Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/186c4a20-4025-4599-90c9-1eeb15cf6730.roa
File: 186c4a20-4025-4599-90c9-1eeb15cf6730.roa (raw, json)
Hash identifier: PROHvruEbWIV2IOKDvc2sNPDndtRO5tt/76PLr3g/hk=
Subject key identifier: D7:B1:14:93:86:1C:09:AC:5B:4A:8D:A2:5E:B6:6A:F9:6B:09:F8:7C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 601BDCA7A84C7722DA97162099794EA307C09D82
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/186c4a20-4025-4599-90c9-1eeb15cf6730.roa
Signing time: Wed 20 May 2026 00:50:05 +0000
ROA not before: Wed 20 May 2026 00:50:05 +0000
ROA not after: Tue 18 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.16.205.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:1b:dc:a7:a8:4c:77:22:da:97:16:20:99:79:4e:a3:07:c0:9d:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 00:50:05 2026 GMT
Not After : Aug 18 23:59:59 2026 GMT
Subject: serialNumber=e6ae7621fde6c89d17edbe396210382b0f4cf427da60e955883d7be8050ce1fd, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:b4:1e:85:98:13:a9:b4:be:ef:42:2b:a8:1e:
fe:81:08:0b:45:34:49:94:75:9c:ad:57:f7:87:69:
bf:76:4e:3a:dc:2d:5d:12:e9:72:6d:b1:86:3c:56:
f4:1a:f2:2e:4e:e8:54:bb:9f:f7:63:e9:49:9d:2a:
66:2c:2b:7b:c0:b3:01:d7:ac:43:f0:ee:b1:27:0a:
88:9d:93:f9:70:97:46:a7:dd:c2:cf:71:54:a7:e9:
e4:9e:9f:00:04:7c:30:cf:72:0c:05:8d:a2:bb:27:
23:d3:f1:69:b5:24:4f:cb:14:12:fe:ff:7c:05:4c:
a5:08:b2:e7:7a:1d:c6:f8:01:db:48:58:03:a5:01:
6b:0b:de:ff:41:07:62:9b:18:54:6a:f9:8e:d5:bb:
05:e8:b4:10:b8:62:70:d3:3e:c7:73:72:4d:7e:73:
11:2d:a6:c3:75:8c:16:95:3a:87:81:fd:be:47:63:
0d:dd:99:8d:6b:e1:83:ed:47:2e:a6:06:49:98:0c:
4d:15:65:14:0a:d9:29:f7:2e:9f:cf:fb:f9:4e:af:
5f:9f:ed:8d:ea:1c:e9:73:7c:6c:ae:45:f4:28:e9:
85:1e:bd:00:c7:89:0e:5e:6f:f1:7a:06:8a:1b:28:
35:71:5f:54:6e:33:c7:46:86:bd:f0:18:a8:e6:84:
68:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:B1:14:93:86:1C:09:AC:5B:4A:8D:A2:5E:B6:6A:F9:6B:09:F8:7C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/186c4a20-4025-4599-90c9-1eeb15cf6730.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.16.205.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:62:f9:38:28:09:7e:71:da:96:3b:87:70:56:ba:65:96:7e:
21:0b:05:a9:a9:7b:2a:47:d8:4d:28:6b:fe:95:e4:3e:09:58:
78:77:7d:48:f9:8d:b7:2b:71:c8:09:9e:93:cb:8d:40:17:f7:
e7:83:15:14:88:37:99:fc:d6:09:c5:ba:ca:9f:dd:85:9b:21:
9b:64:b0:b1:69:d3:29:fa:db:80:9c:fe:2c:67:19:05:bf:8f:
c3:95:23:75:9d:cc:61:f7:3a:88:b0:6d:6f:bc:00:d7:f2:4a:
0b:86:4f:23:5a:93:5d:b7:c1:4c:1d:a7:8a:e1:5a:c4:0a:bf:
0f:43:41:48:7e:2a:64:fb:ad:3d:f8:d8:14:c5:bf:e6:48:b6:
7c:d1:7b:72:9d:7f:ca:81:f8:ce:ca:cd:5f:ef:02:4b:ce:d4:
f9:b8:71:00:d4:96:56:ad:69:ff:aa:98:79:e8:03:79:0b:21:
e2:53:ea:c2:0e:40:21:01:b0:67:7f:35:af:55:0d:2f:e2:f4:
65:b3:54:56:9d:a3:34:4b:fe:a5:05:cb:4c:02:f0:72:ba:5b:
3c:4d:2a:18:be:64:5a:67:d6:a1:e3:ad:c3:06:87:d5:71:c4:
ec:82:13:0e:29:da:a6:d7:90:d8:9c:e2:22:40:84:48:4a:28:
e5:4e:d5:f0
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUYBvcp6hMdyLalxYgmXlOowfAnYIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MjAwMDUwMDVaFw0yNjA4MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQGU2YWU3NjIxZmRlNmM4OWQxN2VkYmUzOTYyMTAzODJiMGY0Y2Y0MjdkYTYw
ZTk1NTg4M2Q3YmU4MDUwY2UxZmQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALC0HoWYE6m0vu9CK6ge/oEIC0U0SZR1nK1X94dpv3ZOOtwtXRLpcm2xhjxW
9BryLk7oVLuf92PpSZ0qZiwre8CzAdesQ/DusScKiJ2T+XCXRqfdws9xVKfp5J6f
AAR8MM9yDAWNorsnI9PxabUkT8sUEv7/fAVMpQiy53odxvgB20hYA6UBawve/0EH
YpsYVGr5jtW7Bei0ELhicNM+x3NyTX5zES2mw3WMFpU6h4H9vkdjDd2ZjWvhg+1H
LqYGSZgMTRVlFArZKfcun8/7+U6vX5/tjeoc6XN8bK5F9CjphR69AMeJDl5v8XoG
ihsoNXFfVG4zx0aGvfAYqOaEaAsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTXsRST
hhwJrFtKjaJetmr5awn4fDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTg2YzRhMjAtNDAyNS00NTk5LTkwYzktMWVlYjE1Y2Y2NzMwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADMQzTAN
BgkqhkiG9w0BAQsFAAOCAQEAG2L5OCgJfnHaljuHcFa6ZZZ+IQsFqal7KkfYTShr
/pXkPglYeHd9SPmNtytxyAmek8uNQBf354MVFIg3mfzWCcW6yp/dhZshm2SwsWnT
KfrbgJz+LGcZBb+Pw5UjdZ3MYfc6iLBtb7wA1/JKC4ZPI1qTXbfBTB2niuFaxAq/
D0NBSH4qZPutPfjYFMW/5ki2fNF7cp1/yoH4zsrNX+8CS87U+bhxANSWVq1p/6qY
eegDeQsh4lPqwg5AIQGwZ381r1UNL+L0ZbNUVp2jNEv+pQXLTALwcrpbPE0qGL5k
WmfWoeOtwwaH1XHE7IITDinapteQ2JziIkCESEoo5U7V8A==
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:03:17 2026 by rpki-client