Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fdb81a1b-3eea-4c1a-97f6-940966a0bde0.roa
File: fdb81a1b-3eea-4c1a-97f6-940966a0bde0.roa (raw, json)
Hash identifier: +J5v+28eruDEnOSVd1iKLAoHnHfS1kZFuq4nd/uPGOY=
Subject key identifier: 03:80:16:0D:B7:22:5D:04:2E:45:05:35:15:2A:55:07:8E:D3:58:4A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 060DF9B88718859D3051133274F32D789C4E9A23
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fdb81a1b-3eea-4c1a-97f6-940966a0bde0.roa
Signing time: Fri 08 May 2026 00:01:03 +0000
ROA not before: Fri 08 May 2026 00:01:03 +0000
ROA not after: Thu 06 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 83.119.128.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:0d:f9:b8:87:18:85:9d:30:51:13:32:74:f3:2d:78:9c:4e:9a:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 8 00:01:03 2026 GMT
Not After : Aug 6 23:59:59 2026 GMT
Subject: serialNumber=723fff31d94655210b4c40d100ccf96628bafd525098f503cbd02c528e0adb7f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:a6:44:ed:a4:3d:8f:71:21:e3:1c:9b:b4:43:
d0:f2:50:d5:e6:23:31:36:9b:ba:51:eb:4e:eb:93:
7a:a8:b5:04:b7:10:46:65:87:a6:7b:2a:f1:8b:25:
cd:28:b6:b6:61:0a:90:b6:2c:7c:56:ab:b9:ce:b0:
83:3c:d5:cb:cb:99:84:8c:f3:7b:b8:d9:4d:fe:a5:
61:52:df:4e:8a:97:fe:68:90:5c:ed:47:22:c0:9c:
b5:a9:71:f7:92:b4:5e:45:8e:45:c9:18:79:9d:e7:
18:a6:af:82:b3:21:ce:21:cc:7a:00:9b:79:ce:7a:
4b:0f:0e:1d:0a:6f:10:ea:f6:1c:fd:89:45:c6:5d:
16:73:d3:c1:f1:9f:9a:ec:df:23:61:89:a2:96:e6:
2c:6d:3d:46:ef:7b:a9:28:2b:9e:c0:f2:4c:41:13:
a7:cf:49:c3:20:49:e8:6a:94:87:b3:10:66:5a:fa:
f1:fb:b0:c7:9c:05:c6:f1:d8:5f:65:f6:d1:f5:72:
ee:a4:ab:a1:74:51:4d:76:c7:75:6e:4b:ce:50:41:
d9:b3:c7:d3:8c:e9:50:f5:f1:52:c1:da:c0:97:8a:
ff:a4:48:91:aa:3b:aa:49:a0:c2:cf:78:3a:9a:2b:
c0:fa:2c:5a:f1:91:2e:4b:a1:e7:49:5d:80:3f:15:
7f:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:80:16:0D:B7:22:5D:04:2E:45:05:35:15:2A:55:07:8E:D3:58:4A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fdb81a1b-3eea-4c1a-97f6-940966a0bde0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.119.128.0/19
Signature Algorithm: sha256WithRSAEncryption
1a:6b:61:f8:1c:f4:e2:bc:c6:5e:ed:b2:2c:39:26:8c:c0:26:
55:fe:7f:1d:e1:5a:75:61:37:7c:22:1c:46:69:c6:85:72:db:
04:79:e5:38:fe:7d:ce:03:b5:83:44:1b:d2:6a:32:3e:b1:43:
74:ed:0c:e0:99:1c:d0:a0:67:d7:94:6c:fa:43:ab:8c:85:c2:
91:e8:49:e0:41:29:bf:a1:47:ab:4a:62:14:8c:fa:1b:20:f8:
e1:ac:8b:60:df:28:8c:44:88:f3:84:bc:26:9b:f5:06:d9:8b:
b4:b7:5e:8e:1f:a2:c2:09:83:ea:fd:52:9f:ea:f1:1d:38:b1:
cf:98:83:41:77:15:29:8e:f8:dc:58:2e:47:4d:34:64:13:73:
d5:99:95:00:08:cc:dc:c7:65:ea:29:c0:3a:02:73:a7:6d:43:
08:37:d5:8e:6b:14:a2:39:16:6d:76:da:02:5a:1d:68:63:81:
ac:51:d2:2c:90:e3:d2:10:ef:0e:5c:b2:c8:16:00:14:7a:19:
f9:2f:76:76:e9:49:3a:ec:6a:b0:88:9f:2d:7e:6e:6a:5a:3b:
45:b5:b5:2f:8f:81:00:1e:16:7f:2a:d5:a2:ff:b3:18:5b:1a:
81:1f:1b:7c:34:fe:a9:ab:21:89:53:0b:1c:e1:dc:98:de:ee:
3e:12:f4:0f
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUBg35uIcYhZ0wURMydPMteJxOmiMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MDgwMDAxMDNaFw0yNjA4MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDcyM2ZmZjMxZDk0NjU1MjEwYjRjNDBkMTAwY2NmOTY2MjhiYWZkNTI1MDk4
ZjUwM2NiZDAyYzUyOGUwYWRiN2YxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJumRO2kPY9xIeMcm7RD0PJQ1eYjMTabulHrTuuTeqi1BLcQRmWHpnsq8Ysl
zSi2tmEKkLYsfFaruc6wgzzVy8uZhIzze7jZTf6lYVLfToqX/miQXO1HIsCctalx
95K0XkWORckYeZ3nGKavgrMhziHMegCbec56Sw8OHQpvEOr2HP2JRcZdFnPTwfGf
muzfI2GJopbmLG09Ru97qSgrnsDyTEETp89JwyBJ6GqUh7MQZlr68fuwx5wFxvHY
X2X20fVy7qSroXRRTXbHdW5LzlBB2bPH04zpUPXxUsHawJeK/6RIkao7qkmgws94
OporwPosWvGRLkuh50ldgD8Vf+cCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQDgBYN
tyJdBC5FBTUVKlUHjtNYSjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmRiODFhMWItM2VlYS00YzFhLTk3ZjYtOTQwOTY2YTBiZGUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBVN3gDAN
BgkqhkiG9w0BAQsFAAOCAQEAGmth+Bz04rzGXu2yLDkmjMAmVf5/HeFadWE3fCIc
RmnGhXLbBHnlOP59zgO1g0Qb0moyPrFDdO0M4Jkc0KBn15Rs+kOrjIXCkehJ4EEp
v6FHq0piFIz6GyD44ayLYN8ojESI84S8Jpv1BtmLtLdejh+iwgmD6v1Sn+rxHTix
z5iDQXcVKY743FguR000ZBNz1ZmVAAjM3Mdl6inAOgJzp21DCDfVjmsUojkWbXba
AlodaGOBrFHSLJDj0hDvDlyyyBYAFHoZ+S92dulJOuxqsIifLX5ualo7RbW1L4+B
AB4WfyrVov+zGFsagR8bfDT+qashiVMLHOHcmN7uPhL0Dw==
-----END CERTIFICATE-----
Generated at Tue May 12 23:14:02 2026 by rpki-client