Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/78e385a6-a7b8-4e63-8222-9119ad4d303f.roa
File: 78e385a6-a7b8-4e63-8222-9119ad4d303f.roa (raw, json)
Hash identifier: AVwuH5LCve2TZCUJAf9rFNJoJrTwLYlqF7b5b/g9O9U=
Subject key identifier: A3:30:51:8C:80:4F:D4:E8:3A:12:31:EF:70:D9:BA:3A:3B:DE:30:07
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 49E4C22F61A714D568C618BE9568588B46AEEBC2
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/78e385a6-a7b8-4e63-8222-9119ad4d303f.roa
Signing time: Thu 14 May 2026 01:40:06 +0000
ROA not before: Thu 14 May 2026 01:40:06 +0000
ROA not after: Wed 12 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.118.0.0/15 maxlen: 15
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:e4:c2:2f:61:a7:14:d5:68:c6:18:be:95:68:58:8b:46:ae:eb:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 14 01:40:06 2026 GMT
Not After : Aug 12 23:59:59 2026 GMT
Subject: serialNumber=b020d4db68a2a6951136aa048c8d6ce1b08ad13b68ad926128265f8232d09088, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:4d:49:71:fd:f8:99:da:5b:13:33:db:a8:9d:
1e:87:19:cc:9e:a3:51:31:66:0d:6c:8d:cb:c8:74:
ec:06:64:09:dc:ab:86:da:31:0a:d2:5e:2d:fb:b2:
e0:18:90:ad:09:c0:ac:0b:92:23:ef:13:d3:41:9d:
3b:f7:17:ad:35:f2:98:94:18:3c:33:bb:3e:13:81:
b6:f3:ea:d9:19:ee:ff:4d:64:d7:2c:b8:58:cc:af:
a9:8f:dd:2c:31:4a:cf:bb:f2:b3:f4:06:3a:6c:a6:
f5:a4:3a:53:b5:2a:c6:d9:3e:e3:f0:10:0d:fe:17:
c9:aa:56:3c:1b:b3:ae:a0:0f:40:0e:e7:40:57:5a:
47:bd:d4:ca:2d:a4:b5:13:42:fb:33:31:4d:91:89:
81:41:dd:3c:2f:57:0c:25:57:a1:17:08:97:d6:9f:
35:32:77:da:e5:e2:03:5f:f2:ed:79:56:d3:bf:6e:
6d:34:e3:8e:72:08:64:8e:d4:a8:b4:da:35:62:5c:
81:b4:5d:37:eb:44:15:a5:f5:45:0d:67:36:fc:0d:
79:f8:91:d2:99:03:18:55:64:17:06:6b:ef:2d:f2:
c6:9d:5a:92:ae:b2:64:8b:f7:a3:a3:ee:a5:ef:94:
f6:09:89:e6:92:32:3c:aa:02:d6:3d:52:e7:cb:82:
b2:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:30:51:8C:80:4F:D4:E8:3A:12:31:EF:70:D9:BA:3A:3B:DE:30:07
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/78e385a6-a7b8-4e63-8222-9119ad4d303f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.118.0.0/15
Signature Algorithm: sha256WithRSAEncryption
54:40:06:12:3a:93:01:0a:fe:51:2a:fe:e3:0f:87:7d:cf:39:
09:9b:4e:1e:47:54:1f:4c:47:c6:01:2e:0e:de:34:a9:80:26:
8b:b5:40:98:5d:7a:0d:a5:87:77:d4:8e:f5:b7:00:7b:ad:5b:
71:c5:a5:76:43:5e:14:ba:28:0c:74:cb:cf:98:83:2a:78:8a:
0f:a0:8e:87:99:2d:ae:8d:d0:92:35:64:e9:bc:52:67:56:f3:
cd:79:7e:ed:8f:b6:c9:ed:d4:42:53:43:1e:dc:67:3d:51:69:
9e:da:0a:13:58:8b:aa:1e:3b:71:64:a8:db:d6:c6:56:7f:4c:
49:a1:2c:87:70:ec:df:e4:0a:90:ee:60:ec:e9:fe:42:72:6a:
9b:93:6f:a1:4e:4e:bb:e3:3b:04:bb:f8:e5:f6:c5:9c:a0:85:
be:40:a3:6f:7a:9c:81:67:39:fd:5b:ed:40:e9:21:e9:6f:a4:
1e:da:f0:15:00:15:b9:3c:2b:24:05:a2:b5:0c:18:4a:1e:78:
d3:6b:db:61:6a:38:68:c0:7f:16:04:49:13:21:61:79:8f:46:
4d:da:c9:22:69:d8:93:db:fd:d0:36:e0:c7:9e:60:c9:10:af:
3b:be:0d:c1:b4:14:43:51:78:ef:8c:7e:6d:9d:c8:15:7c:37:
f6:81:9e:de
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUSeTCL2GnFNVoxhi+lWhYi0au68IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTQwMTQwMDZaFw0yNjA4MTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGIwMjBkNGRiNjhhMmE2OTUxMTM2YWEwNDhjOGQ2Y2UxYjA4YWQxM2I2OGFk
OTI2MTI4MjY1ZjgyMzJkMDkwODgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKBNSXH9+JnaWxMz26idHocZzJ6jUTFmDWyNy8h07AZkCdyrhtoxCtJeLfuy
4BiQrQnArAuSI+8T00GdO/cXrTXymJQYPDO7PhOBtvPq2Rnu/01k1yy4WMyvqY/d
LDFKz7vys/QGOmym9aQ6U7Uqxtk+4/AQDf4XyapWPBuzrqAPQA7nQFdaR73Uyi2k
tRNC+zMxTZGJgUHdPC9XDCVXoRcIl9afNTJ32uXiA1/y7XlW079ubTTjjnIIZI7U
qLTaNWJcgbRdN+tEFaX1RQ1nNvwNefiR0pkDGFVkFwZr7y3yxp1akq6yZIv3o6Pu
pe+U9gmJ5pIyPKoC1j1S58uCshkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSjMFGM
gE/U6DoSMe9w2bo6O94wBzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzhlMzg1YTYtYTdiOC00ZTYzLTgyMjItOTExOWFkNGQzMDNmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATN2MA0G
CSqGSIb3DQEBCwUAA4IBAQBUQAYSOpMBCv5RKv7jD4d9zzkJm04eR1QfTEfGAS4O
3jSpgCaLtUCYXXoNpYd31I71twB7rVtxxaV2Q14UuigMdMvPmIMqeIoPoI6HmS2u
jdCSNWTpvFJnVvPNeX7tj7bJ7dRCU0Me3Gc9UWme2goTWIuqHjtxZKjb1sZWf0xJ
oSyHcOzf5AqQ7mDs6f5Ccmqbk2+hTk674zsEu/jl9sWcoIW+QKNvepyBZzn9W+1A
6SHpb6Qe2vAVABW5PCskBaK1DBhKHnjTa9thajhowH8WBEkTIWF5j0ZN2skiadiT
2/3QNuDHnmDJEK87vg3BtBRDUXjvjH5tncgVfDf2gZ7e
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:03:56 2026 by rpki-client