGau/mc
wg5CwJkMbBu0VTjQFO/R30r+g8r3GOD5A9Ou5gO28lVNzfYyQWMa041g6KAwbwCs
3x8s3nSZ4B4gAXlHs3c40n/mLIkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT/Qs+G
3pN5QrsAhw25roxtjIVrZjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDFjNGFkZWUtYjhkYy00NGUzLTk1OWEtZTRhYjEzZTYzYmE3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVN26jAN
BgkqhkiG9w0BAQsFAAOCAQEALRffDEkybaehfHWR693untPchGjeSfCT1+NOtG8A
2wasYXLjam0vKHhL7kh25SGsPAUGQ/BX1ErED62Awmhou+CIOthN0SujY3htXJKz
Cyv+onZBYfON3utI2hjZT8egqPdk6nenDTBXzEnmG0UmJZ+fvi1RqHtAmJWmm+Nh
P8lW57TF++8d1/XkzlMltiIor112V56WDL3yVCeAS2XjG4ts0RUAMhTj1anlakjX
3O4W/waIrv1QpRe1GRjvW8FNDwqRTYCg4G4onl1hKPdI/4fGszcRnzR+Uc5KvnKu
jVMF+zYDfifLZv5PpAsNCVARuors6GRq5sizXtN6IOYNCA==
-----END CERTIFICATE-----
Generated at Tue May 12 23:35:47 2026 by rpki-client