Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4eb66819-e335-446d-8ca8-7436f3cd196d.roa
File: 4eb66819-e335-446d-8ca8-7436f3cd196d.roa (raw, json)
Hash identifier: exdenURERfW3rou68JxWHP+ZFpCKiq4SPiMuQ4HvamU=
Subject key identifier: 2F:2F:7B:80:4F:80:DF:A8:38:DC:7E:41:F4:14:13:1C:59:9A:6A:CD
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 39A6159AE9D43A8AA124F92630612A0F1CBAAD53
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4eb66819-e335-446d-8ca8-7436f3cd196d.roa
Signing time: Tue 19 May 2026 05:50:10 +0000
ROA not before: Tue 19 May 2026 05:50:10 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 143.65.128.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:a6:15:9a:e9:d4:3a:8a:a1:24:f9:26:30:61:2a:0f:1c:ba:ad:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 05:50:10 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=837338979031912382162d003e7b87cc18875341de91203fe9aefb21a013b016, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:1c:71:9a:f1:20:e6:51:55:e5:16:4d:be:29:
f9:9c:f1:af:3c:06:73:ff:a8:cb:8c:4d:7e:22:07:
d1:08:8c:39:0c:0d:dd:cf:a5:6c:a6:4d:0a:77:50:
2b:d4:c4:70:40:25:e7:08:11:88:45:b5:1b:a8:12:
d2:0d:0e:94:4b:90:e1:e8:bd:73:31:fd:7f:e3:a8:
59:0f:5f:be:a8:c3:3e:ea:ea:de:7a:90:07:6d:00:
78:47:9d:5f:26:3c:37:3f:de:a7:df:e5:69:b5:c8:
08:2e:9d:5a:1f:59:52:e4:e4:b3:7e:37:39:36:b9:
7f:b8:b1:e1:79:fb:8b:57:09:ba:40:fa:9c:30:ed:
b0:6f:04:11:51:78:44:6d:b5:00:83:98:97:f8:72:
d9:e1:be:af:b9:6a:2f:52:bf:0b:5f:4f:ac:3c:fe:
9c:7f:e6:99:cf:2b:20:6b:3d:2b:30:25:23:86:6b:
19:bb:f2:d6:4e:57:b6:8b:1e:41:dd:6d:bb:19:80:
c2:e9:41:73:57:55:d7:03:8c:3d:64:7e:71:f8:23:
4c:3a:a4:0b:74:41:22:54:69:f5:5b:ac:12:c1:e4:
bf:4f:68:a6:1a:9c:50:db:e2:54:2d:81:80:0f:3a:
0b:49:74:27:75:eb:73:f1:34:fc:0f:53:e4:21:2e:
9a:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:2F:7B:80:4F:80:DF:A8:38:DC:7E:41:F4:14:13:1C:59:9A:6A:CD
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4eb66819-e335-446d-8ca8-7436f3cd196d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.65.128.0/18
Signature Algorithm: sha256WithRSAEncryption
9e:15:38:a0:f3:d9:f4:a8:ac:91:89:80:07:27:39:c2:f4:ea:
cd:4e:50:8f:ce:c9:9b:04:0b:d7:12:58:20:86:c3:68:9a:36:
ad:42:bc:9f:70:6c:a9:87:36:d3:f7:03:2a:0b:1b:8b:eb:c8:
18:45:0d:7f:4a:0d:2b:67:52:75:a3:7f:bb:31:c3:5f:57:af:
ac:a4:5b:ff:36:5d:08:f0:c2:60:36:b6:ba:75:6b:c2:c9:38:
c7:43:40:0f:81:7e:30:70:86:01:e7:5d:27:04:ee:5d:d3:c3:
19:a5:2e:b8:c5:f3:f4:f7:e8:ac:28:ef:3e:e1:f1:13:6b:4f:
b0:54:44:48:f1:f9:a6:b7:2c:7f:07:68:0c:48:df:3d:ca:be:
db:60:cb:c9:cf:b4:58:e6:73:88:4f:f3:20:46:96:86:30:da:
b5:10:b0:e0:0e:45:98:90:0e:36:b2:b5:c4:77:70:d7:43:dd:
64:c8:9c:f2:d9:0f:13:41:7e:6f:34:9a:6a:70:a5:b4:6d:b4:
a6:52:35:14:32:e5:73:b9:ce:1d:ce:19:79:8f:7a:f4:e0:5e:
ca:61:a8:d7:de:22:c6:90:d5:41:e8:f0:de:9c:d2:26:13:ab:
24:80:c7:2e:2a:bd:c2:f9:df:b3:1f:3a:ac:ad:c6:e7:7b:b5:
c5:f2:69:05
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUOaYVmunUOoqhJPkmMGEqDxy6rVMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNTUwMTBaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDgzNzMzODk3OTAzMTkxMjM4MjE2MmQwMDNlN2I4N2NjMTg4NzUzNDFkZTkx
MjAzZmU5YWVmYjIxYTAxM2IwMTYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPMccZrxIOZRVeUWTb4p+ZzxrzwGc/+oy4xNfiIH0QiMOQwN3c+lbKZNCndQ
K9TEcEAl5wgRiEW1G6gS0g0OlEuQ4ei9czH9f+OoWQ9fvqjDPurq3nqQB20AeEed
XyY8Nz/ep9/labXICC6dWh9ZUuTks343OTa5f7ix4Xn7i1cJukD6nDDtsG8EEVF4
RG21AIOYl/hy2eG+r7lqL1K/C19PrDz+nH/mmc8rIGs9KzAlI4ZrGbvy1k5Xtose
Qd1tuxmAwulBc1dV1wOMPWR+cfgjTDqkC3RBIlRp9VusEsHkv09ophqcUNviVC2B
gA86C0l0J3Xrc/E0/A9T5CEumiMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQvL3uA
T4DfqDjcfkH0FBMcWZpqzTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NGViNjY4MTktZTMzNS00NDZkLThjYTgtNzQzNmYzY2QxOTZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBo9BgDAN
BgkqhkiG9w0BAQsFAAOCAQEAnhU4oPPZ9KiskYmAByc5wvTqzU5Qj87JmwQL1xJY
IIbDaJo2rUK8n3BsqYc20/cDKgsbi+vIGEUNf0oNK2dSdaN/uzHDX1evrKRb/zZd
CPDCYDa2unVrwsk4x0NAD4F+MHCGAeddJwTuXdPDGaUuuMXz9PforCjvPuHxE2tP
sFRESPH5prcsfwdoDEjfPcq+22DLyc+0WOZziE/zIEaWhjDatRCw4A5FmJAONrK1
xHdw10PdZMic8tkPE0F+bzSaanCltG20plI1FDLlc7nOHc4ZeY969OBeymGo194i
xpDVQejw3pzSJhOrJIDHLiq9wvnfsx86rK3G53u1xfJpBQ==
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:11:51 2026 by rpki-client