Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/15288dfc-bb6b-43a2-9ec3-7275954dae14.roa
File: 15288dfc-bb6b-43a2-9ec3-7275954dae14.roa (raw, json)
Hash identifier: EXLvXgX8KCZqRzWI5Xk8N8xUM8rAjExBSQsFoL54gug=
Subject key identifier: 1B:CE:01:7F:BB:1A:FC:FD:60:63:BC:23:C8:59:4A:6F:C6:30:50:56
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 28BD9F491BD8CB44E4DEDFDBE46D6BFFC8D6CC51
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/15288dfc-bb6b-43a2-9ec3-7275954dae14.roa
Signing time: Fri 08 May 2026 00:01:03 +0000
ROA not before: Fri 08 May 2026 00:01:03 +0000
ROA not after: Thu 06 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 83.119.160.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:bd:9f:49:1b:d8:cb:44:e4:de:df:db:e4:6d:6b:ff:c8:d6:cc:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 8 00:01:03 2026 GMT
Not After : Aug 6 23:59:59 2026 GMT
Subject: serialNumber=a61bb158df15e44b4b889fdee08730b840a15874cd4f32aef6e2db2b34b21e07, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:18:a9:12:cc:e5:1b:51:ec:45:80:9a:5a:65:
a8:84:4b:43:da:23:93:51:03:cd:8e:01:cc:53:86:
28:0e:15:36:af:98:ab:77:ab:9e:bf:7c:3d:e4:d4:
21:45:e6:fd:9a:94:b5:f9:2c:71:53:d9:6a:45:dd:
d1:a6:ea:f3:63:9d:d0:58:d7:7b:ad:1d:34:93:7b:
7b:de:8d:c0:1e:39:43:0e:39:31:5d:9c:3b:d8:7a:
84:a1:a0:33:8a:92:b7:56:e3:75:1a:56:e1:1b:d2:
c8:e4:2e:01:9c:e6:15:f9:ca:32:e9:20:d6:2a:f2:
ba:6b:e9:0e:ca:31:f6:9a:39:ed:a7:95:20:61:90:
5b:14:eb:44:98:e4:c0:d6:1b:e8:81:10:f6:05:60:
6b:36:44:8c:6d:19:81:f3:2a:b8:23:a5:b8:3a:39:
89:55:25:61:69:c7:fb:22:f1:d0:78:bd:5d:8a:0c:
2c:da:d4:85:da:c3:18:02:fe:1d:bd:0c:99:f4:40:
94:dd:cb:c4:b6:2f:58:57:2b:0a:27:7a:c2:09:c0:
46:ae:e7:c1:09:87:dd:57:be:29:36:4c:f1:65:93:
4e:07:57:92:21:11:89:07:bd:5c:cd:56:04:34:ab:
60:6b:57:f7:8e:4c:b5:9a:ed:d2:0f:71:a2:80:ce:
00:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:CE:01:7F:BB:1A:FC:FD:60:63:BC:23:C8:59:4A:6F:C6:30:50:56
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/15288dfc-bb6b-43a2-9ec3-7275954dae14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.119.160.0/19
Signature Algorithm: sha256WithRSAEncryption
82:fe:63:48:1d:df:68:93:5a:31:67:fc:3a:c5:db:97:6c:21:
da:1f:b1:64:f8:d9:81:34:cd:da:50:ec:ab:f3:15:ac:00:fc:
52:3c:eb:39:21:da:4c:8e:1b:34:ab:97:4e:62:c8:39:50:dc:
2a:6b:5a:2d:30:cc:b4:a2:54:b4:38:30:34:00:e7:d3:9f:a9:
ec:73:e6:de:e3:5a:ee:5f:42:51:d3:26:75:ff:f9:e4:bf:2e:
1b:29:bf:9d:fb:95:73:d0:22:0c:38:c7:0d:76:83:55:f7:6a:
ab:05:65:9e:43:c0:25:c4:15:e2:b1:74:a7:ed:fe:30:a4:6b:
6a:11:9a:82:31:36:eb:f7:82:1c:42:f2:e0:61:0d:bb:47:3b:
e6:bc:98:31:af:16:85:38:e1:e1:2e:a1:ef:d0:86:86:f2:67:
31:a2:c7:18:70:b1:7f:c6:ea:6e:38:bf:d2:aa:3b:a0:73:6d:
b3:97:e4:c5:e3:aa:a3:36:74:ac:91:85:b2:3e:7a:74:84:78:
dc:04:ea:69:32:c6:ce:e9:4b:1f:83:fc:17:7e:5c:16:06:72:
26:a9:ec:4e:9b:62:5c:86:d3:10:86:12:e0:40:aa:39:04:a3:
cf:2e:78:c9:fa:d2:70:c6:e6:00:cb:87:db:29:bb:1f:c1:24:
85:ee:39:81
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUKL2fSRvYy0Tk3t/b5G1r/8jWzFEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MDgwMDAxMDNaFw0yNjA4MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGE2MWJiMTU4ZGYxNWU0NGI0Yjg4OWZkZWUwODczMGI4NDBhMTU4NzRjZDRm
MzJhZWY2ZTJkYjJiMzRiMjFlMDcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKsYqRLM5RtR7EWAmlplqIRLQ9ojk1EDzY4BzFOGKA4VNq+Yq3ernr98PeTU
IUXm/ZqUtfkscVPZakXd0abq82Od0FjXe60dNJN7e96NwB45Qw45MV2cO9h6hKGg
M4qSt1bjdRpW4RvSyOQuAZzmFfnKMukg1iryumvpDsox9po57aeVIGGQWxTrRJjk
wNYb6IEQ9gVgazZEjG0ZgfMquCOluDo5iVUlYWnH+yLx0Hi9XYoMLNrUhdrDGAL+
Hb0MmfRAlN3LxLYvWFcrCid6wgnARq7nwQmH3Ve+KTZM8WWTTgdXkiERiQe9XM1W
BDSrYGtX945MtZrt0g9xooDOABkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQbzgF/
uxr8/WBjvCPIWUpvxjBQVjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTUyODhkZmMtYmI2Yi00M2EyLTllYzMtNzI3NTk1NGRhZTE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBVN3oDAN
BgkqhkiG9w0BAQsFAAOCAQEAgv5jSB3faJNaMWf8OsXbl2wh2h+xZPjZgTTN2lDs
q/MVrAD8UjzrOSHaTI4bNKuXTmLIOVDcKmtaLTDMtKJUtDgwNADn05+p7HPm3uNa
7l9CUdMmdf/55L8uGym/nfuVc9AiDDjHDXaDVfdqqwVlnkPAJcQV4rF0p+3+MKRr
ahGagjE26/eCHELy4GENu0c75ryYMa8WhTjh4S6h79CGhvJnMaLHGHCxf8bqbji/
0qo7oHNts5fkxeOqozZ0rJGFsj56dIR43ATqaTLGzulLH4P8F35cFgZyJqnsTpti
XIbTEIYS4ECqOQSjzy54yfrScMbmAMuH2ym7H8Ekhe45gQ==
-----END CERTIFICATE-----
Generated at Wed May 13 00:17:24 2026 by rpki-client