Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/21ed4032-a4d1-486a-97f8-a4eed91bb627.roa
File: 21ed4032-a4d1-486a-97f8-a4eed91bb627.roa (raw, json)
Hash identifier: fpdrL7CXmQCDmp5eHFCs/gIE5ol0hzb7kNT3gaRlrjQ=
Subject key identifier: 0B:AA:15:6B:06:4D:70:CC:C1:9C:37:6E:17:3A:B9:9B:04:D2:BA:11
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7F6221ADE1809AD784A79D2ADFDD01492053A62E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/21ed4032-a4d1-486a-97f8-a4eed91bb627.roa
Signing time: Tue 19 May 2026 05:50:38 +0000
ROA not before: Tue 19 May 2026 05:50:38 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 194.52.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:62:21:ad:e1:80:9a:d7:84:a7:9d:2a:df:dd:01:49:20:53:a6:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 05:50:38 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=2fd9101e849c336d8889f39acd7550a94573691ae560ccccac45c1ecea5ffc77, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ac:61:59:b4:38:20:be:a5:e2:60:b4:a7:f5:
9a:61:d9:91:c6:35:cd:73:09:3f:74:8a:75:2c:0d:
4a:c7:cd:be:c6:3c:00:82:12:e8:b1:dc:ec:03:3f:
72:14:43:f6:29:a3:f3:84:21:34:87:8c:17:12:34:
c3:d8:96:a9:2a:32:0d:8a:f4:5a:ea:7c:6d:17:57:
1d:4e:bc:8d:ed:a9:3c:ce:9c:38:17:f4:fd:ae:46:
ae:0b:b6:66:bd:bd:c7:c6:7f:ae:9c:34:23:49:b1:
29:ed:63:f7:b3:c6:5f:3f:a8:67:3d:7b:ac:58:73:
61:68:93:51:a6:8e:22:a8:b2:b1:d0:06:99:05:c2:
33:1c:08:03:04:72:80:ba:3a:e3:e4:5e:7c:c8:06:
c5:61:83:c8:df:cf:91:02:85:b5:4e:3e:32:78:1a:
64:10:68:a7:11:64:f2:d0:f5:9c:34:a0:16:60:cb:
03:ed:4d:65:2f:3e:ed:ae:bd:c1:8b:8a:70:ae:e5:
52:11:15:69:48:e8:e5:a6:67:ac:d7:91:a5:71:15:
24:86:7e:a5:9d:84:89:d8:ed:b2:18:15:d6:77:11:
c1:f8:70:3c:92:80:dd:e0:9e:21:d4:a4:42:d0:8b:
d7:a2:1f:e4:6f:a7:b4:5b:32:9d:67:47:f6:64:14:
e0:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:AA:15:6B:06:4D:70:CC:C1:9C:37:6E:17:3A:B9:9B:04:D2:BA:11
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/21ed4032-a4d1-486a-97f8-a4eed91bb627.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.52.0.0/16
Signature Algorithm: sha256WithRSAEncryption
64:c9:a7:1f:1d:66:66:62:32:0f:d7:37:4f:65:29:1b:2b:e0:
ca:9b:b4:26:3b:b4:e7:95:7d:d7:ea:05:a3:d1:0e:f2:26:a7:
34:a7:1d:91:b8:6e:b5:30:4c:c1:63:43:3f:ce:2b:36:96:05:
11:5d:71:be:48:c0:31:d2:fe:f9:89:dc:bd:47:0d:57:fc:8e:
e8:d0:fc:a8:bf:50:70:3a:55:94:b7:b0:1a:eb:71:a9:b5:4b:
c4:df:e8:ae:d1:15:0a:4b:96:5c:10:13:b8:fe:20:35:5b:2f:
3c:59:22:8d:4a:47:0f:be:5c:e5:69:fe:ba:2d:05:1a:c5:2d:
56:42:3c:d0:81:da:aa:df:76:39:25:7e:8c:86:32:dc:5e:75:
f5:c9:95:85:5b:81:37:ab:ca:8a:6a:42:aa:a9:0a:08:af:a6:
6f:01:80:f3:fe:9c:11:72:d8:4e:ea:24:d6:4a:3e:b5:1e:df:
94:11:cf:d4:c0:ba:ea:58:e7:c3:07:be:12:37:7b:a0:95:1b:
a6:a5:05:90:e9:61:12:59:65:db:92:a6:f5:e0:9c:90:d5:bb:
a4:eb:ee:b5:1b:3e:63:31:f0:52:90:eb:ea:ed:9b:f6:66:0e:
d7:23:db:78:02:42:b0:d2:89:f2:ff:d3:f2:68:27:64:d4:98:
41:a8:e8:38
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUf2IhreGAmteEp50q390BSSBTpi4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNTUwMzhaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDJmZDkxMDFlODQ5YzMzNmQ4ODg5ZjM5YWNkNzU1MGE5NDU3MzY5MWFlNTYw
Y2NjY2FjNDVjMWVjZWE1ZmZjNzcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK+sYVm0OCC+peJgtKf1mmHZkcY1zXMJP3SKdSwNSsfNvsY8AIIS6LHc7AM/
chRD9imj84QhNIeMFxI0w9iWqSoyDYr0Wup8bRdXHU68je2pPM6cOBf0/a5Grgu2
Zr29x8Z/rpw0I0mxKe1j97PGXz+oZz17rFhzYWiTUaaOIqiysdAGmQXCMxwIAwRy
gLo64+RefMgGxWGDyN/PkQKFtU4+MngaZBBopxFk8tD1nDSgFmDLA+1NZS8+7a69
wYuKcK7lUhEVaUjo5aZnrNeRpXEVJIZ+pZ2EidjtshgV1ncRwfhwPJKA3eCeIdSk
QtCL16If5G+ntFsynWdH9mQU4NECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQLqhVr
Bk1wzMGcN24XOrmbBNK6ETAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjFlZDQwMzItYTRkMS00ODZhLTk3ZjgtYTRlZWQ5MWJiNjI3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMI0MA0G
CSqGSIb3DQEBCwUAA4IBAQBkyacfHWZmYjIP1zdPZSkbK+DKm7QmO7TnlX3X6gWj
0Q7yJqc0px2RuG61MEzBY0M/zis2lgURXXG+SMAx0v75idy9Rw1X/I7o0Pyov1Bw
OlWUt7Aa63GptUvE3+iu0RUKS5ZcEBO4/iA1Wy88WSKNSkcPvlzlaf66LQUaxS1W
QjzQgdqq33Y5JX6MhjLcXnX1yZWFW4E3q8qKakKqqQoIr6ZvAYDz/pwRcthO6iTW
Sj61Ht+UEc/UwLrqWOfDB74SN3uglRumpQWQ6WESWWXbkqb14JyQ1buk6+61Gz5j
MfBSkOvq7Zv2Zg7XI9t4AkKw0ony/9PyaCdk1JhBqOg4
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:00:45 2026 by rpki-client