Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4f9d3c39-ae76-4f22-9df9-c6501acbcc84.roa
File: 4f9d3c39-ae76-4f22-9df9-c6501acbcc84.roa (raw, json)
Hash identifier: NGjILwIrBlEDYpXBHAcVjr6oEcao/VCf9VhokGQ9Bcc=
Subject key identifier: 7A:6E:3E:E7:A8:0B:9B:E3:CC:F2:43:BE:0F:58:57:1B:14:B3:B3:24
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5E4874B7835BE1D6C7B2CD94F82CA1D76504C51B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4f9d3c39-ae76-4f22-9df9-c6501acbcc84.roa
Signing time: Wed 20 May 2026 00:50:06 +0000
ROA not before: Wed 20 May 2026 00:50:06 +0000
ROA not after: Tue 18 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.88.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:48:74:b7:83:5b:e1:d6:c7:b2:cd:94:f8:2c:a1:d7:65:04:c5:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 00:50:06 2026 GMT
Not After : Aug 18 23:59:59 2026 GMT
Subject: serialNumber=c93343afe8fc2648ce466c8e9685a28284da8eb6bf0a8bc8c6c715a46d30aa08, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:15:f5:07:e8:ac:cd:14:b2:63:8c:5c:d2:8e:
86:f8:e9:df:1c:26:c4:eb:ec:a6:ea:89:ba:4b:40:
55:7e:25:65:a5:7c:54:c5:70:db:5b:c7:12:88:43:
92:20:68:36:92:e3:db:4b:6a:51:54:33:ed:ba:92:
09:bd:ba:b0:63:51:88:55:76:74:ab:fb:b7:98:98:
a6:af:a8:bf:5a:33:cb:62:87:64:4a:da:da:e5:e3:
0a:68:f3:b3:64:68:1d:da:f4:33:ec:f7:c2:31:4d:
23:a1:c2:97:8f:75:4e:4c:f9:26:8f:4e:69:6d:19:
cf:e7:d0:1b:71:62:c6:51:d6:b8:44:71:94:d6:bb:
51:20:bc:42:ad:6b:1c:14:6a:ed:b2:d5:1e:9d:a3:
0e:a1:d3:a5:28:7b:9f:5b:21:40:5e:81:cc:fe:26:
c1:df:66:37:7f:00:a0:25:36:fa:a3:a5:0a:51:20:
67:da:df:86:fd:f5:4d:9c:1b:71:df:6c:8b:2a:c8:
b2:f7:e9:5a:9e:29:72:30:71:41:59:11:6a:04:f0:
17:2d:e9:d0:3b:fb:5c:6b:cb:d8:d4:98:0d:fd:80:
c3:66:a5:5f:50:3a:4a:eb:6d:3d:aa:03:d9:b0:35:
76:67:68:37:88:2a:f5:93:c3:23:07:26:4e:1f:4e:
3f:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:6E:3E:E7:A8:0B:9B:E3:CC:F2:43:BE:0F:58:57:1B:14:B3:B3:24
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4f9d3c39-ae76-4f22-9df9-c6501acbcc84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.88.0/21
Signature Algorithm: sha256WithRSAEncryption
be:14:5e:13:3f:fa:13:b8:eb:76:dc:9c:e7:8a:29:59:b4:cb:
3e:2d:88:cc:18:32:66:99:61:10:3c:c6:3f:36:ef:17:27:05:
70:62:4d:d6:6a:93:83:fc:ce:8f:59:f2:73:92:63:14:58:61:
59:2f:1b:b3:67:a4:60:b2:61:35:8b:bc:c9:60:14:c9:1a:11:
b8:1a:4a:fa:3c:68:b8:21:ee:2b:a1:c6:2f:7f:43:be:9b:02:
09:03:d0:11:6d:15:06:d1:bb:78:32:c1:bb:c1:ee:8b:c8:bd:
3e:d6:47:57:4d:2b:9c:77:ab:c0:33:33:9e:25:70:41:e7:4c:
85:c4:a0:b2:55:87:1f:ce:bf:fe:2f:af:03:c3:04:de:71:b6:
83:ca:6e:ea:5a:21:89:2d:5b:27:46:b7:c6:c1:9e:69:19:b7:
e2:8b:f4:24:5c:56:cc:c3:00:be:2b:4d:cd:7c:11:ef:e4:43:
c8:b4:f1:45:40:50:8c:d8:1c:83:f9:c3:eb:af:1c:2e:8f:0b:
6e:6c:68:ed:f9:d7:ad:af:59:9c:3f:b3:0f:be:0e:60:2a:0c:
5a:a5:fb:be:02:64:7b:3d:76:48:71:95:b7:f7:15:9c:26:86:
0d:ee:e7:cc:1a:64:cf:bc:57:61:3e:2c:2a:c4:9b:cc:ed:5f:
df:a3:36:81
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUXkh0t4Nb4dbHss2U+Cyh12UExRswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MjAwMDUwMDZaFw0yNjA4MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQGM5MzM0M2FmZThmYzI2NDhjZTQ2NmM4ZTk2ODVhMjgyODRkYThlYjZiZjBh
OGJjOGM2YzcxNWE0NmQzMGFhMDgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALkV9QforM0UsmOMXNKOhvjp3xwmxOvspuqJuktAVX4lZaV8VMVw21vHEohD
kiBoNpLj20tqUVQz7bqSCb26sGNRiFV2dKv7t5iYpq+ov1ozy2KHZEra2uXjCmjz
s2RoHdr0M+z3wjFNI6HCl491Tkz5Jo9OaW0Zz+fQG3FixlHWuERxlNa7USC8Qq1r
HBRq7bLVHp2jDqHTpSh7n1shQF6BzP4mwd9mN38AoCU2+qOlClEgZ9rfhv31TZwb
cd9siyrIsvfpWp4pcjBxQVkRagTwFy3p0Dv7XGvL2NSYDf2Aw2alX1A6SuttPaoD
2bA1dmdoN4gq9ZPDIwcmTh9OP7kCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBR6bj7n
qAub48zyQ74PWFcbFLOzJDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NGY5ZDNjMzktYWU3Ni00ZjIyLTlkZjktYzY1MDFhY2JjYzg0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzMAWDAN
BgkqhkiG9w0BAQsFAAOCAQEAvhReEz/6E7jrdtyc54opWbTLPi2IzBgyZplhEDzG
PzbvFycFcGJN1mqTg/zOj1nyc5JjFFhhWS8bs2ekYLJhNYu8yWAUyRoRuBpK+jxo
uCHuK6HGL39DvpsCCQPQEW0VBtG7eDLBu8Hui8i9PtZHV00rnHerwDMzniVwQedM
hcSgslWHH86//i+vA8ME3nG2g8pu6lohiS1bJ0a3xsGeaRm34ov0JFxWzMMAvitN
zXwR7+RDyLTxRUBQjNgcg/nD668cLo8Lbmxo7fnXra9ZnD+zD74OYCoMWqX7vgJk
ez12SHGVt/cVnCaGDe7nzBpkz7xXYT4sKsSbzO1f36M2gQ==
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:10:14 2026 by rpki-client