Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5f332a53-b8fa-4d61-9e5a-9ca4e586588d.roa
File: 5f332a53-b8fa-4d61-9e5a-9ca4e586588d.roa (raw, json)
Hash identifier: +HZEgd8bvbH02wpGz4+5lhko2q0Bwgb4t5ljM7XFrzw=
Subject key identifier: AF:3D:4D:A2:17:48:74:F3:22:1C:14:C7:74:60:CE:04:B8:4C:DA:1B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 504C2BA40D880CE8164BB81863614407F1923A8D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5f332a53-b8fa-4d61-9e5a-9ca4e586588d.roa
Signing time: Mon 04 May 2026 15:30:24 +0000
ROA not before: Mon 04 May 2026 15:30:24 +0000
ROA not after: Sun 02 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 83.129.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:4c:2b:a4:0d:88:0c:e8:16:4b:b8:18:63:61:44:07:f1:92:3a:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 4 15:30:24 2026 GMT
Not After : Aug 2 23:59:59 2026 GMT
Subject: serialNumber=b732d8331d1ff638ec8e0b888fd7b9fb2924b458fd4fe5779383587d4a2ef395, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:a3:cb:d5:02:c0:8a:e2:1b:78:57:9e:52:36:
fa:6b:0d:47:ad:39:a2:c7:e9:1a:b6:7c:da:ff:da:
fc:77:e4:af:60:15:e5:58:26:f2:5f:b6:89:97:70:
c8:c5:48:66:9c:39:84:27:20:11:33:69:fb:22:23:
0e:7e:d2:38:e4:19:7f:27:2b:62:0b:1f:5a:f7:3a:
85:99:23:d6:e9:1c:c9:3a:fd:ca:5a:40:c4:a1:a2:
c7:aa:17:cd:2d:c3:c3:54:64:3c:53:66:1f:32:2a:
ee:ee:4b:eb:7a:f6:32:56:d7:d8:6f:0c:cb:ab:b2:
20:b5:7d:0b:1d:57:64:95:e7:12:14:18:0c:9e:cb:
77:ea:66:5b:cb:6c:04:90:62:6a:b6:e2:cd:49:d7:
b0:73:d9:6e:69:3d:5d:f8:dd:b2:e3:25:26:fd:82:
77:97:4e:c9:00:7e:22:bd:b3:70:5e:b7:73:cd:3e:
4b:db:78:59:7a:46:a0:02:96:69:00:a5:32:5e:9e:
9c:4d:38:7b:42:0a:14:6c:cb:cd:4a:f2:c8:c7:55:
78:0e:51:f2:6c:b2:41:ee:28:72:65:7a:92:4a:c2:
5a:ee:2b:82:ab:a5:a0:65:2d:5d:52:64:de:58:3e:
77:7e:c4:bc:2a:87:40:d4:d5:df:16:99:69:d7:3d:
5d:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:3D:4D:A2:17:48:74:F3:22:1C:14:C7:74:60:CE:04:B8:4C:DA:1B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5f332a53-b8fa-4d61-9e5a-9ca4e586588d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.129.0.0/16
Signature Algorithm: sha256WithRSAEncryption
45:1c:18:cd:27:11:bd:ad:18:b8:0c:c7:28:c1:87:31:f9:14:
bf:9a:8d:56:98:23:6b:16:7c:d7:0a:45:bf:e2:5d:ff:36:5d:
3d:a5:f7:da:3a:7e:32:46:a6:95:97:5f:79:71:78:7a:75:f6:
c0:16:e9:70:8c:43:3b:0b:ec:d7:ed:af:56:41:c8:bb:38:3a:
ab:26:d9:65:68:da:fb:23:95:d5:57:c5:4d:1a:11:12:d4:dd:
b0:1a:d4:d9:0c:38:99:7a:05:b1:0f:cb:ad:7f:0a:d4:89:1e:
89:47:46:1f:db:ca:fd:95:9e:b0:61:c7:93:33:f0:f2:40:b4:
de:b3:0f:a6:b9:5d:a4:bc:c7:d4:68:84:94:4e:5e:bb:fd:b3:
d9:de:c4:d7:be:6f:3b:b3:b8:2f:12:62:30:64:96:76:37:ae:
24:8c:d0:de:fe:54:93:9a:a0:bd:63:28:88:c2:86:ee:4b:80:
0b:ae:e9:70:52:03:d0:80:c5:04:ba:67:08:09:8a:98:01:49:
f5:e2:89:55:69:2c:aa:1a:d9:5d:43:18:76:ab:5c:0f:01:92:
02:ef:c8:cb:bb:21:62:77:51:c9:df:f2:90:68:58:53:40:b9:
93:ca:88:c7:02:2c:7d:05:26:10:b1:09:bc:d0:81:0b:4d:cb:
c1:32:40:46
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUUEwrpA2IDOgWS7gYY2FEB/GSOo0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MDQxNTMwMjRaFw0yNjA4MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQGI3MzJkODMzMWQxZmY2MzhlYzhlMGI4ODhmZDdiOWZiMjkyNGI0NThmZDRm
ZTU3NzkzODM1ODdkNGEyZWYzOTUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJijy9UCwIriG3hXnlI2+msNR605osfpGrZ82v/a/Hfkr2AV5Vgm8l+2iZdw
yMVIZpw5hCcgETNp+yIjDn7SOOQZfycrYgsfWvc6hZkj1ukcyTr9ylpAxKGix6oX
zS3Dw1RkPFNmHzIq7u5L63r2MlbX2G8My6uyILV9Cx1XZJXnEhQYDJ7Ld+pmW8ts
BJBiarbizUnXsHPZbmk9XfjdsuMlJv2Cd5dOyQB+Ir2zcF63c80+S9t4WXpGoAKW
aQClMl6enE04e0IKFGzLzUryyMdVeA5R8myyQe4ocmV6kkrCWu4rgquloGUtXVJk
3lg+d37EvCqHQNTV3xaZadc9XQkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSvPU2i
F0h08yIcFMd0YM4EuEzaGzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NWYzMzJhNTMtYjhmYS00ZDYxLTllNWEtOWNhNGU1ODY1ODhkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAFOBMA0G
CSqGSIb3DQEBCwUAA4IBAQBFHBjNJxG9rRi4DMcowYcx+RS/mo1WmCNrFnzXCkW/
4l3/Nl09pffaOn4yRqaVl195cXh6dfbAFulwjEM7C+zX7a9WQci7ODqrJtllaNr7
I5XVV8VNGhES1N2wGtTZDDiZegWxD8utfwrUiR6JR0Yf28r9lZ6wYceTM/DyQLTe
sw+muV2kvMfUaISUTl67/bPZ3sTXvm87s7gvEmIwZJZ2N64kjNDe/lSTmqC9YyiI
wobuS4ALrulwUgPQgMUEumcICYqYAUn14olVaSyqGtldQxh2q1wPAZIC78jLuyFi
d1HJ3/KQaFhTQLmTyojHAix9BSYQsQm80IELTcvBMkBG
-----END CERTIFICATE-----
Generated at Tue May 12 23:13:35 2026 by rpki-client