Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/51429a37-e3fd-4b49-a184-1e07ed522f97.roa
File: 51429a37-e3fd-4b49-a184-1e07ed522f97.roa (raw, json)
Hash identifier: TFzsGEcMXZfi024S+E/6tkoUzleFfPbJrBQJqsuKkG0=
Subject key identifier: 72:5C:37:44:E1:24:E3:D6:15:7F:FA:01:15:B7:69:83:EB:5C:23:FC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0BA14BBFBEFDB38D51AF137136F143444BEAC7D8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/51429a37-e3fd-4b49-a184-1e07ed522f97.roa
Signing time: Tue 19 May 2026 05:40:04 +0000
ROA not before: Tue 19 May 2026 05:40:04 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.3.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:a1:4b:bf:be:fd:b3:8d:51:af:13:71:36:f1:43:44:4b:ea:c7:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 05:40:04 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=100473b2e08dfa537ebb9b5782bab87fb310770e8a9c4d4911272c2a36eee580, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:d5:4d:c9:83:c2:ec:aa:28:1b:65:af:7c:9a:
33:47:33:61:7a:16:c8:51:c9:be:d0:a3:ef:e5:f6:
2d:02:e1:1a:ab:82:69:9c:b7:57:69:21:44:61:bc:
7a:a2:6b:2b:14:d1:9a:f7:b2:6f:3d:12:f6:2f:0e:
40:ad:33:1f:e2:90:fb:49:8d:ff:02:b6:ff:28:f1:
d8:06:78:c8:a2:c0:42:fb:e5:7f:41:1c:72:6e:f0:
2a:68:83:75:c2:93:1d:3e:0b:81:8b:25:cc:28:72:
29:93:34:fc:ea:4b:de:4c:31:bd:04:b8:14:e9:65:
11:55:61:e9:63:1e:3f:37:95:ae:54:85:94:3f:48:
d5:fc:6e:60:b1:f4:a9:9e:bf:ef:8f:16:5f:92:d5:
e6:64:bd:fd:aa:16:67:94:68:94:3a:3c:fb:b8:1b:
c2:e3:26:e8:7b:01:5f:0b:30:dd:50:df:07:98:40:
52:0b:8e:c2:b6:05:ac:59:ba:e2:04:85:57:48:fa:
43:84:b8:be:e7:cc:da:1e:7b:c4:e8:bc:84:9b:90:
ad:a6:48:eb:49:e9:ee:53:1f:d9:b3:f8:9e:62:9d:
12:68:67:24:3b:b5:76:6e:9d:be:10:7d:50:63:96:
d7:cc:a2:ab:4c:c6:2b:df:4a:6b:af:7a:f0:f7:06:
01:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:5C:37:44:E1:24:E3:D6:15:7F:FA:01:15:B7:69:83:EB:5C:23:FC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/51429a37-e3fd-4b49-a184-1e07ed522f97.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.3.0.0/16
Signature Algorithm: sha256WithRSAEncryption
45:b1:cb:73:2e:34:cc:02:0f:c5:fb:32:a1:c7:b1:d3:f6:2e:
cd:ad:ef:7c:9a:1a:39:37:e7:cc:fd:87:27:94:8d:88:68:92:
5e:92:0c:38:82:37:1f:50:cd:62:2e:0d:2f:db:ea:2e:13:27:
62:53:3c:0d:f1:7f:e6:d8:9d:fc:64:c3:ab:d6:58:df:57:00:
02:ae:8a:25:59:90:80:0d:2b:eb:8b:66:1c:fd:09:1b:23:95:
5e:a7:27:a0:a5:53:54:e5:fa:f6:6b:0f:c9:7e:4b:10:4f:86:
dc:1a:cb:e0:a6:cd:78:57:23:75:c0:31:7d:5a:a1:b7:f7:93:
e9:57:ff:94:bb:4e:d2:5b:6c:92:fc:3c:c7:ef:d3:cc:82:51:
ac:05:72:fa:7e:62:41:ad:9a:88:5d:a1:02:6c:1e:5c:ec:9e:
2c:37:95:1c:c3:06:e2:60:d4:4a:c0:97:b3:6d:46:73:5f:eb:
5f:48:a3:82:c5:1b:60:e4:fd:3b:20:37:c5:07:3f:03:78:39:
16:1b:55:7c:a3:fb:08:f0:86:95:b1:29:6c:aa:8d:db:a1:21:
ec:fe:fd:23:dd:14:e6:93:b8:4a:e3:b4:41:b5:6b:2f:8a:50:
9d:a3:19:18:ca:29:44:47:2f:dc:d8:2e:38:d7:c3:cc:42:63:
d3:52:9d:6a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUC6FLv779s41RrxNxNvFDREvqx9gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNTQwMDRaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDEwMDQ3M2IyZTA4ZGZhNTM3ZWJiOWI1NzgyYmFiODdmYjMxMDc3MGU4YTlj
NGQ0OTExMjcyYzJhMzZlZWU1ODAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKHVTcmDwuyqKBtlr3yaM0czYXoWyFHJvtCj7+X2LQLhGquCaZy3V2khRGG8
eqJrKxTRmveybz0S9i8OQK0zH+KQ+0mN/wK2/yjx2AZ4yKLAQvvlf0Eccm7wKmiD
dcKTHT4LgYslzChyKZM0/OpL3kwxvQS4FOllEVVh6WMePzeVrlSFlD9I1fxuYLH0
qZ6/748WX5LV5mS9/aoWZ5RolDo8+7gbwuMm6HsBXwsw3VDfB5hAUguOwrYFrFm6
4gSFV0j6Q4S4vufM2h57xOi8hJuQraZI60np7lMf2bP4nmKdEmhnJDu1dm6dvhB9
UGOW18yiq0zGK99Ka6968PcGAc0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRyXDdE
4STj1hV/+gEVt2mD61wj/DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTE0MjlhMzctZTNmZC00YjQ5LWExODQtMWUwN2VkNTIyZjk3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMDMA0G
CSqGSIb3DQEBCwUAA4IBAQBFsctzLjTMAg/F+zKhx7HT9i7Nre98mho5N+fM/Ycn
lI2IaJJekgw4gjcfUM1iLg0v2+ouEydiUzwN8X/m2J38ZMOr1ljfVwACroolWZCA
DSvri2Yc/QkbI5VepyegpVNU5fr2aw/JfksQT4bcGsvgps14VyN1wDF9WqG395Pp
V/+Uu07SW2yS/DzH79PMglGsBXL6fmJBrZqIXaECbB5c7J4sN5UcwwbiYNRKwJez
bUZzX+tfSKOCxRtg5P07IDfFBz8DeDkWG1V8o/sI8IaVsSlsqo3boSHs/v0j3RTm
k7hK47RBtWsvilCdoxkYyilERy/c2C4418PMQmPTUp1q
-----END CERTIFICATE-----
Generated at Sat Jun 13 07:58:47 2026 by rpki-client