Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/286f881c-8fa0-4200-ada2-20a0cc49038e.roa
File: 286f881c-8fa0-4200-ada2-20a0cc49038e.roa (raw, json)
Hash identifier: X3sVgloqr7QRmvJ1J/xQFe8Do8PeD66sc05ZULP4fuY=
Subject key identifier: 38:E2:69:DC:7E:0D:18:8B:00:39:AA:F6:62:DF:B9:0D:22:F6:DE:EC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 039DED1A9DAABEECB348AE892584F9A6DF78728C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/286f881c-8fa0-4200-ada2-20a0cc49038e.roa
Signing time: Tue 19 May 2026 05:50:19 +0000
ROA not before: Tue 19 May 2026 05:50:19 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.166.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:9d:ed:1a:9d:aa:be:ec:b3:48:ae:89:25:84:f9:a6:df:78:72:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 05:50:19 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=ae0a73b39d0446adc235ad33d678944cd94ab7d4f3c6f422c892dc1b4698f0c3, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:26:51:14:2a:bd:1f:7d:59:4d:03:11:33:e8:
6e:bf:aa:ff:d2:17:a3:b0:b7:de:2f:0d:dc:f6:36:
47:8c:22:41:c2:84:c7:a4:3d:6b:0f:45:f5:e2:51:
39:dd:b3:bc:af:49:50:19:55:ab:ca:ad:46:d1:b1:
a8:66:78:ee:31:d0:87:58:a1:78:65:ec:03:28:3e:
ac:77:66:69:98:6e:76:a7:11:93:88:7f:c5:43:06:
bc:ba:0b:23:a1:49:fe:e0:93:2b:b5:d9:4d:1a:72:
00:c3:2b:a4:6b:f0:a8:e0:2f:cc:37:2b:9d:57:d6:
93:f1:c9:df:cd:55:5d:42:28:32:3c:1d:96:35:4b:
b9:bf:61:96:cc:66:d6:6f:86:18:ac:5a:e2:c2:ae:
f0:dd:34:7d:ed:21:f7:b3:b9:81:cc:29:dd:1b:d2:
96:35:a1:ec:ab:1d:ca:82:ad:62:6c:a8:b3:aa:4a:
d0:9f:29:45:52:c4:1d:31:aa:ae:7d:65:b9:0e:9f:
6f:bb:3d:4e:01:80:a0:d2:83:89:e3:2a:bc:2b:72:
a0:33:37:8a:ba:c4:a3:0a:76:e5:bb:57:17:21:2a:
bd:bc:2a:13:4c:09:cd:78:6f:01:ca:70:cf:c4:74:
b1:ec:dd:94:e5:30:d5:d9:e4:02:2c:cf:62:d4:18:
25:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:E2:69:DC:7E:0D:18:8B:00:39:AA:F6:62:DF:B9:0D:22:F6:DE:EC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/286f881c-8fa0-4200-ada2-20a0cc49038e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.166.0.0/15
Signature Algorithm: sha256WithRSAEncryption
4a:7b:d2:14:20:7f:71:69:b1:8b:ab:40:53:8b:5d:ca:8c:a2:
b6:67:06:eb:6c:ea:b6:2b:f5:48:5a:e0:dd:c0:87:ed:f0:68:
08:57:40:37:2a:93:91:f3:7c:4c:e2:6a:69:b3:5f:a4:ce:86:
76:ca:0c:ec:90:09:c3:a9:ad:5d:0d:fd:8e:32:90:55:4f:4e:
f8:27:52:eb:4f:ad:7c:08:3f:ee:b5:95:00:72:4c:3f:d2:59:
4e:7e:2a:9b:6d:86:72:41:02:7c:3a:f5:c2:fc:44:f1:47:79:
56:fa:fc:d1:76:ba:d2:28:90:8c:ec:ff:b0:e2:0c:14:00:07:
b8:fa:5d:88:4f:10:eb:f7:c1:08:27:22:48:4e:e1:07:c7:5f:
eb:d9:dc:83:24:ec:40:81:8a:41:77:18:18:39:e4:aa:af:d2:
bb:7b:97:69:9a:b1:42:cb:96:f3:0e:8c:81:14:8d:de:c6:1f:
8d:ce:7e:ff:2c:32:23:cd:a1:9a:f5:95:37:b0:64:62:b3:6c:
5c:a5:66:71:ea:19:00:7b:d0:f2:52:ff:1f:85:02:20:fc:72:
42:8d:3e:8b:d8:c9:b2:b8:47:27:83:3b:fe:6d:fc:63:3e:9d:
56:62:af:72:23:e9:cc:80:bd:77:2f:86:5b:92:ed:b0:47:bb:
96:24:36:5a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUA53tGp2qvuyzSK6JJYT5pt94cowwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNTUwMTlaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGFlMGE3M2IzOWQwNDQ2YWRjMjM1YWQzM2Q2Nzg5NDRjZDk0YWI3ZDRmM2M2
ZjQyMmM4OTJkYzFiNDY5OGYwYzMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANEmURQqvR99WU0DETPobr+q/9IXo7C33i8N3PY2R4wiQcKEx6Q9aw9F9eJR
Od2zvK9JUBlVq8qtRtGxqGZ47jHQh1iheGXsAyg+rHdmaZhudqcRk4h/xUMGvLoL
I6FJ/uCTK7XZTRpyAMMrpGvwqOAvzDcrnVfWk/HJ381VXUIoMjwdljVLub9hlsxm
1m+GGKxa4sKu8N00fe0h97O5gcwp3RvSljWh7KsdyoKtYmyos6pK0J8pRVLEHTGq
rn1luQ6fb7s9TgGAoNKDieMqvCtyoDM3irrEowp25btXFyEqvbwqE0wJzXhvAcpw
z8R0sezdlOUw1dnkAizPYtQYJaECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ44mnc
fg0YiwA5qvZi37kNIvbe7DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Mjg2Zjg4MWMtOGZhMC00MjAwLWFkYTItMjBhMGNjNDkwMzhlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOmMA0G
CSqGSIb3DQEBCwUAA4IBAQBKe9IUIH9xabGLq0BTi13KjKK2ZwbrbOq2K/VIWuDd
wIft8GgIV0A3KpOR83xM4mpps1+kzoZ2ygzskAnDqa1dDf2OMpBVT074J1LrT618
CD/utZUAckw/0llOfiqbbYZyQQJ8OvXC/ETxR3lW+vzRdrrSKJCM7P+w4gwUAAe4
+l2ITxDr98EIJyJITuEHx1/r2dyDJOxAgYpBdxgYOeSqr9K7e5dpmrFCy5bzDoyB
FI3exh+Nzn7/LDIjzaGa9ZU3sGRis2xcpWZx6hkAe9DyUv8fhQIg/HJCjT6L2Mmy
uEcngzv+bfxjPp1WYq9yI+nMgL13L4Zbku2wR7uWJDZa
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:13:21 2026 by rpki-client