Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4a35eec8-470f-4ad0-852b-9006065bbbb0.roa
File: 4a35eec8-470f-4ad0-852b-9006065bbbb0.roa (raw, json)
Hash identifier: 49enoGWZlxbaxFocdXjYn6Y00WxB5cke2IOQs0aITB8=
Subject key identifier: 11:49:D9:D1:35:F6:F6:C7:E1:DF:9E:6F:EF:9A:D5:50:14:B5:CB:3E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 599AF62661183A1670B2D00352C0E645F2330F92
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4a35eec8-470f-4ad0-852b-9006065bbbb0.roa
Signing time: Tue 19 May 2026 05:50:19 +0000
ROA not before: Tue 19 May 2026 05:50:19 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 14618
IP address blocks: 51.166.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:9a:f6:26:61:18:3a:16:70:b2:d0:03:52:c0:e6:45:f2:33:0f:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 05:50:19 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=f16484005bba34e463428318ee25b10381eba7c8cbd10264e8e9e15a9c1b9df0, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:0c:a6:fa:bd:c3:51:90:a0:d1:d1:a2:a1:cd:
60:49:cf:9a:54:59:70:40:d0:10:4a:e2:d6:68:31:
5d:0d:f4:d2:d4:0e:a0:fe:42:68:cc:8f:e8:0f:3b:
4b:81:f6:b6:56:49:8a:19:47:b6:8b:bd:ed:57:10:
59:fc:ce:37:ce:f5:5c:1e:6f:cb:36:ef:b4:7f:8c:
9e:7a:d8:64:54:70:f3:92:6a:85:d3:8c:4a:da:5f:
0c:8c:0c:c7:d6:d9:4e:f6:fc:f8:88:99:77:c8:8e:
69:f4:08:32:0f:dd:c0:c5:2d:fe:6e:9d:ea:3c:61:
8a:57:0a:80:3d:a4:98:fd:74:42:49:01:63:04:3c:
d1:ae:39:7a:8d:e0:b6:72:59:04:89:b4:bb:bd:a4:
41:39:d6:bd:75:88:ce:40:eb:0d:1e:f2:df:a4:bd:
79:6f:b9:cc:f9:ab:82:07:9e:fd:37:4e:39:9c:cc:
3a:88:ab:77:98:c7:2a:1b:46:3f:30:f7:6d:cd:4f:
37:d9:4d:3e:9d:4f:80:67:fb:47:91:d1:fa:1e:43:
76:08:51:85:31:ed:c3:d1:cd:21:fc:9f:cf:dd:93:
12:b6:05:43:62:f6:60:11:58:4e:05:99:63:5c:a5:
f7:51:a2:c2:e4:73:df:69:e8:db:06:6c:44:d2:18:
bd:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:49:D9:D1:35:F6:F6:C7:E1:DF:9E:6F:EF:9A:D5:50:14:B5:CB:3E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4a35eec8-470f-4ad0-852b-9006065bbbb0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.166.0.0/15
Signature Algorithm: sha256WithRSAEncryption
cd:7f:99:ea:a0:e8:a8:56:ca:a4:51:a4:3b:3a:cb:58:7e:58:
cb:ac:b5:fb:63:7e:e0:18:54:47:23:06:34:7f:b2:6e:bd:ad:
24:ae:df:48:bb:a6:9d:7f:dc:bd:65:ab:9a:99:f0:20:a6:ae:
4f:f8:8f:50:a7:af:24:e3:07:6d:e1:a9:a0:e6:8c:10:c8:d4:
c4:5f:03:88:0a:86:ec:e4:5d:6c:a5:db:8c:5a:ef:8d:ba:23:
c7:b3:e7:5c:6f:ef:38:9e:ed:dd:af:c6:e4:78:3c:75:0c:07:
83:91:33:e2:24:ad:31:c1:1e:da:96:8d:ac:11:fb:fe:58:31:
2a:56:d5:26:36:17:03:a1:83:0b:f2:85:8d:a9:f2:fb:29:5f:
4c:ee:c1:46:a1:24:29:b0:91:74:09:68:63:a6:0d:c7:45:1b:
54:0e:a8:d4:56:dd:72:d3:64:30:b6:25:b6:b0:b6:53:c5:ca:
7a:8e:e0:c7:24:0c:2f:a8:7e:bf:36:45:d5:73:e8:0f:25:31:
67:fb:07:62:df:ef:bd:dd:e8:ab:5f:65:d9:da:84:43:8c:8c:
08:52:9b:ae:16:48:54:63:6d:bd:9f:67:39:cc:34:32:e5:a0:
07:4d:4a:27:bd:5b:f7:c5:ce:2b:49:ab:cf:1a:d9:93:d7:d1:
c1:29:9a:08
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUWZr2JmEYOhZwstADUsDmRfIzD5IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNTUwMTlaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGYxNjQ4NDAwNWJiYTM0ZTQ2MzQyODMxOGVlMjViMTAzODFlYmE3YzhjYmQx
MDI2NGU4ZTllMTVhOWMxYjlkZjAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALUMpvq9w1GQoNHRoqHNYEnPmlRZcEDQEEri1mgxXQ300tQOoP5CaMyP6A87
S4H2tlZJihlHtou97VcQWfzON871XB5vyzbvtH+MnnrYZFRw85JqhdOMStpfDIwM
x9bZTvb8+IiZd8iOafQIMg/dwMUt/m6d6jxhilcKgD2kmP10QkkBYwQ80a45eo3g
tnJZBIm0u72kQTnWvXWIzkDrDR7y36S9eW+5zPmrggee/TdOOZzMOoird5jHKhtG
PzD3bc1PN9lNPp1PgGf7R5HR+h5DdghRhTHtw9HNIfyfz92TErYFQ2L2YBFYTgWZ
Y1yl91GiwuRz32no2wZsRNIYvWkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQRSdnR
Nfb2x+Hfnm/vmtVQFLXLPjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NGEzNWVlYzgtNDcwZi00YWQwLTg1MmItOTAwNjA2NWJiYmIwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOmMA0G
CSqGSIb3DQEBCwUAA4IBAQDNf5nqoOioVsqkUaQ7OstYfljLrLX7Y37gGFRHIwY0
f7Juva0krt9Iu6adf9y9ZauamfAgpq5P+I9Qp68k4wdt4amg5owQyNTEXwOICobs
5F1spduMWu+NuiPHs+dcb+84nu3dr8bkeDx1DAeDkTPiJK0xwR7alo2sEfv+WDEq
VtUmNhcDoYML8oWNqfL7KV9M7sFGoSQpsJF0CWhjpg3HRRtUDqjUVt1y02QwtiW2
sLZTxcp6juDHJAwvqH6/NkXVc+gPJTFn+wdi3++93eirX2XZ2oRDjIwIUpuuFkhU
Y229n2c5zDQy5aAHTUonvVv3xc4rSavPGtmT19HBKZoI
-----END CERTIFICATE-----
Generated at Sat Jun 13 06:43:58 2026 by rpki-client