Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bf3c19cc-7e74-4d47-9e2d-5bcee63041aa.roa
File: bf3c19cc-7e74-4d47-9e2d-5bcee63041aa.roa (raw, json)
Hash identifier: 9DSwQcgyLo9mJYjo707eFiG6xOCEidhkvR/GqJd0c1A=
Subject key identifier: 13:29:28:93:FA:1A:A0:51:C0:1F:86:4F:47:C5:35:35:A7:A4:C3:75
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 221A72C3F8A63C6CCCAB6C7D50A0D0A2DBE15118
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bf3c19cc-7e74-4d47-9e2d-5bcee63041aa.roa
Signing time: Mon 04 May 2026 15:30:21 +0000
ROA not before: Mon 04 May 2026 15:30:21 +0000
ROA not after: Sun 02 Aug 2026 23:59:59 +0000
asID: 14618
IP address blocks: 83.118.234.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:1a:72:c3:f8:a6:3c:6c:cc:ab:6c:7d:50:a0:d0:a2:db:e1:51:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 4 15:30:21 2026 GMT
Not After : Aug 2 23:59:59 2026 GMT
Subject: serialNumber=0f7306d667c1cf19340a0bde2bb7f96812254b062feaaa732bf8e9361ec5a3ec, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:d4:8b:2f:65:6e:0d:a0:63:32:4a:5c:19:0c:
bf:dd:56:0c:01:65:d6:9b:2d:9f:2e:aa:f2:28:f4:
9b:29:b8:0f:a4:ac:e4:cf:2c:c3:70:9e:02:58:3b:
f2:31:bb:35:5a:f6:96:d4:9e:60:df:28:ec:22:51:
ea:31:db:c1:af:70:93:7d:e2:80:7d:c0:65:f1:dc:
71:f8:75:df:16:28:37:e6:35:fc:22:6f:dc:80:73:
1c:56:91:2a:73:aa:74:ed:61:29:29:52:ce:75:29:
25:16:24:62:b0:cc:ef:36:d3:a3:d4:c0:b7:d5:aa:
e9:3b:57:b9:50:e7:2d:58:44:b4:42:a1:ae:f1:9d:
0d:df:26:6d:cc:25:e6:3b:27:24:9a:b3:93:ac:f1:
1e:4b:cb:fa:1b:6e:c8:de:1d:32:8f:fa:d0:d9:ea:
db:12:7a:9f:23:f7:9d:a8:72:bd:64:1a:5c:aa:ac:
65:cd:a3:55:1c:0b:f2:31:8f:7a:6f:d2:0c:eb:1c:
18:91:36:f2:32:fb:dc:1b:82:de:90:9b:47:0f:b8:
0a:b5:05:92:5c:57:33:e1:7b:d8:62:ab:f6:05:63:
78:38:af:c9:c5:8e:e2:0c:18:e4:58:67:77:84:58:
c6:e7:96:58:22:77:d2:82:0f:fe:57:d7:b4:73:66:
35:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:29:28:93:FA:1A:A0:51:C0:1F:86:4F:47:C5:35:35:A7:A4:C3:75
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bf3c19cc-7e74-4d47-9e2d-5bcee63041aa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.118.234.0/23
Signature Algorithm: sha256WithRSAEncryption
62:fa:a3:e5:a0:87:bd:08:d7:8d:43:12:64:12:44:2e:bc:7a:
99:7f:a2:13:c3:d5:87:16:5e:c0:3c:b4:88:25:4d:e6:c3:e5:
c9:fd:c4:ff:1f:67:1b:4e:75:77:ef:c0:54:e7:8b:07:5e:a3:
ff:75:16:fe:3b:cd:56:ab:c2:bb:11:5c:75:37:87:4c:30:7f:
d8:71:6e:92:15:3e:76:75:64:95:67:12:46:48:9c:53:fb:a2:
4e:e3:1e:1f:37:e4:d9:10:03:16:bd:7d:c7:aa:ea:78:c2:24:
fc:8d:d8:15:48:a5:04:96:ff:65:a2:b6:0e:33:e1:ee:0d:db:
3a:71:2d:0e:60:9f:96:1d:3b:b6:b9:0b:1c:24:54:3e:7a:e8:
5a:1f:f1:04:8b:49:e3:5d:4a:33:33:0d:ae:1d:aa:84:65:17:
07:3d:2c:e3:56:83:45:77:60:f4:48:29:ed:d6:e2:d5:a8:44:
be:e4:4f:1f:6d:1c:4a:61:b1:6d:b4:49:2e:06:00:89:ba:55:
58:59:d0:be:27:0c:a6:18:b3:94:d8:06:82:91:01:05:59:d0:
14:15:79:33:85:3e:df:5c:66:62:25:47:61:a7:72:fe:c1:a4:
6c:49:65:b3:82:7d:12:51:8e:3d:3d:3e:0c:8f:dd:ba:35:b7:
a6:bd:bb:9e
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUIhpyw/imPGzMq2x9UKDQotvhURgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MDQxNTMwMjFaFw0yNjA4MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDBmNzMwNmQ2NjdjMWNmMTkzNDBhMGJkZTJiYjdmOTY4MTIyNTRiMDYyZmVh
YWE3MzJiZjhlOTM2MWVjNWEzZWMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJfUiy9lbg2gYzJKXBkMv91WDAFl1pstny6q8ij0mym4D6Ss5M8sw3CeAlg7
8jG7NVr2ltSeYN8o7CJR6jHbwa9wk33igH3AZfHccfh13xYoN+Y1/CJv3IBzHFaR
KnOqdO1hKSlSznUpJRYkYrDM7zbTo9TAt9Wq6TtXuVDnLVhEtEKhrvGdDd8mbcwl
5jsnJJqzk6zxHkvL+htuyN4dMo/60Nnq2xJ6nyP3nahyvWQaXKqsZc2jVRwL8jGP
em/SDOscGJE28jL73BuC3pCbRw+4CrUFklxXM+F72GKr9gVjeDivycWO4gwY5Fhn
d4RYxueWWCJ30oIP/lfXtHNmNYcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQTKSiT
+hqgUcAfhk9HxTU1p6TDdTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YmYzYzE5Y2MtN2U3NC00ZDQ3LTllMmQtNWJjZWU2MzA0MWFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVN26jAN
BgkqhkiG9w0BAQsFAAOCAQEAYvqj5aCHvQjXjUMSZBJELrx6mX+iE8PVhxZewDy0
iCVN5sPlyf3E/x9nG051d+/AVOeLB16j/3UW/jvNVqvCuxFcdTeHTDB/2HFukhU+
dnVklWcSRkicU/uiTuMeHzfk2RADFr19x6rqeMIk/I3YFUilBJb/ZaK2DjPh7g3b
OnEtDmCflh07trkLHCRUPnroWh/xBItJ411KMzMNrh2qhGUXBz0s41aDRXdg9Egp
7dbi1ahEvuRPH20cSmGxbbRJLgYAibpVWFnQvicMphizlNgGgpEBBVnQFBV5M4U+
31xmYiVHYady/sGkbElls4J9ElGOPT0+DI/dujW3pr27ng==
-----END CERTIFICATE-----
Generated at Tue May 12 22:29:44 2026 by rpki-client