Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7b957dae-110a-40bf-9710-191cf24c9e94.roa
File: 7b957dae-110a-40bf-9710-191cf24c9e94.roa (raw, json)
Hash identifier: OXqUNLGl58GnDrrzHFXIi8wKqDfJUd7qkT9rtD0L4fA=
Subject key identifier: 40:87:C3:BF:6D:29:AE:A4:1C:B0:08:9C:FC:51:26:8B:5B:6F:3F:96
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5F99609D9EA3E0B8CA0051D39E7FF9A2732264E6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7b957dae-110a-40bf-9710-191cf24c9e94.roa
Signing time: Wed 20 May 2026 00:50:07 +0000
ROA not before: Wed 20 May 2026 00:50:07 +0000
ROA not after: Tue 18 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.96.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:99:60:9d:9e:a3:e0:b8:ca:00:51:d3:9e:7f:f9:a2:73:22:64:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 00:50:07 2026 GMT
Not After : Aug 18 23:59:59 2026 GMT
Subject: serialNumber=931865034e75eb2a494bcb0edba04afa60f2e8b6a36e738e97efd92935aa146c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:fe:2a:73:94:e1:c9:82:68:60:b1:5d:b7:1f:
b3:48:29:c4:45:0a:8e:4c:50:fc:da:0c:e0:cd:ad:
3d:27:51:e4:77:ad:7f:41:86:79:3f:7d:51:2d:f5:
5d:be:d7:15:b1:44:4a:78:3f:46:ab:97:cd:f6:8a:
e3:cb:2d:72:8e:d9:3f:af:5f:4b:fb:f8:1f:57:87:
f2:d5:a6:68:ea:a0:d5:b9:2d:12:c7:94:ba:e4:5d:
53:54:a1:17:5d:5a:7f:e1:c3:c2:94:88:78:a9:2d:
e0:bb:40:9d:ea:db:94:63:7a:63:14:24:a1:ea:00:
94:df:67:fa:1e:55:2b:f1:79:af:69:fe:8f:a0:de:
30:89:6e:b9:45:e8:38:58:14:e5:34:91:d7:52:f4:
ce:38:2c:b1:91:f9:30:f0:07:4c:e5:92:d2:f9:c1:
c2:ba:24:e9:17:f3:ba:22:bf:d9:0e:9b:ab:4b:19:
5a:85:e7:f2:8d:a5:76:fa:a0:c3:eb:6d:d4:0a:73:
de:4b:86:65:79:b6:fc:dc:e4:7a:25:13:6f:7a:ef:
de:fb:07:6f:1c:35:c3:79:51:45:2c:37:87:f4:21:
92:84:fd:e0:c0:1e:ee:85:e3:a7:7c:e6:77:4e:a3:
39:ff:ba:cf:74:45:16:2f:5d:3b:0f:0d:a1:23:ea:
1a:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:87:C3:BF:6D:29:AE:A4:1C:B0:08:9C:FC:51:26:8B:5B:6F:3F:96
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7b957dae-110a-40bf-9710-191cf24c9e94.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.96.0/21
Signature Algorithm: sha256WithRSAEncryption
52:38:9b:f0:9c:6a:f1:e6:97:84:b1:49:23:b3:45:4c:df:e4:
e1:f0:97:d6:2d:54:fd:1b:25:61:4c:0b:e7:4b:30:29:3d:92:
94:1f:49:c2:2a:5b:9d:78:24:17:32:24:9c:20:27:29:b9:a8:
15:a2:49:cb:16:c4:ee:36:4e:2e:fe:06:1e:9d:d8:47:c6:51:
01:0e:e5:80:5c:93:20:e4:73:21:b1:a2:b3:85:9e:4d:e4:74:
e1:2e:55:b4:11:c7:8e:72:3e:0b:be:91:ec:8c:ff:62:07:da:
12:bc:cc:c2:0f:29:b3:35:5a:1b:7b:e7:dc:4c:a0:9a:cb:43:
7a:f4:9e:2f:ff:61:cb:1b:3e:7f:b7:df:1f:e8:0f:17:12:6e:
8d:5c:89:eb:7b:7d:35:ba:35:a4:67:93:eb:4c:d9:6b:5a:12:
60:43:46:bc:dd:cf:d1:27:3e:5f:32:b5:2f:99:22:97:04:2b:
13:82:ea:2d:7d:24:83:e4:5c:4d:2d:83:45:68:92:08:35:77:
2b:ac:b9:67:b2:4b:41:75:a9:95:d9:79:78:f2:35:c1:ac:f6:
fc:fc:03:ca:48:fd:b8:b1:0c:ed:e6:32:e2:bd:65:da:c1:3d:
53:46:b9:43:c0:17:67:79:93:e3:be:a8:bb:e0:5e:34:fe:0e:
9d:5f:49:4b
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUX5lgnZ6j4LjKAFHTnn/5onMiZOYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MjAwMDUwMDdaFw0yNjA4MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDkzMTg2NTAzNGU3NWViMmE0OTRiY2IwZWRiYTA0YWZhNjBmMmU4YjZhMzZl
NzM4ZTk3ZWZkOTI5MzVhYTE0NmMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ3+KnOU4cmCaGCxXbcfs0gpxEUKjkxQ/NoM4M2tPSdR5Hetf0GGeT99US31
Xb7XFbFESng/RquXzfaK48stco7ZP69fS/v4H1eH8tWmaOqg1bktEseUuuRdU1Sh
F11af+HDwpSIeKkt4LtAnerblGN6YxQkoeoAlN9n+h5VK/F5r2n+j6DeMIluuUXo
OFgU5TSR11L0zjgssZH5MPAHTOWS0vnBwrok6RfzuiK/2Q6bq0sZWoXn8o2ldvqg
w+tt1Apz3kuGZXm2/NzkeiUTb3rv3vsHbxw1w3lRRSw3h/QhkoT94MAe7oXjp3zm
d06jOf+6z3RFFi9dOw8NoSPqGvUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRAh8O/
bSmupBywCJz8USaLW28/ljAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2I5NTdkYWUtMTEwYS00MGJmLTk3MTAtMTkxY2YyNGM5ZTk0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzMAYDAN
BgkqhkiG9w0BAQsFAAOCAQEAUjib8Jxq8eaXhLFJI7NFTN/k4fCX1i1U/RslYUwL
50swKT2SlB9JwipbnXgkFzIknCAnKbmoFaJJyxbE7jZOLv4GHp3YR8ZRAQ7lgFyT
IORzIbGis4WeTeR04S5VtBHHjnI+C76R7Iz/YgfaErzMwg8pszVaG3vn3EygmstD
evSeL/9hyxs+f7ffH+gPFxJujVyJ63t9Nbo1pGeT60zZa1oSYENGvN3P0Sc+XzK1
L5kilwQrE4LqLX0kg+RcTS2DRWiSCDV3K6y5Z7JLQXWpldl5ePI1waz2/PwDykj9
uLEM7eYy4r1l2sE9U0a5Q8AXZ3mT476ou+BeNP4OnV9JSw==
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:00:35 2026 by rpki-client