Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e6379fd6-eaa8-4348-8280-afb9b8552668.roa
File: e6379fd6-eaa8-4348-8280-afb9b8552668.roa (raw, json)
Hash identifier: uSuJz9WETt040KHDce5CwODXUr16NjCaN0EIidzHoeM=
Subject key identifier: 4E:5E:0D:28:B8:83:7B:2D:39:92:16:5C:3D:B9:26:59:5C:89:5A:CF
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 74250FE9237A0F158AD60C4AD6A0F999419B8647
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e6379fd6-eaa8-4348-8280-afb9b8552668.roa
Signing time: Mon 27 Apr 2026 00:40:37 +0000
ROA not before: Mon 27 Apr 2026 00:40:37 +0000
ROA not after: Sun 26 Jul 2026 23:59:59 +0000
asID: 7224
IP address blocks: 83.118.228.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:25:0f:e9:23:7a:0f:15:8a:d6:0c:4a:d6:a0:f9:99:41:9b:86:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 27 00:40:37 2026 GMT
Not After : Jul 26 23:59:59 2026 GMT
Subject: serialNumber=5cf48a7b40c786938ec67c7ebb9cbac03af19d76d5f423b697cbbf9216d21210, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:5f:fd:ed:0b:ff:69:1d:c9:8e:d0:8c:07:35:
9c:a9:eb:36:71:60:e0:3a:0c:f3:8f:8f:7f:21:89:
e7:aa:a4:29:9f:be:65:6d:4d:25:73:7b:f5:05:13:
fb:78:c0:39:24:c3:34:1f:d6:b9:d3:9a:05:8f:b2:
71:76:de:96:0a:79:78:26:50:44:ec:66:55:46:cc:
1e:71:fc:a3:48:c9:a5:46:bf:33:ca:a9:1c:ce:81:
19:ca:6b:f5:4d:2e:18:9a:35:98:d2:21:c8:95:d7:
d3:bf:28:74:c9:df:7b:f8:9f:f8:3a:c0:ca:5f:b7:
c9:4c:7a:6e:92:51:d9:73:a8:9e:6c:e2:21:0f:9c:
f1:fa:d0:94:a2:19:a1:eb:8d:d6:1f:05:bc:75:5c:
f3:9f:38:5f:f1:df:f6:dc:ca:b6:ef:50:d1:af:cc:
e0:5a:f1:52:c2:c9:31:f9:1e:f8:d1:14:14:98:76:
11:36:71:bf:6f:16:d0:47:76:37:f9:7a:07:58:21:
a9:bc:10:15:a1:a8:d9:d3:f4:b2:42:ed:3a:03:6b:
3a:cb:96:a9:da:7a:09:d5:c9:a5:77:bf:94:c2:1b:
18:2f:6b:b0:42:78:2b:94:a8:b6:b5:f2:8e:d5:f4:
a9:21:ae:14:6c:aa:f6:9f:03:5a:8f:a2:0f:af:a1:
6f:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:5E:0D:28:B8:83:7B:2D:39:92:16:5C:3D:B9:26:59:5C:89:5A:CF
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e6379fd6-eaa8-4348-8280-afb9b8552668.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.118.228.0/22
Signature Algorithm: sha256WithRSAEncryption
c7:7b:b2:c7:9e:37:e9:ec:14:3d:15:80:e5:7f:ff:30:96:ad:
18:94:f6:f6:6e:b6:78:3c:7b:ef:d0:55:19:9a:97:61:9b:2e:
60:6e:bd:60:e2:1f:c8:bb:9d:89:79:35:d1:ea:d4:ee:04:33:
99:ad:f3:3e:80:f1:5c:88:e1:2b:35:ba:93:61:ae:9f:61:d4:
5f:30:16:3c:fc:f4:60:c1:d8:4e:65:1e:fe:02:71:0a:4a:bd:
a1:f8:96:9e:20:e5:d1:40:ea:db:85:c2:d3:c3:bd:16:21:01:
ae:aa:c1:1a:86:2f:6d:11:a6:e9:fe:2d:1b:1e:c5:c9:61:d4:
ae:20:a5:7a:e4:b9:6e:ac:c0:d0:cd:a3:8c:8a:ee:ef:df:cd:
e6:96:5c:94:11:4a:a9:97:0d:c0:5b:15:b7:c3:51:2f:ca:34:
18:bc:8f:8b:45:19:f1:89:8a:1e:ec:44:e9:71:65:af:e2:98:
cb:08:e4:66:85:2b:53:ef:08:2d:41:bd:9d:df:e7:f7:7b:d5:
b4:ac:1d:64:87:b7:af:cf:2b:8d:01:12:87:11:b4:82:d4:05:
ea:65:b8:5a:6c:00:e5:86:37:7c:5b:d8:45:f6:fd:91:22:21:
de:c5:12:4e:76:20:cf:5a:6d:5e:83:55:a5:2d:5a:8c:ee:cf:
77:32:09:70
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUdCUP6SN6DxWK1gxK1qD5mUGbhkcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA0MjcwMDQwMzdaFw0yNjA3MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDVjZjQ4YTdiNDBjNzg2OTM4ZWM2N2M3ZWJiOWNiYWMwM2FmMTlkNzZkNWY0
MjNiNjk3Y2JiZjkyMTZkMjEyMTAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOFf/e0L/2kdyY7QjAc1nKnrNnFg4DoM84+PfyGJ56qkKZ++ZW1NJXN79QUT
+3jAOSTDNB/WudOaBY+ycXbelgp5eCZQROxmVUbMHnH8o0jJpUa/M8qpHM6BGcpr
9U0uGJo1mNIhyJXX078odMnfe/if+DrAyl+3yUx6bpJR2XOonmziIQ+c8frQlKIZ
oeuN1h8FvHVc8584X/Hf9tzKtu9Q0a/M4FrxUsLJMfke+NEUFJh2ETZxv28W0Ed2
N/l6B1ghqbwQFaGo2dP0skLtOgNrOsuWqdp6CdXJpXe/lMIbGC9rsEJ4K5SotrXy
jtX0qSGuFGyq9p8DWo+iD6+hbzUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBROXg0o
uIN7LTmSFlw9uSZZXIlazzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTYzNzlmZDYtZWFhOC00MzQ4LTgyODAtYWZiOWI4NTUyNjY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlN25DAN
BgkqhkiG9w0BAQsFAAOCAQEAx3uyx5436ewUPRWA5X//MJatGJT29m62eDx779BV
GZqXYZsuYG69YOIfyLudiXk10erU7gQzma3zPoDxXIjhKzW6k2Gun2HUXzAWPPz0
YMHYTmUe/gJxCkq9ofiWniDl0UDq24XC08O9FiEBrqrBGoYvbRGm6f4tGx7FyWHU
riCleuS5bqzA0M2jjIru79/N5pZclBFKqZcNwFsVt8NRL8o0GLyPi0UZ8YmKHuxE
6XFlr+KYywjkZoUrU+8ILUG9nd/n93vVtKwdZIe3r88rjQEShxG0gtQF6mW4WmwA
5YY3fFvYRfb9kSIh3sUSTnYgz1ptXoNVpS1ajO7PdzIJcA==
-----END CERTIFICATE-----
Generated at Tue May 12 23:29:16 2026 by rpki-client