Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/387a5e5f-3658-431f-b236-d486cddcae07.roa
File: 387a5e5f-3658-431f-b236-d486cddcae07.roa (raw, json)
Hash identifier: JGmBbRjxMrZRNcijLpncvXZUN3D4Z9l7siMALDSU0O8=
Subject key identifier: 9C:F0:E7:AE:41:6E:39:2C:83:32:81:25:A7:2B:96:FB:6A:6D:08:05
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 26C6E2B4E08152A9E396BCCFB5A3DC2F4865840A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/387a5e5f-3658-431f-b236-d486cddcae07.roa
Signing time: Fri 08 May 2026 00:01:01 +0000
ROA not before: Fri 08 May 2026 00:01:01 +0000
ROA not after: Thu 06 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 83.119.128.0/17 maxlen: 17
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:c6:e2:b4:e0:81:52:a9:e3:96:bc:cf:b5:a3:dc:2f:48:65:84:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 8 00:01:01 2026 GMT
Not After : Aug 6 23:59:59 2026 GMT
Subject: serialNumber=c1eb455e3159e3e511a12fe5f7fef96a0a19a4d1d60c69848136c50d2116783e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:ea:c9:27:65:7d:88:eb:7c:b7:ab:6e:74:6b:
b2:2a:72:d8:f2:c1:b1:c4:3f:1b:d2:47:ba:f3:cc:
de:5c:8a:c6:a3:1d:96:10:0b:4f:9a:00:2d:3b:9e:
9b:c0:02:d7:5f:e4:d6:60:33:28:4b:f8:bc:ef:a0:
1e:3f:02:05:14:41:a3:76:5d:91:a9:06:2a:b0:85:
2b:56:92:c1:a5:29:ac:50:4c:58:44:9d:ea:84:ef:
83:8a:67:92:8d:6c:64:8e:9d:22:15:87:de:a9:47:
6f:34:eb:a7:bd:56:c4:d6:3e:dd:06:07:c6:c2:53:
d4:5e:92:91:9c:6c:d9:f9:12:e0:87:06:e5:f9:88:
fb:7c:be:a0:e4:61:fb:75:96:25:3a:3e:0d:02:b3:
9a:a8:91:20:84:70:52:e1:88:a4:e6:e3:0b:01:ad:
3d:c2:22:0b:0f:05:35:56:90:fc:05:25:17:00:38:
3a:e7:84:f1:64:7b:b1:9a:c8:6e:f8:e3:98:55:3c:
78:eb:46:66:00:23:76:ea:df:85:bf:37:a6:5f:c6:
af:85:76:14:34:47:28:d1:25:24:34:db:21:1c:20:
20:b9:92:5c:bc:87:bd:48:40:bc:db:df:ec:cc:6d:
62:42:5d:6a:24:de:ec:b7:81:86:00:fc:d7:96:2b:
ab:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:F0:E7:AE:41:6E:39:2C:83:32:81:25:A7:2B:96:FB:6A:6D:08:05
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/387a5e5f-3658-431f-b236-d486cddcae07.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.119.128.0/17
Signature Algorithm: sha256WithRSAEncryption
90:b1:84:22:86:85:7d:a9:b9:84:2b:e5:fd:a9:33:e8:f9:77:
05:8e:38:68:ca:0f:f7:1a:2f:47:95:a7:d8:aa:49:e3:83:98:
4c:27:96:22:4d:fd:d7:e6:0b:6e:62:3c:14:ca:77:43:78:ce:
8f:28:5f:1d:50:03:5b:94:21:fd:0d:46:4c:e7:5a:db:7f:6c:
75:fd:28:ea:cd:74:33:a6:58:0f:70:b6:6c:e6:06:a9:11:21:
08:90:4d:2e:28:dc:86:b9:aa:72:51:ae:15:a5:90:1b:a6:12:
62:ed:9c:70:b0:57:2a:78:0c:75:6c:f2:8b:55:c2:c5:36:fe:
c2:af:3d:aa:f3:87:e9:09:fa:f7:3d:36:f6:5d:38:e6:d7:9f:
ac:82:9c:db:8c:e7:a0:4c:b7:d3:9c:00:0b:d5:20:a3:03:6d:
7b:5f:76:20:f3:8f:19:e6:04:7d:2a:0f:36:62:fa:e1:55:26:
d4:bd:c1:7d:11:7b:76:e2:b3:40:c2:fc:7d:1f:24:ba:ef:e9:
b0:26:4e:49:df:ad:f8:12:68:de:77:a0:52:50:05:ad:ef:8e:
ab:c5:10:32:11:b1:78:e1:a6:2b:c5:4a:d0:ae:d8:ec:8a:c5:
cc:4e:4b:01:a1:f8:9c:35:dd:71:a1:57:a2:08:f6:70:e3:44:
5a:ba:f5:2b
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUJsbitOCBUqnjlrzPtaPcL0hlhAowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MDgwMDAxMDFaFw0yNjA4MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGMxZWI0NTVlMzE1OWUzZTUxMWExMmZlNWY3ZmVmOTZhMGExOWE0ZDFkNjBj
Njk4NDgxMzZjNTBkMjExNjc4M2UxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJTqySdlfYjrfLerbnRrsipy2PLBscQ/G9JHuvPM3lyKxqMdlhALT5oALTue
m8AC11/k1mAzKEv4vO+gHj8CBRRBo3ZdkakGKrCFK1aSwaUprFBMWESd6oTvg4pn
ko1sZI6dIhWH3qlHbzTrp71WxNY+3QYHxsJT1F6SkZxs2fkS4IcG5fmI+3y+oORh
+3WWJTo+DQKzmqiRIIRwUuGIpObjCwGtPcIiCw8FNVaQ/AUlFwA4OueE8WR7sZrI
bvjjmFU8eOtGZgAjdurfhb83pl/Gr4V2FDRHKNElJDTbIRwgILmSXLyHvUhAvNvf
7MxtYkJdaiTe7LeBhgD815Yrq0sCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSc8Oeu
QW45LIMygSWnK5b7am0IBTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Mzg3YTVlNWYtMzY1OC00MzFmLWIyMzYtZDQ4NmNkZGNhZTA3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB1N3gDAN
BgkqhkiG9w0BAQsFAAOCAQEAkLGEIoaFfam5hCvl/akz6Pl3BY44aMoP9xovR5Wn
2KpJ44OYTCeWIk391+YLbmI8FMp3Q3jOjyhfHVADW5Qh/Q1GTOda239sdf0o6s10
M6ZYD3C2bOYGqREhCJBNLijchrmqclGuFaWQG6YSYu2ccLBXKngMdWzyi1XCxTb+
wq89qvOH6Qn69z029l045tefrIKc24znoEy305wAC9UgowNte192IPOPGeYEfSoP
NmL64VUm1L3BfRF7duKzQML8fR8kuu/psCZOSd+t+BJo3negUlAFre+Oq8UQMhGx
eOGmK8VK0K7Y7IrFzE5LAaH4nDXdcaFXogj2cONEWrr1Kw==
-----END CERTIFICATE-----
Generated at Wed May 13 00:38:06 2026 by rpki-client