Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/57870f13-82ea-4955-953f-742413b6a651.roa
File: 57870f13-82ea-4955-953f-742413b6a651.roa (raw, json)
Hash identifier: lq903TaNP7XX0QFvOEa+1UX+OJ5WSveQyPWZay8rics=
Subject key identifier: 56:8A:5F:70:50:55:4A:1A:45:AE:6E:AC:46:94:FA:B6:01:8F:1B:2D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0E5A1743F11735B2C591E9DF561798E8A0FF6B1C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/57870f13-82ea-4955-953f-742413b6a651.roa
Signing time: Wed 20 May 2026 00:50:06 +0000
ROA not before: Wed 20 May 2026 00:50:06 +0000
ROA not after: Tue 18 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a01:578::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:5a:17:43:f1:17:35:b2:c5:91:e9:df:56:17:98:e8:a0:ff:6b:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 00:50:06 2026 GMT
Not After : Aug 18 23:59:59 2026 GMT
Subject: serialNumber=f3b619b82ced8ac246e4f4687e27ffdc50964f3e43ed9ba6816d8cbc39bb68f4, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:04:ab:18:19:b4:34:d0:17:23:a9:0f:c7:06:
57:50:a8:04:de:80:cc:ad:de:3b:e5:69:0c:6e:c6:
a4:7b:fa:ad:8c:e5:0c:3e:b0:88:0d:96:d0:74:f9:
a2:81:82:a3:fa:4a:7d:a9:27:af:2e:c3:db:66:a4:
5f:06:ab:b3:07:73:37:2f:bf:32:e1:0a:f5:44:b1:
2d:eb:58:3d:a8:85:c8:15:57:6c:8a:a0:07:aa:5f:
cc:4c:6d:30:97:1f:76:81:a2:e6:02:aa:90:47:dd:
a9:e0:c4:5d:00:07:1e:24:aa:8e:c2:f4:6d:17:17:
dd:83:a9:41:a5:5b:bb:5c:7e:99:5d:7d:1d:a6:92:
3f:d1:69:d0:fd:ae:85:95:81:f3:d7:27:63:4b:29:
e3:4b:ae:47:98:06:f6:46:86:a6:7c:69:55:de:57:
34:bd:87:dd:8f:2b:8d:66:e8:db:dc:17:3d:04:17:
24:1b:63:01:cb:1e:08:93:65:58:a4:48:95:57:21:
36:94:57:67:bf:ea:a5:d3:26:d0:19:99:7e:f0:47:
1b:de:0c:68:e5:5e:05:97:66:66:f2:91:35:71:55:
7e:04:0c:a0:73:ae:87:9a:b4:eb:37:44:cc:f3:f7:
53:6e:f3:17:93:4c:04:6e:63:d0:59:92:f4:aa:4b:
62:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:8A:5F:70:50:55:4A:1A:45:AE:6E:AC:46:94:FA:B6:01:8F:1B:2D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/57870f13-82ea-4955-953f-742413b6a651.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578::/48
Signature Algorithm: sha256WithRSAEncryption
ba:f6:bc:95:74:c9:ac:47:55:8f:89:73:9b:2d:84:9f:2b:41:
b5:0f:65:22:be:81:fb:5d:91:c8:d5:17:bb:f1:b9:c6:e6:e4:
14:6c:41:b6:3c:e0:2e:2d:af:07:65:48:62:a9:18:be:d0:d7:
99:a8:9b:6f:aa:3b:67:6c:36:f2:35:e0:0d:a6:33:4c:05:a7:
5f:3d:36:29:00:ae:2c:f6:be:b1:43:3c:3c:b5:d7:5d:3c:28:
8a:e8:c5:ca:4b:a7:65:f7:91:dd:b5:23:1d:d5:94:ec:e1:c0:
e6:45:c4:6c:8a:a3:ba:62:3d:02:31:50:11:be:aa:cd:78:8c:
dd:87:e1:fb:eb:93:c8:26:f2:c7:8a:69:2b:73:d5:60:34:7f:
4a:0f:fc:e2:00:7c:7e:b6:5c:24:f9:b9:20:0a:35:87:a3:b6:
73:6a:1e:86:46:d8:e6:3d:04:bf:0c:0f:b8:f0:e8:4b:6d:15:
6d:67:23:f8:47:02:f7:ad:9c:97:f6:32:31:7b:0a:37:1d:0b:
8a:d6:ca:09:be:d6:85:5b:e8:9a:04:c5:1b:18:be:bf:39:8d:
a1:57:64:1c:2a:00:cd:55:49:d0:d1:a8:fd:1a:e7:3a:f3:e3:
89:36:e6:68:1f:60:01:24:2b:12:6c:17:d7:be:66:47:1d:b8:
5a:8a:63:4b
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUDloXQ/EXNbLFkenfVheY6KD/axwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MjAwMDUwMDZaFw0yNjA4MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQGYzYjYxOWI4MmNlZDhhYzI0NmU0ZjQ2ODdlMjdmZmRjNTA5NjRmM2U0M2Vk
OWJhNjgxNmQ4Y2JjMzliYjY4ZjQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ0EqxgZtDTQFyOpD8cGV1CoBN6AzK3eO+VpDG7GpHv6rYzlDD6wiA2W0HT5
ooGCo/pKfaknry7D22akXwarswdzNy+/MuEK9USxLetYPaiFyBVXbIqgB6pfzExt
MJcfdoGi5gKqkEfdqeDEXQAHHiSqjsL0bRcX3YOpQaVbu1x+mV19HaaSP9Fp0P2u
hZWB89cnY0sp40uuR5gG9kaGpnxpVd5XNL2H3Y8rjWbo29wXPQQXJBtjAcseCJNl
WKRIlVchNpRXZ7/qpdMm0BmZfvBHG94MaOVeBZdmZvKRNXFVfgQMoHOuh5q06zdE
zPP3U27zF5NMBG5j0FmS9KpLYtsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRWil9w
UFVKGkWubqxGlPq2AY8bLTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTc4NzBmMTMtODJlYS00OTU1LTk1M2YtNzQyNDEzYjZhNjUxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoBBXgA
ADANBgkqhkiG9w0BAQsFAAOCAQEAuva8lXTJrEdVj4lzmy2EnytBtQ9lIr6B+12R
yNUXu/G5xubkFGxBtjzgLi2vB2VIYqkYvtDXmaibb6o7Z2w28jXgDaYzTAWnXz02
KQCuLPa+sUM8PLXXXTwoiujFykunZfeR3bUjHdWU7OHA5kXEbIqjumI9AjFQEb6q
zXiM3Yfh++uTyCbyx4ppK3PVYDR/Sg/84gB8frZcJPm5IAo1h6O2c2oehkbY5j0E
vwwPuPDoS20VbWcj+EcC962cl/YyMXsKNx0LitbKCb7WhVvomgTFGxi+vzmNoVdk
HCoAzVVJ0NGo/RrnOvPjiTbmaB9gASQrEmwX175mRx24WopjSw==
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:15:24 2026 by rpki-client