Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/80e298e3-975b-4cea-9586-8d04a37a53a2.roa
File: 80e298e3-975b-4cea-9586-8d04a37a53a2.roa (raw, json)
Hash identifier: 4N0J0J8jXexTasG1YhCy8YYsKzGsYkqMKV35ZBSXARc=
Subject key identifier: 74:A5:15:CB:6C:AD:6F:C1:A2:95:6A:13:5E:57:5E:DA:C1:47:36:45
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 51C16E8DCE4E613423709B4A06DF91E90559749C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/80e298e3-975b-4cea-9586-8d04a37a53a2.roa
Signing time: Thu 14 May 2026 01:40:06 +0000
ROA not before: Thu 14 May 2026 01:40:06 +0000
ROA not after: Wed 12 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 57.93.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:c1:6e:8d:ce:4e:61:34:23:70:9b:4a:06:df:91:e9:05:59:74:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 14 01:40:06 2026 GMT
Not After : Aug 12 23:59:59 2026 GMT
Subject: serialNumber=440d29cfdcc3f9721b4009a03fe630d907db25c972e8eb100a4fcdea88cf53ef, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:fb:d3:36:e7:c3:cb:75:fd:28:1e:62:77:a4:
ff:6e:c7:0b:2a:63:62:70:6f:09:e8:a9:ab:fe:3e:
df:80:95:2e:61:8d:f7:41:f4:37:bf:e0:45:f6:c8:
66:f8:ce:1e:3c:e3:57:2f:45:f0:d6:b0:74:ad:b0:
c7:05:83:e9:0c:7a:59:87:e0:c6:64:62:b8:47:8c:
74:c5:a1:52:c2:07:d8:5f:50:b3:21:8e:5b:a5:bb:
89:32:44:a0:e2:ef:9d:50:04:2c:c4:bd:d4:76:ed:
d7:96:94:87:e2:d6:01:b8:d3:6f:51:bc:aa:81:f1:
5b:d3:44:8c:0a:34:c1:5c:26:fd:31:9e:6e:e9:ab:
c5:00:c7:9c:54:75:17:7d:ea:78:67:64:aa:92:c3:
da:12:eb:62:20:07:8e:8f:f2:cf:d7:ec:5c:d6:d4:
76:2c:81:1b:4b:ac:70:87:b2:eb:52:a4:b6:4c:68:
89:98:e8:cc:e3:dd:a2:10:3f:6c:42:5c:ad:29:68:
0e:82:d6:b4:50:dc:a9:33:2c:be:57:0c:48:71:ba:
7c:8e:62:1a:19:0c:c1:29:dd:f7:33:a2:7b:84:e5:
ab:8b:c0:04:ec:7e:af:80:78:46:3e:31:d4:f4:ee:
2f:f6:e3:19:0a:50:d4:d3:ad:70:5b:74:cd:23:fe:
01:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:A5:15:CB:6C:AD:6F:C1:A2:95:6A:13:5E:57:5E:DA:C1:47:36:45
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/80e298e3-975b-4cea-9586-8d04a37a53a2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.93.0.0/16
Signature Algorithm: sha256WithRSAEncryption
18:94:6e:cb:2b:82:73:8a:13:ef:ca:28:45:60:8f:96:3e:95:
b9:be:5e:88:82:40:14:13:1c:f7:78:88:c6:4e:08:7e:e3:dd:
7a:26:58:fc:f1:cb:66:dd:7e:2e:11:b8:4e:b3:75:54:ae:a9:
41:4f:49:62:30:54:d8:31:31:f6:f5:cd:79:28:b0:09:2f:ab:
98:3b:5b:8d:fd:44:58:c7:63:0d:f2:16:fd:a2:cf:1f:3d:4d:
e2:25:6d:36:b6:2d:f4:d8:1c:1e:8a:19:1f:43:8d:8f:a0:63:
46:e9:c6:d8:fa:33:76:ce:43:bd:06:97:a1:49:4a:94:e8:7e:
a6:17:bf:a5:04:c5:d8:93:b2:93:ce:0d:f2:9e:4a:18:79:73:
2a:4f:a0:3d:13:f5:21:36:2d:7c:a7:a0:4b:46:75:22:90:5d:
45:1a:c1:84:54:04:be:a0:70:94:c4:de:c0:aa:e1:72:7d:7e:
b1:e9:37:54:a8:bb:ee:38:be:4d:57:d7:d4:f4:38:6b:60:c9:
b4:ae:63:26:9e:f6:56:0f:80:c8:b4:8d:0d:9a:ba:00:99:80:
c6:e4:db:37:b6:c7:54:22:0a:24:da:fb:81:07:ca:84:42:54:
21:4e:3a:2d:b4:0c:48:1b:e4:0e:0a:93:6a:63:db:3c:a5:df:
05:ec:1f:da
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUUcFujc5OYTQjcJtKBt+R6QVZdJwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTQwMTQwMDZaFw0yNjA4MTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ0MGQyOWNmZGNjM2Y5NzIxYjQwMDlhMDNmZTYzMGQ5MDdkYjI1Yzk3MmU4
ZWIxMDBhNGZjZGVhODhjZjUzZWYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKj70zbnw8t1/SgeYnek/27HCypjYnBvCeipq/4+34CVLmGN90H0N7/gRfbI
ZvjOHjzjVy9F8NawdK2wxwWD6Qx6WYfgxmRiuEeMdMWhUsIH2F9QsyGOW6W7iTJE
oOLvnVAELMS91Hbt15aUh+LWAbjTb1G8qoHxW9NEjAo0wVwm/TGebumrxQDHnFR1
F33qeGdkqpLD2hLrYiAHjo/yz9fsXNbUdiyBG0uscIey61KktkxoiZjozOPdohA/
bEJcrSloDoLWtFDcqTMsvlcMSHG6fI5iGhkMwSnd9zOie4Tlq4vABOx+r4B4Rj4x
1PTuL/bjGQpQ1NOtcFt0zSP+AZ0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR0pRXL
bK1vwaKVahNeV17awUc2RTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODBlMjk4ZTMtOTc1Yi00Y2VhLTk1ODYtOGQwNGEzN2E1M2EyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADldMA0G
CSqGSIb3DQEBCwUAA4IBAQAYlG7LK4JzihPvyihFYI+WPpW5vl6IgkAUExz3eIjG
Tgh+4916Jlj88ctm3X4uEbhOs3VUrqlBT0liMFTYMTH29c15KLAJL6uYO1uN/URY
x2MN8hb9os8fPU3iJW02ti302BweihkfQ42PoGNG6cbY+jN2zkO9BpehSUqU6H6m
F7+lBMXYk7KTzg3ynkoYeXMqT6A9E/UhNi18p6BLRnUikF1FGsGEVAS+oHCUxN7A
quFyfX6x6TdUqLvuOL5NV9fU9DhrYMm0rmMmnvZWD4DItI0NmroAmYDG5Ns3tsdU
Igok2vuBB8qEQlQhTjottAxIG+QOCpNqY9s8pd8F7B/a
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:00:13 2026 by rpki-client