Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83d64fad-2f6b-441a-9079-e9e60d149aec.roa
File: 83d64fad-2f6b-441a-9079-e9e60d149aec.roa (raw, json)
Hash identifier: I7wkDPSldov+qiYti0BnIYVUYzoG9Ucw6uV+LQ1n7Ws=
Subject key identifier: 1E:32:3A:55:F7:E6:14:CA:08:8D:6D:9A:B0:94:3D:E7:CE:3A:9B:55
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 65A3272DEA2B4A505C8A72C0D2356E56C9026681
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83d64fad-2f6b-441a-9079-e9e60d149aec.roa
Signing time: Wed 20 May 2026 00:50:06 +0000
ROA not before: Wed 20 May 2026 00:50:06 +0000
ROA not after: Tue 18 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.17.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:a3:27:2d:ea:2b:4a:50:5c:8a:72:c0:d2:35:6e:56:c9:02:66:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 00:50:06 2026 GMT
Not After : Aug 18 23:59:59 2026 GMT
Subject: serialNumber=875d97332d71bc4f44894636c462a4214afa7f51a581bbf96fb5f90d86e1f093, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:3e:61:96:fd:b1:aa:0f:09:53:00:89:20:9e:
26:16:b7:65:3d:c5:67:9b:b3:d8:1c:9b:05:1e:1b:
14:15:19:3c:20:a6:e4:6b:5c:72:2d:49:e2:b1:ef:
96:72:57:23:af:1f:0e:d1:c6:51:6d:08:e7:39:18:
29:3d:94:0e:2e:b5:62:fa:e6:b6:c0:c8:5b:07:df:
85:96:6d:d2:e8:57:77:a7:84:10:14:3e:85:e8:6c:
3a:68:f1:9c:5d:ab:7f:bb:a3:a5:0d:ce:ea:3c:e3:
0f:d8:ce:76:fd:09:af:b2:92:ea:dc:67:58:2f:80:
62:5e:f8:92:2c:4d:d1:b3:c3:3c:be:95:50:46:fd:
b7:b0:0b:f1:ca:e6:13:93:6c:88:99:4a:da:0a:22:
3e:03:30:37:d6:af:ce:e1:86:03:82:03:4d:6d:01:
23:13:91:9c:ce:38:40:66:cc:20:03:7c:52:95:0e:
14:6c:96:c5:c0:86:2d:db:94:a1:aa:50:d4:3b:4c:
ba:8c:d5:b5:2a:7e:42:45:1d:3c:7e:74:b5:e9:e4:
80:d5:ca:3f:15:1e:62:42:b5:04:46:d8:84:9b:3e:
12:93:31:03:3a:3e:d1:f5:32:a3:26:9b:51:11:44:
26:a5:8a:00:37:04:ec:2e:13:4b:44:d4:1b:a8:d3:
3f:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:32:3A:55:F7:E6:14:CA:08:8D:6D:9A:B0:94:3D:E7:CE:3A:9B:55
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83d64fad-2f6b-441a-9079-e9e60d149aec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.17.0.0/24
Signature Algorithm: sha256WithRSAEncryption
70:74:f6:83:45:cc:70:5c:58:73:0c:07:81:89:39:49:ba:fb:
13:97:b9:64:0d:62:d1:a1:74:80:bc:49:8e:38:72:b3:b1:45:
e1:c7:80:5d:ef:c2:28:38:1e:cc:89:75:a4:f3:ae:a9:4d:9c:
a2:cb:02:95:57:2b:12:07:00:5b:d9:5b:dd:16:4b:df:28:10:
49:aa:ba:54:5e:2b:cb:34:90:2d:52:7f:a4:08:ea:3d:0c:39:
98:29:93:e2:e1:5a:4c:38:29:b3:eb:97:7c:09:e8:4c:01:90:
68:37:ec:e0:70:61:db:a6:0b:bb:db:05:58:12:4d:6c:d4:99:
b8:e8:3b:de:45:0d:a4:18:b8:a5:9a:ac:93:dc:16:9a:83:5d:
13:be:a7:97:dc:4e:25:33:36:06:77:cd:75:97:8a:c5:3b:f8:
e7:e6:a8:11:5c:21:5b:92:e5:cd:2e:56:c0:b2:c0:7a:e2:d6:
e2:18:27:5c:d8:ff:6b:3b:83:35:9e:0d:2a:d7:57:cd:b5:80:
39:57:99:85:b0:df:ad:f0:00:a3:6c:b3:77:1a:2c:0b:94:70:
e6:4b:8e:72:90:6b:b0:04:b3:7b:fc:85:d2:40:92:fc:b9:5d:
d6:3a:00:ae:26:98:73:e7:29:85:ed:0f:23:4c:37:d6:d3:70:
1a:dc:2d:6a
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUZaMnLeorSlBcinLA0jVuVskCZoEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MjAwMDUwMDZaFw0yNjA4MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDg3NWQ5NzMzMmQ3MWJjNGY0NDg5NDYzNmM0NjJhNDIxNGFmYTdmNTFhNTgx
YmJmOTZmYjVmOTBkODZlMWYwOTMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL0+YZb9saoPCVMAiSCeJha3ZT3FZ5uz2BybBR4bFBUZPCCm5Gtcci1J4rHv
lnJXI68fDtHGUW0I5zkYKT2UDi61YvrmtsDIWwffhZZt0uhXd6eEEBQ+hehsOmjx
nF2rf7ujpQ3O6jzjD9jOdv0Jr7KS6txnWC+AYl74kixN0bPDPL6VUEb9t7AL8crm
E5NsiJlK2goiPgMwN9avzuGGA4IDTW0BIxORnM44QGbMIAN8UpUOFGyWxcCGLduU
oapQ1DtMuozVtSp+QkUdPH50tenkgNXKPxUeYkK1BEbYhJs+EpMxAzo+0fUyoyab
URFEJqWKADcE7C4TS0TUG6jTPyECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQeMjpV
9+YUygiNbZqwlD3nzjqbVTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODNkNjRmYWQtMmY2Yi00NDFhLTkwNzktZTllNjBkMTQ5YWVjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADMRADAN
BgkqhkiG9w0BAQsFAAOCAQEAcHT2g0XMcFxYcwwHgYk5Sbr7E5e5ZA1i0aF0gLxJ
jjhys7FF4ceAXe/CKDgezIl1pPOuqU2cossClVcrEgcAW9lb3RZL3ygQSaq6VF4r
yzSQLVJ/pAjqPQw5mCmT4uFaTDgps+uXfAnoTAGQaDfs4HBh26YLu9sFWBJNbNSZ
uOg73kUNpBi4pZqsk9wWmoNdE76nl9xOJTM2BnfNdZeKxTv45+aoEVwhW5LlzS5W
wLLAeuLW4hgnXNj/azuDNZ4NKtdXzbWAOVeZhbDfrfAAo2yzdxosC5Rw5kuOcpBr
sASze/yF0kCS/Lld1joAriaYc+cphe0PI0w31tNwGtwtag==
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:10:21 2026 by rpki-client