Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/42efa1a8-f804-47c5-8a3d-6f3ea05e1a5b.roa
File: 42efa1a8-f804-47c5-8a3d-6f3ea05e1a5b.roa (raw, json)
Hash identifier: mAWycNCcXSwYGgvoNwmjGxjAaJaeXUUsZS7Mv7vuhoM=
Subject key identifier: 4D:CE:5A:FC:FB:73:2C:7B:9C:1C:0A:31:2B:04:0C:66:71:7D:5F:CF
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6A8206F4B28E7C356193ABDDCCC1987AD22437A3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/42efa1a8-f804-47c5-8a3d-6f3ea05e1a5b.roa
Signing time: Tue 19 May 2026 06:00:31 +0000
ROA not before: Tue 19 May 2026 06:00:31 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.164.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:82:06:f4:b2:8e:7c:35:61:93:ab:dd:cc:c1:98:7a:d2:24:37:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 06:00:31 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=5410d5f634af9baf489c8a0dfbe4a4c28de8f661e24975d4619270ce52bb42bd, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:a4:f4:70:88:8f:18:ce:09:d6:cf:cb:1e:33:
81:1d:2f:3b:c8:60:dc:ff:2c:06:43:52:58:cd:54:
30:9e:56:03:00:f7:2b:29:b2:b6:ca:ef:8c:21:2b:
b8:28:5e:00:e4:ad:08:3a:73:da:58:8a:ff:1f:5e:
1c:f5:4a:8a:e0:8c:23:87:96:45:86:f4:d6:af:ac:
48:b7:90:ae:ee:61:03:a3:c5:81:bc:29:bb:62:f7:
9d:36:74:93:1a:8a:18:17:3d:73:40:fd:e6:7b:7d:
20:eb:96:1c:f9:c9:fa:bc:99:15:15:99:b4:89:b3:
44:12:dc:8f:ac:13:c1:0e:6a:b3:36:be:28:16:c5:
69:01:d0:9d:bb:fa:0e:82:a0:5c:5e:ba:a0:5e:6b:
32:11:ff:b0:a6:c1:74:84:b5:4e:9f:57:f0:da:f7:
4c:84:52:39:21:b4:66:18:9e:4a:0f:f8:ab:6d:fb:
a9:ac:41:99:68:be:0b:5c:24:e2:16:9d:bb:e8:a6:
f6:b2:4b:73:0f:68:5a:6f:9c:c2:22:de:ea:db:00:
19:d5:44:8c:9d:38:c2:d4:d8:a3:27:06:b0:9e:10:
3c:b5:f1:2b:39:4c:98:93:96:b9:ad:e1:52:10:48:
20:6a:e1:4f:bb:68:5a:61:56:34:17:e2:32:36:54:
3c:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:CE:5A:FC:FB:73:2C:7B:9C:1C:0A:31:2B:04:0C:66:71:7D:5F:CF
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/42efa1a8-f804-47c5-8a3d-6f3ea05e1a5b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.164.0.0/15
Signature Algorithm: sha256WithRSAEncryption
c9:20:35:18:82:71:fb:d6:d7:a2:76:52:eb:9b:c2:dc:72:3f:
74:da:d4:20:37:0e:bd:78:54:93:07:6e:ac:be:6e:e3:51:d8:
2e:97:fa:8a:b0:a0:30:ef:ab:ff:b8:c6:a6:26:43:87:21:a9:
2d:ea:d8:e3:42:64:03:54:16:63:0b:f8:01:9a:27:c9:0d:bf:
f4:81:64:38:6b:19:e0:07:cd:88:15:31:80:d5:2b:8f:4c:d9:
2c:80:3c:29:55:bb:eb:16:62:a1:fa:a7:9d:56:d9:12:ab:d8:
3e:67:24:2b:0d:90:11:e5:5a:36:8f:e2:78:01:74:46:97:19:
41:e5:34:e6:86:16:0e:83:77:72:5e:f6:5c:c9:27:62:95:e1:
74:35:ff:58:6c:e0:bd:df:e8:d2:16:ab:7e:41:4e:e7:e5:d9:
4b:b9:aa:74:45:67:45:47:33:a2:e3:0f:8f:b9:fa:26:66:04:
77:fc:2b:f3:69:ab:1d:21:7a:a4:e0:7c:8f:f6:b4:f3:3d:46:
22:ad:28:5d:e5:35:c6:fd:5c:5f:f2:a4:17:1d:a0:35:f5:b5:
63:43:14:10:75:76:40:ec:64:7b:6a:a0:ce:7c:01:9c:24:96:
b7:74:3c:c7:ca:bc:b8:d8:8e:65:0b:46:04:00:f1:69:35:15:
82:69:7e:01
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUaoIG9LKOfDVhk6vdzMGYetIkN6MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNjAwMzFaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDU0MTBkNWY2MzRhZjliYWY0ODljOGEwZGZiZTRhNGMyOGRlOGY2NjFlMjQ5
NzVkNDYxOTI3MGNlNTJiYjQyYmQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMCk9HCIjxjOCdbPyx4zgR0vO8hg3P8sBkNSWM1UMJ5WAwD3KymytsrvjCEr
uCheAOStCDpz2liK/x9eHPVKiuCMI4eWRYb01q+sSLeQru5hA6PFgbwpu2L3nTZ0
kxqKGBc9c0D95nt9IOuWHPnJ+ryZFRWZtImzRBLcj6wTwQ5qsza+KBbFaQHQnbv6
DoKgXF66oF5rMhH/sKbBdIS1Tp9X8Nr3TIRSOSG0ZhieSg/4q237qaxBmWi+C1wk
4hadu+im9rJLcw9oWm+cwiLe6tsAGdVEjJ04wtTYoycGsJ4QPLXxKzlMmJOWua3h
UhBIIGrhT7toWmFWNBfiMjZUPDECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRNzlr8
+3Mse5wcCjErBAxmcX1fzzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDJlZmExYTgtZjgwNC00N2M1LThhM2QtNmYzZWEwNWUxYTViLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOkMA0G
CSqGSIb3DQEBCwUAA4IBAQDJIDUYgnH71teidlLrm8Lccj902tQgNw69eFSTB26s
vm7jUdgul/qKsKAw76v/uMamJkOHIakt6tjjQmQDVBZjC/gBmifJDb/0gWQ4axng
B82IFTGA1SuPTNksgDwpVbvrFmKh+qedVtkSq9g+ZyQrDZAR5Vo2j+J4AXRGlxlB
5TTmhhYOg3dyXvZcySdileF0Nf9YbOC93+jSFqt+QU7n5dlLuap0RWdFRzOi4w+P
ufomZgR3/CvzaasdIXqk4HyP9rTzPUYirShd5TXG/Vxf8qQXHaA19bVjQxQQdXZA
7GR7aqDOfAGcJJa3dDzHyry42I5lC0YEAPFpNRWCaX4B
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:24:50 2026 by rpki-client