Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/18d9a632-05fe-446e-aca9-1adb271dcda8.roa
File: 18d9a632-05fe-446e-aca9-1adb271dcda8.roa (raw, json)
Hash identifier: xlc057yCiba1FzPnPHsu1gKuCiPAwM/ChEzBl9ucrqI=
Subject key identifier: 8C:6B:60:F8:DA:0E:61:D5:BC:4B:6E:64:DF:8E:18:0D:91:CB:21:B4
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4E65653159787816D6C2FC3657AD69E8A6487E63
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/18d9a632-05fe-446e-aca9-1adb271dcda8.roa
Signing time: Tue 19 May 2026 06:00:49 +0000
ROA not before: Tue 19 May 2026 06:00:49 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.196.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:65:65:31:59:78:78:16:d6:c2:fc:36:57:ad:69:e8:a6:48:7e:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 06:00:49 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=3fd20cb42533628a57e01e080118ab4bcc2a68fa3082ee1b1c176e9f6bdd17bc, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:80:68:ab:1e:3e:0d:e0:10:d4:64:89:94:5a:
91:f6:b3:fa:94:3b:e9:9d:26:d1:74:ae:e8:d2:d9:
06:ab:05:69:fb:ca:42:f3:6a:85:4c:7a:bf:b1:0d:
98:b6:32:f4:ea:83:ed:16:c4:bd:26:ea:ae:74:31:
a2:9c:2c:e1:0a:77:09:c7:5d:87:7f:66:03:6a:9f:
4d:f8:71:4f:98:b3:a7:2a:b8:78:c7:fd:c4:03:6e:
23:5d:a6:8d:2b:9f:11:2d:bd:55:09:dd:fd:96:43:
76:06:19:85:8b:e1:0d:4e:35:30:8a:c8:f5:7f:03:
4c:bf:dc:5c:50:04:6b:c7:19:9f:52:b3:d5:84:4a:
16:8c:49:09:8f:b6:5a:97:27:7e:09:e9:5f:88:80:
cb:05:50:53:bd:b8:b9:92:49:71:c3:c4:a1:cc:c0:
7b:1e:0d:ae:ae:78:2a:5c:3f:fd:60:bb:5d:3e:bc:
cd:ed:15:02:2e:bb:cc:cf:9b:32:c3:68:43:6a:b8:
68:1e:7e:fa:b9:0c:4c:f6:d8:2f:f8:63:7e:18:5d:
69:21:ea:20:9d:08:60:26:9e:86:5a:05:10:bb:5f:
8d:a1:06:ae:1a:5d:b4:f1:8c:af:d5:6f:85:3b:96:
b3:e8:6a:c6:5d:78:4d:14:2c:ed:1a:eb:21:bf:ad:
d0:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:6B:60:F8:DA:0E:61:D5:BC:4B:6E:64:DF:8E:18:0D:91:CB:21:B4
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/18d9a632-05fe-446e-aca9-1adb271dcda8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.196.0.0/15
Signature Algorithm: sha256WithRSAEncryption
86:8a:f4:ec:1d:e1:f5:f3:2a:33:c4:d8:18:c8:2f:37:39:64:
bb:c3:23:d8:13:d6:56:6b:ea:10:7e:85:f5:3e:59:e9:b4:68:
84:c1:32:6b:bf:db:fe:6b:e8:bc:b3:73:50:1f:e8:99:b0:d4:
2a:92:b0:7b:6b:ba:5b:91:74:a4:09:0d:b4:34:5f:85:b5:2f:
8d:30:25:72:45:62:66:3c:1a:1b:6f:5a:1a:dc:85:5d:03:e4:
55:4c:95:8b:9f:11:60:80:4c:fc:a6:43:39:a1:9a:ad:8c:f5:
38:16:78:cd:05:a5:79:17:93:3c:67:b2:c1:a0:4c:07:ba:54:
22:db:93:f9:b8:8a:90:2b:bc:83:64:a6:6c:2a:9c:e6:4e:16:
f6:df:de:5d:e1:1a:ee:0e:6f:63:61:38:84:7a:78:d0:32:da:
88:25:88:ba:25:7b:d0:5d:f8:d4:b4:36:c6:c2:ff:b6:6a:8f:
2a:9e:5e:24:73:a6:c7:12:88:81:47:f6:44:f7:38:80:3c:4a:
0a:73:6c:99:72:88:8f:24:3a:37:13:ad:34:6b:bc:1b:aa:20:
e0:15:a9:17:f3:26:1a:a3:5f:05:1e:4c:38:d9:73:76:85:68:
b9:ec:1e:b1:29:0d:fa:31:bc:10:5a:4d:a5:ca:f3:6e:11:fa:
91:43:26:e1
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUTmVlMVl4eBbWwvw2V61p6KZIfmMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNjAwNDlaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDNmZDIwY2I0MjUzMzYyOGE1N2UwMWUwODAxMThhYjRiY2MyYTY4ZmEzMDgy
ZWUxYjFjMTc2ZTlmNmJkZDE3YmMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIyAaKsePg3gENRkiZRakfaz+pQ76Z0m0XSu6NLZBqsFafvKQvNqhUx6v7EN
mLYy9OqD7RbEvSbqrnQxopws4Qp3Ccddh39mA2qfTfhxT5izpyq4eMf9xANuI12m
jSufES29VQnd/ZZDdgYZhYvhDU41MIrI9X8DTL/cXFAEa8cZn1Kz1YRKFoxJCY+2
WpcnfgnpX4iAywVQU724uZJJccPEoczAex4Nrq54Klw//WC7XT68ze0VAi67zM+b
MsNoQ2q4aB5++rkMTPbYL/hjfhhdaSHqIJ0IYCaehloFELtfjaEGrhpdtPGMr9Vv
hTuWs+hqxl14TRQs7RrrIb+t0AcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSMa2D4
2g5h1bxLbmTfjhgNkcshtDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MThkOWE2MzItMDVmZS00NDZlLWFjYTktMWFkYjI3MWRjZGE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPEMA0G
CSqGSIb3DQEBCwUAA4IBAQCGivTsHeH18yozxNgYyC83OWS7wyPYE9ZWa+oQfoX1
PlnptGiEwTJrv9v+a+i8s3NQH+iZsNQqkrB7a7pbkXSkCQ20NF+FtS+NMCVyRWJm
PBobb1oa3IVdA+RVTJWLnxFggEz8pkM5oZqtjPU4FnjNBaV5F5M8Z7LBoEwHulQi
25P5uIqQK7yDZKZsKpzmThb2395d4RruDm9jYTiEenjQMtqIJYi6JXvQXfjUtDbG
wv+2ao8qnl4kc6bHEoiBR/ZE9ziAPEoKc2yZcoiPJDo3E600a7wbqiDgFakX8yYa
o18FHkw42XN2hWi57B6xKQ36MbwQWk2lyvNuEfqRQybh
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:13:18 2026 by rpki-client