Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3b67bb62-9bcf-4daa-99b5-5374c3285177.roa
File: 3b67bb62-9bcf-4daa-99b5-5374c3285177.roa (raw, json)
Hash identifier: Eepi/ER7Ogyox4Pj3WGhVBt4abeDN0QdbtY/01FAZZw=
Subject key identifier: 02:78:E0:8E:28:6B:98:3F:39:FD:DF:68:D4:42:2A:B3:C3:1B:45:8F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7D59ACC6D029911BDE381118EA627F6D2A6C4815
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3b67bb62-9bcf-4daa-99b5-5374c3285177.roa
Signing time: Tue 19 May 2026 06:00:11 +0000
ROA not before: Tue 19 May 2026 06:00:11 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.48.0.0/15 maxlen: 15
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:59:ac:c6:d0:29:91:1b:de:38:11:18:ea:62:7f:6d:2a:6c:48:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 06:00:11 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=33cb0bc9854725d32ee87b861e3742f4b78944d9f3c2e3dde4e7342cbe75fe52, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:25:02:d1:2b:44:d8:1f:b9:76:d0:5c:1b:af:
9d:50:db:4c:36:a7:df:a3:98:8b:ad:6c:72:7c:22:
9a:c4:94:51:3f:0e:51:f2:d0:ee:2e:7a:54:60:12:
ea:c4:c8:5d:ac:3d:16:16:1f:43:f1:fc:b4:f6:2a:
81:3b:86:e2:23:72:52:55:e0:cb:4c:4a:92:71:b3:
d7:72:4b:e8:e4:ba:6d:5b:be:96:c0:da:3f:2c:09:
b8:9d:91:e7:75:1e:f5:7c:41:6f:11:56:dd:17:9d:
7b:75:77:58:e0:7e:ce:21:8c:6e:2d:e3:9b:ab:34:
9d:0b:48:74:2b:ab:a5:3f:cb:2d:8d:ab:0c:b5:e6:
5a:54:c6:7c:96:46:42:9c:97:13:a3:3a:30:7e:40:
17:f0:4a:a0:dd:d5:37:57:3f:cf:f4:9d:a0:1c:5a:
3a:f4:24:98:c4:75:17:14:66:ed:c4:5c:a2:b9:0e:
38:5e:91:25:78:23:8b:35:b1:ab:72:e7:74:7c:af:
2a:c2:af:ef:6c:ba:8c:ab:81:22:bf:b3:0c:04:8c:
b1:24:b9:ec:73:d9:6d:c4:ed:f5:93:78:5f:5a:2c:
c1:ac:52:da:5e:9e:b2:72:db:ac:c1:52:da:ea:30:
19:cb:02:e0:30:7e:a4:f6:ed:a6:5d:55:78:66:a2:
56:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:78:E0:8E:28:6B:98:3F:39:FD:DF:68:D4:42:2A:B3:C3:1B:45:8F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3b67bb62-9bcf-4daa-99b5-5374c3285177.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.48.0.0/15
Signature Algorithm: sha256WithRSAEncryption
92:bf:72:7f:3f:10:7a:0b:d8:2a:ad:2d:82:de:f3:ea:d5:9b:
44:69:d8:c4:52:02:2b:12:05:1e:f1:7f:fa:38:87:48:74:78:
99:66:52:55:6c:4b:99:4a:36:97:6a:b2:a6:7e:1a:dc:77:de:
b5:b0:d8:82:ba:a5:53:6e:6c:13:26:35:d0:a4:30:df:b3:8d:
a7:23:38:34:b5:c2:c7:60:ca:5b:e3:82:c7:6e:81:47:37:08:
02:24:95:ce:ca:c2:75:fb:2b:ed:a0:dc:fc:6c:19:d4:00:0a:
34:5a:66:06:ef:f6:85:0a:6a:6f:59:b9:bb:44:63:a2:79:19:
2a:59:18:80:a7:b1:c1:1a:34:dc:71:ad:08:f7:e3:62:1e:b1:
2c:1e:f4:1b:cc:d7:80:b8:f4:d4:a4:ac:af:28:2b:2c:93:5f:
4f:c0:12:1b:0c:ec:c2:72:48:93:e3:71:57:8c:09:83:86:1e:
a7:3d:ed:4b:8d:64:21:d2:bd:01:27:13:c2:1a:51:55:80:b1:
82:b1:c4:15:27:08:b2:6f:ea:d2:ea:bf:ce:eb:65:d7:c2:f1:
7b:07:99:22:c8:ec:e8:16:87:80:84:aa:dd:fe:57:5d:fe:b1:
86:87:36:4d:14:61:3f:b4:e0:79:01:16:e2:26:fc:c8:fb:46:
ef:8d:fa:29
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUfVmsxtApkRveOBEY6mJ/bSpsSBUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNjAwMTFaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDMzY2IwYmM5ODU0NzI1ZDMyZWU4N2I4NjFlMzc0MmY0Yjc4OTQ0ZDlmM2My
ZTNkZGU0ZTczNDJjYmU3NWZlNTIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKIlAtErRNgfuXbQXBuvnVDbTDan36OYi61scnwimsSUUT8OUfLQ7i56VGAS
6sTIXaw9FhYfQ/H8tPYqgTuG4iNyUlXgy0xKknGz13JL6OS6bVu+lsDaPywJuJ2R
53Ue9XxBbxFW3Rede3V3WOB+ziGMbi3jm6s0nQtIdCurpT/LLY2rDLXmWlTGfJZG
QpyXE6M6MH5AF/BKoN3VN1c/z/SdoBxaOvQkmMR1FxRm7cRcorkOOF6RJXgjizWx
q3LndHyvKsKv72y6jKuBIr+zDASMsSS57HPZbcTt9ZN4X1oswaxS2l6esnLbrMFS
2uowGcsC4DB+pPbtpl1VeGaiVgUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQCeOCO
KGuYPzn932jUQiqzwxtFjzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
M2I2N2JiNjItOWJjZi00ZGFhLTk5YjUtNTM3NGMzMjg1MTc3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATMwMA0G
CSqGSIb3DQEBCwUAA4IBAQCSv3J/PxB6C9gqrS2C3vPq1ZtEadjEUgIrEgUe8X/6
OIdIdHiZZlJVbEuZSjaXarKmfhrcd961sNiCuqVTbmwTJjXQpDDfs42nIzg0tcLH
YMpb44LHboFHNwgCJJXOysJ1+yvtoNz8bBnUAAo0WmYG7/aFCmpvWbm7RGOieRkq
WRiAp7HBGjTcca0I9+NiHrEsHvQbzNeAuPTUpKyvKCssk19PwBIbDOzCckiT43FX
jAmDhh6nPe1LjWQh0r0BJxPCGlFVgLGCscQVJwiyb+rS6r/O62XXwvF7B5kiyOzo
FoeAhKrd/ldd/rGGhzZNFGE/tOB5ARbiJvzI+0bvjfop
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:00:08 2026 by rpki-client