Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2dbc9912-b766-4000-9f7c-cb9e37916980.roa
File: 2dbc9912-b766-4000-9f7c-cb9e37916980.roa (raw, json)
Hash identifier: sIB/rLFPuaNiiAUXv8d6rIn0awGshPTf64EX3cFz3J0=
Subject key identifier: ED:BD:96:CA:81:EF:53:B7:06:2A:56:BD:94:4F:C7:75:8A:FC:70:6B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5B759E57375BC65B70A8079039C3C7FAF8122AE0
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2dbc9912-b766-4000-9f7c-cb9e37916980.roa
Signing time: Fri 08 May 2026 00:01:02 +0000
ROA not before: Fri 08 May 2026 00:01:02 +0000
ROA not after: Thu 06 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 83.119.128.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:75:9e:57:37:5b:c6:5b:70:a8:07:90:39:c3:c7:fa:f8:12:2a:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 8 00:01:02 2026 GMT
Not After : Aug 6 23:59:59 2026 GMT
Subject: serialNumber=c24505789c2023db19eaf73c7cb62a8a3ef8433d28f994617d6d5378dc4df9b5, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:e0:36:de:93:3c:75:a5:52:fd:5d:a9:fb:a5:
fd:a2:6e:84:2e:2d:00:6e:64:58:4b:02:1c:62:70:
42:ac:77:04:5b:7c:f6:29:78:bd:8a:11:c1:5a:2b:
ff:48:9a:5b:33:55:1c:b3:20:c0:e5:75:6f:a8:8d:
5f:e1:00:9a:79:47:7f:a8:64:ce:20:1e:c8:73:01:
51:61:e2:60:bf:d5:56:b1:a4:79:d0:9e:42:4b:9f:
11:89:10:75:17:f9:be:cc:e4:be:ff:2b:7e:82:67:
bb:f9:0f:40:cf:95:df:0b:b2:f8:da:4c:ee:11:1b:
da:ee:a6:f1:13:67:72:59:be:33:62:ea:f9:d2:60:
48:e5:61:5b:37:87:78:38:ec:5c:dc:2f:10:97:38:
11:aa:38:54:04:71:4d:2c:c0:0a:24:67:fb:dd:e1:
0a:09:62:cf:81:14:81:d5:45:4f:18:5c:8e:18:09:
e4:bf:be:a1:71:c5:dd:83:0a:38:2c:74:c8:b3:9c:
68:78:50:12:99:77:d9:10:f1:9e:4e:9e:0f:b8:47:
ec:1a:54:37:7a:c8:86:16:c2:3a:9d:d4:5a:f6:06:
c5:6f:cb:4c:72:8f:a8:6f:c3:6d:90:09:83:06:7e:
6d:86:0e:22:29:17:8e:c5:9e:36:ca:7e:c7:6a:34:
58:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:BD:96:CA:81:EF:53:B7:06:2A:56:BD:94:4F:C7:75:8A:FC:70:6B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2dbc9912-b766-4000-9f7c-cb9e37916980.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.119.128.0/18
Signature Algorithm: sha256WithRSAEncryption
6d:da:70:b6:b1:fb:58:de:47:83:46:2e:cd:76:7f:0a:dd:87:
93:3e:f7:62:fe:35:e7:12:fc:94:ee:3e:39:28:e6:cb:d4:b8:
98:fb:33:56:3a:5f:27:28:8d:df:9e:e5:6d:e1:4a:52:89:15:
c0:b0:21:61:5c:b1:b4:84:00:f2:7b:0d:d2:26:3c:f1:ea:b3:
47:10:c9:68:36:d9:01:48:7e:40:72:66:24:d9:ab:7a:47:02:
a5:36:c9:2c:78:f5:cb:f5:fc:5e:62:76:93:01:ab:0a:be:45:
53:bc:a0:d4:ca:00:57:a1:9f:54:94:75:c2:5d:08:b7:61:34:
79:ea:91:ed:65:08:cf:f4:7e:55:98:cd:20:21:62:be:ae:e8:
30:2f:24:54:bb:19:f7:63:7a:9b:6d:37:0b:d3:40:8d:4f:fb:
40:7c:d4:42:bd:ef:ce:b0:ff:e0:6f:10:e0:d2:44:cb:62:45:
3b:24:3e:2d:4d:2e:6b:46:d3:cf:20:02:09:a5:b5:75:8e:51:
6b:96:3a:84:a0:40:03:a0:90:f7:a8:c8:1e:8e:ba:32:f7:a0:
80:39:0b:bf:b5:1a:f9:8d:fc:60:80:01:e3:1f:ee:e0:5a:c3:
53:10:55:52:7e:5c:8f:59:d8:82:2f:ce:5d:ee:4c:3d:2b:9d:
87:21:14:cd
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUW3WeVzdbxltwqAeQOcPH+vgSKuAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MDgwMDAxMDJaFw0yNjA4MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGMyNDUwNTc4OWMyMDIzZGIxOWVhZjczYzdjYjYyYThhM2VmODQzM2QyOGY5
OTQ2MTdkNmQ1Mzc4ZGM0ZGY5YjUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL/gNt6TPHWlUv1dqful/aJuhC4tAG5kWEsCHGJwQqx3BFt89il4vYoRwVor
/0iaWzNVHLMgwOV1b6iNX+EAmnlHf6hkziAeyHMBUWHiYL/VVrGkedCeQkufEYkQ
dRf5vszkvv8rfoJnu/kPQM+V3wuy+NpM7hEb2u6m8RNnclm+M2Lq+dJgSOVhWzeH
eDjsXNwvEJc4Eao4VARxTSzACiRn+93hCgliz4EUgdVFTxhcjhgJ5L++oXHF3YMK
OCx0yLOcaHhQEpl32RDxnk6eD7hH7BpUN3rIhhbCOp3UWvYGxW/LTHKPqG/DbZAJ
gwZ+bYYOIikXjsWeNsp+x2o0WDUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTtvZbK
ge9TtwYqVr2UT8d1ivxwazAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmRiYzk5MTItYjc2Ni00MDAwLTlmN2MtY2I5ZTM3OTE2OTgwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBlN3gDAN
BgkqhkiG9w0BAQsFAAOCAQEAbdpwtrH7WN5Hg0YuzXZ/Ct2Hkz73Yv415xL8lO4+
OSjmy9S4mPszVjpfJyiN357lbeFKUokVwLAhYVyxtIQA8nsN0iY88eqzRxDJaDbZ
AUh+QHJmJNmrekcCpTbJLHj1y/X8XmJ2kwGrCr5FU7yg1MoAV6GfVJR1wl0It2E0
eeqR7WUIz/R+VZjNICFivq7oMC8kVLsZ92N6m203C9NAjU/7QHzUQr3vzrD/4G8Q
4NJEy2JFOyQ+LU0ua0bTzyACCaW1dY5Ra5Y6hKBAA6CQ96jIHo66MveggDkLv7Ua
+Y38YIAB4x/u4FrDUxBVUn5cj1nYgi/OXe5MPSudhyEUzQ==
-----END CERTIFICATE-----
Generated at Wed May 13 01:27:53 2026 by rpki-client