Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/795bae65-e494-4497-8c64-6c78c5a4b388.roa
File: 795bae65-e494-4497-8c64-6c78c5a4b388.roa (raw, json)
Hash identifier: t9yAkArQr+FqdQSH18wN0eI46PGkuS3DjOL3JJr+rsE=
Subject key identifier: E2:7A:F0:DA:37:14:1B:F6:8A:28:80:4F:21:7E:29:75:10:90:88:9B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 678F19257E06366A6A885B407AAD1327A3450934
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/795bae65-e494-4497-8c64-6c78c5a4b388.roa
Signing time: Wed 20 May 2026 00:50:09 +0000
ROA not before: Wed 20 May 2026 00:50:09 +0000
ROA not after: Tue 18 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.104.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:8f:19:25:7e:06:36:6a:6a:88:5b:40:7a:ad:13:27:a3:45:09:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 00:50:09 2026 GMT
Not After : Aug 18 23:59:59 2026 GMT
Subject: serialNumber=a974d36840aee62dd7844bd8174d04251920411a6a7f30aeae1511484f4f772e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:9e:59:4e:96:bb:b7:d3:f6:73:dd:13:5d:7e:
43:e9:10:82:29:fa:c2:8b:2c:f5:5c:df:f4:e4:48:
32:87:85:ea:3e:f0:08:0a:00:f2:65:ff:0d:59:2e:
23:be:f3:5e:42:87:7e:97:7e:8a:c6:00:a3:e6:45:
2a:4e:0a:e4:8b:29:82:8c:f7:46:53:84:d1:89:47:
a9:7d:76:14:b8:bd:58:5a:7f:61:fb:ce:26:c1:7a:
6d:81:cb:69:69:91:d2:a4:c1:2d:73:46:f5:0f:47:
ee:22:a9:f6:c1:ad:fb:bf:5a:b5:5c:d4:a6:26:2f:
ea:28:b3:9a:b5:56:97:5e:93:c3:35:03:14:a9:bf:
db:bc:45:ca:58:60:e0:06:b2:9c:7f:cc:62:9b:cb:
8f:10:00:02:65:10:41:12:78:0e:05:ce:88:81:93:
74:16:57:b3:cd:58:4f:80:e1:52:10:9c:55:31:c3:
e3:35:49:90:18:71:93:d5:92:43:c5:4a:77:d8:75:
43:4d:35:7f:08:65:a8:43:2a:57:23:83:ee:0f:56:
08:40:17:c6:94:7c:f0:aa:b0:68:c8:93:ee:ed:01:
f2:34:c6:c9:54:f0:b2:83:ca:0e:83:e7:e9:05:8c:
ab:5c:de:2c:f1:21:30:84:f1:bf:71:2d:a9:b4:4b:
dc:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:7A:F0:DA:37:14:1B:F6:8A:28:80:4F:21:7E:29:75:10:90:88:9B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/795bae65-e494-4497-8c64-6c78c5a4b388.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.104.0/21
Signature Algorithm: sha256WithRSAEncryption
cb:bc:a3:cb:a0:32:c1:30:eb:12:63:af:b3:57:ed:83:6b:83:
86:81:8f:b6:b6:35:9e:29:53:b1:11:56:e2:45:91:97:83:eb:
f6:8a:3a:2c:e5:7c:8f:a7:84:a0:93:5d:df:3c:c5:6e:9d:0e:
cd:78:c7:66:bb:69:e1:03:5a:3c:be:58:41:be:97:49:0b:85:
b5:49:d3:19:74:3e:98:fa:f3:60:02:35:f2:c0:7f:c9:5d:e0:
d5:94:e7:20:ed:24:7f:1e:61:3e:0c:1f:8c:82:23:48:f0:b9:
c4:3f:c6:d4:c0:e9:06:92:85:2a:bf:b5:d0:e3:fe:e7:e7:d8:
9a:9e:35:de:46:b0:b7:3a:65:1b:8d:4f:58:92:af:2b:67:ad:
2e:ae:dc:c8:29:b2:f1:22:a6:c4:ad:74:92:77:cc:db:7f:5d:
f7:7c:ef:47:c4:09:e8:b7:98:f8:e9:24:e2:e2:27:4d:54:3a:
55:3f:89:f6:cb:dc:8e:3d:db:39:87:ea:bc:12:53:4a:fe:f6:
86:26:bc:80:77:e6:65:36:93:dd:a2:56:1f:fe:4c:b8:21:23:
c8:c0:dc:32:ff:af:2f:34:10:7f:a9:18:d5:2b:5e:f5:25:ae:
ba:81:f3:cb:bf:67:d4:3e:18:d1:c2:cd:37:89:ea:21:36:e6:
f9:4c:a0:40
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUZ48ZJX4GNmpqiFtAeq0TJ6NFCTQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MjAwMDUwMDlaFw0yNjA4MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQGE5NzRkMzY4NDBhZWU2MmRkNzg0NGJkODE3NGQwNDI1MTkyMDQxMWE2YTdm
MzBhZWFlMTUxMTQ4NGY0Zjc3MmUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI+eWU6Wu7fT9nPdE11+Q+kQgin6woss9Vzf9ORIMoeF6j7wCAoA8mX/DVku
I77zXkKHfpd+isYAo+ZFKk4K5Ispgoz3RlOE0YlHqX12FLi9WFp/YfvOJsF6bYHL
aWmR0qTBLXNG9Q9H7iKp9sGt+79atVzUpiYv6iizmrVWl16TwzUDFKm/27xFylhg
4AaynH/MYpvLjxAAAmUQQRJ4DgXOiIGTdBZXs81YT4DhUhCcVTHD4zVJkBhxk9WS
Q8VKd9h1Q001fwhlqEMqVyOD7g9WCEAXxpR88KqwaMiT7u0B8jTGyVTwsoPKDoPn
6QWMq1zeLPEhMITxv3EtqbRL3AcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTievDa
NxQb9ooogE8hfil1EJCImzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Nzk1YmFlNjUtZTQ5NC00NDk3LThjNjQtNmM3OGM1YTRiMzg4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzMAaDAN
BgkqhkiG9w0BAQsFAAOCAQEAy7yjy6AywTDrEmOvs1ftg2uDhoGPtrY1nilTsRFW
4kWRl4Pr9oo6LOV8j6eEoJNd3zzFbp0OzXjHZrtp4QNaPL5YQb6XSQuFtUnTGXQ+
mPrzYAI18sB/yV3g1ZTnIO0kfx5hPgwfjIIjSPC5xD/G1MDpBpKFKr+10OP+5+fY
mp413kawtzplG41PWJKvK2etLq7cyCmy8SKmxK10knfM239d93zvR8QJ6LeY+Okk
4uInTVQ6VT+J9svcjj3bOYfqvBJTSv72hia8gHfmZTaT3aJWH/5MuCEjyMDcMv+v
LzQQf6kY1Ste9SWuuoHzy79n1D4Y0cLNN4nqITbm+UygQA==
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:00:36 2026 by rpki-client