Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/277d74fd-3101-4a9b-8f2a-9bfd9dc55230.roa
File: 277d74fd-3101-4a9b-8f2a-9bfd9dc55230.roa (raw, json)
Hash identifier: VVzXtanLUQqk/64i+PGxN8zqfc0Oq8Pvt7+iPALLeIs=
Subject key identifier: 8A:7D:48:2A:5C:C7:67:23:75:88:5D:C1:54:54:73:1E:06:0E:44:5B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1FFE631815BA9FB33795299F662BEF4E195608E1
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/277d74fd-3101-4a9b-8f2a-9bfd9dc55230.roa
Signing time: Thu 14 May 2026 01:40:06 +0000
ROA not before: Thu 14 May 2026 01:40:06 +0000
ROA not after: Wed 12 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.118.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:fe:63:18:15:ba:9f:b3:37:95:29:9f:66:2b:ef:4e:19:56:08:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 14 01:40:06 2026 GMT
Not After : Aug 12 23:59:59 2026 GMT
Subject: serialNumber=3d0e02d7a62c60a32c52577f4ccc232118ff9d2a72f5b209bb1428323e1e44e3, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:8a:96:83:33:b0:9e:72:ce:6d:23:d4:e4:25:
f3:c6:66:c7:d8:25:c2:55:cd:d4:87:32:ec:1f:4e:
d8:a8:e9:a4:aa:b8:96:50:0d:a8:1a:d2:37:32:54:
66:59:93:31:a2:9b:46:69:ee:f4:be:b2:a6:24:84:
ab:9b:de:39:e3:03:1f:05:76:08:7c:3d:5a:c5:15:
36:6e:39:0f:05:cb:71:8d:4a:3e:f9:5c:9c:4f:a5:
49:f8:ed:46:dd:91:e7:d8:e7:86:d8:56:c6:c3:64:
f9:94:01:b3:a3:f2:08:7b:6e:1b:db:b5:b1:04:94:
a5:19:46:00:69:16:18:fb:18:57:88:86:6e:93:44:
6c:f0:83:dc:66:2c:e3:9c:0b:a5:56:65:d0:b3:1e:
51:6f:b0:8b:f6:12:54:45:a6:63:ae:4e:f4:ca:d3:
a5:95:06:a1:59:50:c2:30:2d:c8:b0:62:87:a4:16:
93:70:c0:5f:75:f0:db:95:98:cb:58:f6:3c:93:87:
1d:cb:85:86:66:97:52:aa:65:37:9d:59:e6:72:c7:
4b:91:08:e8:1f:1e:a3:c5:af:6d:00:83:f4:9c:d7:
f6:2f:4a:0b:79:4c:af:ca:46:26:93:1a:21:f8:1e:
1d:9a:81:cf:8c:e7:de:24:9d:e0:cc:71:3c:5b:46:
a7:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:7D:48:2A:5C:C7:67:23:75:88:5D:C1:54:54:73:1E:06:0E:44:5B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/277d74fd-3101-4a9b-8f2a-9bfd9dc55230.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.118.0.0/16
Signature Algorithm: sha256WithRSAEncryption
42:11:24:6d:ab:a9:c3:19:df:86:47:9f:60:7b:95:c4:96:28:
9f:5e:13:7a:a6:e2:e7:fb:e2:f5:e8:b6:35:50:30:15:af:20:
e6:10:2d:fa:75:0b:ca:e3:8b:8c:1a:98:93:21:58:85:18:b2:
99:e0:fe:1e:ed:fd:f1:5e:40:01:d7:13:c7:45:08:36:08:b7:
ea:5a:41:40:b8:32:d8:31:33:96:4b:f5:c8:8f:42:d1:0d:f0:
53:07:88:c9:e3:f6:68:55:66:31:b4:2e:0d:e9:e4:1f:bf:c2:
54:c6:12:a5:ad:fa:be:26:49:27:dd:bb:23:3c:70:c9:17:29:
70:b5:9b:9c:0e:01:40:7e:b9:f3:67:81:8e:48:52:fa:57:5f:
1e:e3:77:8d:1c:67:2a:78:66:20:6f:11:e9:08:8d:de:1a:34:
31:9d:69:8f:0c:57:ba:c9:b2:09:6e:dd:6c:7a:d7:5f:0d:4c:
2a:9d:da:48:9a:4a:90:e8:89:d2:88:b5:09:1b:6b:75:0f:9c:
14:bb:bb:c3:b4:14:fa:a4:b0:e1:b1:19:a6:38:89:da:55:60:
49:57:8b:02:c8:e5:61:00:56:3c:3f:d7:51:bf:ca:29:ae:3f:
fc:ac:29:31:15:e3:fc:2c:48:21:2e:2f:e2:e6:da:4a:ba:3d:
24:d5:23:55
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUH/5jGBW6n7M3lSmfZivvThlWCOEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTQwMTQwMDZaFw0yNjA4MTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDNkMGUwMmQ3YTYyYzYwYTMyYzUyNTc3ZjRjY2MyMzIxMThmZjlkMmE3MmY1
YjIwOWJiMTQyODMyM2UxZTQ0ZTMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK6KloMzsJ5yzm0j1OQl88Zmx9glwlXN1Icy7B9O2KjppKq4llANqBrSNzJU
ZlmTMaKbRmnu9L6ypiSEq5veOeMDHwV2CHw9WsUVNm45DwXLcY1KPvlcnE+lSfjt
Rt2R59jnhthWxsNk+ZQBs6PyCHtuG9u1sQSUpRlGAGkWGPsYV4iGbpNEbPCD3GYs
45wLpVZl0LMeUW+wi/YSVEWmY65O9MrTpZUGoVlQwjAtyLBih6QWk3DAX3Xw25WY
y1j2PJOHHcuFhmaXUqplN51Z5nLHS5EI6B8eo8WvbQCD9JzX9i9KC3lMr8pGJpMa
IfgeHZqBz4zn3iSd4MxxPFtGp4sCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSKfUgq
XMdnI3WIXcFUVHMeBg5EWzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Mjc3ZDc0ZmQtMzEwMS00YTliLThmMmEtOWJmZDlkYzU1MjMwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN2MA0G
CSqGSIb3DQEBCwUAA4IBAQBCESRtq6nDGd+GR59ge5XEliifXhN6puLn++L16LY1
UDAVryDmEC36dQvK44uMGpiTIViFGLKZ4P4e7f3xXkAB1xPHRQg2CLfqWkFAuDLY
MTOWS/XIj0LRDfBTB4jJ4/ZoVWYxtC4N6eQfv8JUxhKlrfq+Jkkn3bsjPHDJFylw
tZucDgFAfrnzZ4GOSFL6V18e43eNHGcqeGYgbxHpCI3eGjQxnWmPDFe6ybIJbt1s
etdfDUwqndpImkqQ6InSiLUJG2t1D5wUu7vDtBT6pLDhsRmmOInaVWBJV4sCyOVh
AFY8P9dRv8oprj/8rCkxFeP8LEghLi/i5tpKuj0k1SNV
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:12:19 2026 by rpki-client