Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f5c30d0-efa8-41c0-aa7d-c5016e9315d5.roa
File: 7f5c30d0-efa8-41c0-aa7d-c5016e9315d5.roa (raw, json)
Hash identifier: 0Fj+J8AL4DuyBvDhobV1hBBkrixHPgOHSjHw/wvhszY=
Subject key identifier: 6A:41:75:DB:9A:F8:7C:63:30:4C:3E:05:2C:72:72:01:64:4D:AA:9E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2C9AA5B9C31C54A755AC2CA262F8D492EBF8860D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f5c30d0-efa8-41c0-aa7d-c5016e9315d5.roa
Signing time: Tue 19 May 2026 06:00:07 +0000
ROA not before: Tue 19 May 2026 06:00:07 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 57.65.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:9a:a5:b9:c3:1c:54:a7:55:ac:2c:a2:62:f8:d4:92:eb:f8:86:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 06:00:07 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=da09cc644b5971e396f3d435bc462e9925dc2e8868575d388470cf53ad19c843, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:f9:52:54:8a:75:f0:68:16:c8:ae:0b:96:02:
d8:ef:9d:94:ce:a2:56:b2:09:46:1c:2f:01:b0:dc:
1b:96:98:2f:5a:02:7b:da:57:83:b3:fd:2b:96:79:
52:cf:55:44:51:86:8e:17:ac:16:d4:91:a7:2e:96:
71:17:08:f5:57:66:42:86:e4:1d:90:75:06:bc:ca:
16:56:82:34:93:9d:18:5c:de:c4:e9:88:4c:2e:69:
9d:a4:0c:97:25:cb:00:00:db:44:77:f3:c6:6c:be:
91:fb:8d:e0:7a:b2:bc:30:13:27:c6:63:1a:bc:f9:
74:0b:cd:20:aa:b8:5f:19:83:02:a3:2e:45:25:3a:
96:87:14:f7:67:fa:5d:ae:38:d4:34:39:83:31:08:
94:f7:d5:df:1f:b6:04:00:5d:90:86:23:4b:33:01:
64:fa:49:0e:c0:c2:bb:dc:4f:eb:cc:6f:b5:7e:bf:
b0:4b:a7:ef:57:15:4f:48:17:01:cb:af:03:7a:4e:
05:9f:e8:93:9c:37:b8:7e:c3:c2:08:49:03:0f:99:
7f:81:0f:0c:0d:e7:2b:8d:8e:59:47:f4:a3:5f:42:
1f:7d:77:77:72:2b:7a:67:fd:16:db:ea:bd:e2:68:
47:cb:5e:74:df:6d:b5:7b:bd:06:71:4a:43:41:d1:
66:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:41:75:DB:9A:F8:7C:63:30:4C:3E:05:2C:72:72:01:64:4D:AA:9E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f5c30d0-efa8-41c0-aa7d-c5016e9315d5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.65.0.0/16
Signature Algorithm: sha256WithRSAEncryption
28:fb:25:f6:8f:c2:b6:62:57:a7:ba:e1:88:2e:40:38:49:4e:
f8:d6:c0:bb:1a:eb:a5:65:80:2a:cc:4b:94:61:a1:a8:06:d0:
3b:63:a2:34:26:42:47:7f:a2:96:e3:03:fe:66:77:44:19:76:
33:06:ae:b9:51:13:ae:10:84:03:68:83:41:fc:a9:a3:b8:8a:
7b:8f:67:e9:61:23:1e:c8:5a:06:8e:c6:81:fc:99:21:b5:0f:
d9:ef:f9:4e:2d:ad:39:4e:7e:4d:1e:1d:96:22:27:a5:9b:c3:
b0:f8:ca:c8:9c:9a:47:1a:10:45:f6:37:03:d0:05:0a:40:47:
c7:7c:c5:2a:ce:0f:fd:3c:32:c7:3c:04:26:fb:a6:82:64:a2:
97:ca:d9:16:5d:06:fd:bf:ba:66:94:c0:ec:26:8f:a3:26:ad:
dd:04:7f:07:48:38:c6:65:de:e4:7f:f9:0c:49:e6:8d:13:21:
20:f4:50:04:ed:ba:7b:56:80:9e:5f:e0:31:38:e5:e9:b3:68:
18:5c:82:37:13:76:8e:77:7c:46:c1:cb:15:7a:18:29:a2:87:
ea:b1:f4:ac:dd:63:72:d0:7b:e6:55:60:51:1a:aa:55:32:95:
9d:b6:bd:3d:57:22:fb:2e:7a:21:6f:dc:27:b9:d3:a5:b2:60:
d2:ad:d2:4e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIULJqlucMcVKdVrCyiYvjUkuv4hg0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNjAwMDdaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGRhMDljYzY0NGI1OTcxZTM5NmYzZDQzNWJjNDYyZTk5MjVkYzJlODg2ODU3
NWQzODg0NzBjZjUzYWQxOWM4NDMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALP5UlSKdfBoFsiuC5YC2O+dlM6iVrIJRhwvAbDcG5aYL1oCe9pXg7P9K5Z5
Us9VRFGGjhesFtSRpy6WcRcI9VdmQobkHZB1BrzKFlaCNJOdGFzexOmITC5pnaQM
lyXLAADbRHfzxmy+kfuN4HqyvDATJ8ZjGrz5dAvNIKq4XxmDAqMuRSU6locU92f6
Xa441DQ5gzEIlPfV3x+2BABdkIYjSzMBZPpJDsDCu9xP68xvtX6/sEun71cVT0gX
AcuvA3pOBZ/ok5w3uH7DwghJAw+Zf4EPDA3nK42OWUf0o19CH313d3Iremf9Ftvq
veJoR8tedN9ttXu9BnFKQ0HRZoECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRqQXXb
mvh8YzBMPgUscnIBZE2qnjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2Y1YzMwZDAtZWZhOC00MWMwLWFhN2QtYzUwMTZlOTMxNWQ1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADlBMA0G
CSqGSIb3DQEBCwUAA4IBAQAo+yX2j8K2YlenuuGILkA4SU741sC7GuulZYAqzEuU
YaGoBtA7Y6I0JkJHf6KW4wP+ZndEGXYzBq65UROuEIQDaINB/KmjuIp7j2fpYSMe
yFoGjsaB/JkhtQ/Z7/lOLa05Tn5NHh2WIielm8Ow+MrInJpHGhBF9jcD0AUKQEfH
fMUqzg/9PDLHPAQm+6aCZKKXytkWXQb9v7pmlMDsJo+jJq3dBH8HSDjGZd7kf/kM
SeaNEyEg9FAE7bp7VoCeX+AxOOXps2gYXII3E3aOd3xGwcsVehgpoofqsfSs3WNy
0HvmVWBRGqpVMpWdtr09VyL7Lnohb9wnudOlsmDSrdJO
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:00:18 2026 by rpki-client