Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/85620864-b6e3-4aeb-8798-74669cc5226c.roa
File: 85620864-b6e3-4aeb-8798-74669cc5226c.roa (raw, json)
Hash identifier: 69R3z17YqOuAjFaSKKbc4TgTlCSQ97anbdiLHyyq/AA=
Subject key identifier: B9:F7:EA:EE:61:C9:C4:90:0F:41:83:A3:11:05:DD:A4:E8:1F:E1:DE
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6A0B03A5FF2C6378F6D9657E100D5C12F048B84B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/85620864-b6e3-4aeb-8798-74669cc5226c.roa
Signing time: Tue 19 May 2026 06:00:51 +0000
ROA not before: Tue 19 May 2026 06:00:51 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 14618
IP address blocks: 51.202.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:0b:03:a5:ff:2c:63:78:f6:d9:65:7e:10:0d:5c:12:f0:48:b8:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 06:00:51 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=207eaef12e45c43e2b41efcba2426123bb48dec8ec04aa8702bc2abd727d754c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:4a:57:70:9d:66:8d:16:32:a2:6e:35:6b:5d:
be:4d:47:e8:ba:90:52:e0:4c:21:35:aa:71:be:c8:
1e:27:93:4b:70:74:b7:f4:0b:ec:21:d2:86:69:e0:
f3:22:29:63:3f:da:4e:fe:83:81:bc:20:6f:68:ce:
46:b2:95:02:21:93:fb:43:03:fe:93:5e:03:77:8e:
99:b7:f1:5e:ba:8b:c9:52:9c:39:2a:ea:42:67:57:
6c:b1:8c:21:71:12:ca:16:98:59:3b:bd:3a:f0:11:
76:4d:bb:04:7b:a3:c5:14:ae:fc:44:a5:5a:5f:c8:
63:28:52:bc:b8:24:39:b9:6f:85:04:50:a1:ae:b4:
5a:a6:00:68:b1:92:09:fb:3c:88:6d:fd:72:2c:24:
b0:05:e5:5b:ae:77:f9:ea:52:b2:1d:48:cf:b5:77:
ca:e7:ab:4c:f2:66:0e:f2:6c:d5:46:3a:cd:1c:a6:
c0:8f:47:6d:6f:31:54:1a:9a:1f:79:89:b9:c7:1e:
75:3e:f4:3c:70:d9:f2:96:7a:e3:54:e0:5c:00:de:
d5:ca:b0:84:22:9e:ab:30:10:00:1c:f6:51:ee:94:
92:00:95:2a:df:1f:23:77:fd:ca:f9:55:41:fc:a9:
8c:08:ea:61:a6:f8:d0:0f:ac:d5:63:e3:85:7b:1c:
4a:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:F7:EA:EE:61:C9:C4:90:0F:41:83:A3:11:05:DD:A4:E8:1F:E1:DE
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/85620864-b6e3-4aeb-8798-74669cc5226c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.202.0.0/15
Signature Algorithm: sha256WithRSAEncryption
80:2c:7c:38:ea:3e:8b:f3:f2:d9:87:6e:3c:d1:68:ff:6d:33:
ae:78:16:f8:bc:4e:0f:20:61:e0:f5:6d:00:82:88:58:53:c9:
fa:66:ff:d0:ad:cb:ff:2a:72:d9:97:4b:75:a8:ff:c8:86:51:
85:9d:f2:40:80:45:9e:c1:51:ff:9b:d5:e1:f5:89:cf:8a:16:
18:42:46:ac:8f:4a:c4:79:28:87:ce:e8:6a:f9:45:bc:e4:17:
cb:20:b9:23:b6:37:41:8e:c5:64:3e:c3:c1:e5:83:b3:09:8b:
fc:5a:df:02:7b:7d:8c:f6:22:67:f7:bb:2c:a9:e0:c0:ec:5b:
f4:8b:82:af:b2:e7:27:b2:83:36:bc:3c:e3:71:5c:08:98:42:
b2:83:4f:c9:7c:16:96:58:c2:6c:da:9b:f6:ad:32:d8:b5:51:
5a:a5:b6:c1:7c:e4:00:2a:d8:e7:60:ff:03:46:bb:35:03:af:
a4:3a:d0:6d:47:ab:64:0f:1a:4f:5e:7e:03:6b:06:bd:44:11:
59:39:87:f7:65:4a:ba:43:c0:c1:c8:41:fd:3e:6b:36:c2:f6:
38:c6:0f:fd:ca:56:84:4f:25:13:5e:00:51:be:43:8a:8f:1d:
26:bd:a3:5c:14:3e:44:fa:f2:1c:95:e3:a3:74:2e:90:58:2c:
7e:de:02:f3
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUagsDpf8sY3j22WV+EA1cEvBIuEswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNjAwNTFaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDIwN2VhZWYxMmU0NWM0M2UyYjQxZWZjYmEyNDI2MTIzYmI0OGRlYzhlYzA0
YWE4NzAyYmMyYWJkNzI3ZDc1NGMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKpKV3CdZo0WMqJuNWtdvk1H6LqQUuBMITWqcb7IHieTS3B0t/QL7CHShmng
8yIpYz/aTv6Dgbwgb2jORrKVAiGT+0MD/pNeA3eOmbfxXrqLyVKcOSrqQmdXbLGM
IXESyhaYWTu9OvARdk27BHujxRSu/ESlWl/IYyhSvLgkOblvhQRQoa60WqYAaLGS
Cfs8iG39ciwksAXlW653+epSsh1Iz7V3yuerTPJmDvJs1UY6zRymwI9HbW8xVBqa
H3mJuccedT70PHDZ8pZ641TgXADe1cqwhCKeqzAQABz2Ue6UkgCVKt8fI3f9yvlV
QfypjAjqYab40A+s1WPjhXscSkkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS59+ru
YcnEkA9Bg6MRBd2k6B/h3jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODU2MjA4NjQtYjZlMy00YWViLTg3OTgtNzQ2NjljYzUyMjZjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPKMA0G
CSqGSIb3DQEBCwUAA4IBAQCALHw46j6L8/LZh2480Wj/bTOueBb4vE4PIGHg9W0A
gohYU8n6Zv/Qrcv/KnLZl0t1qP/IhlGFnfJAgEWewVH/m9Xh9YnPihYYQkasj0rE
eSiHzuhq+UW85BfLILkjtjdBjsVkPsPB5YOzCYv8Wt8Ce32M9iJn97ssqeDA7Fv0
i4KvsucnsoM2vDzjcVwImEKyg0/JfBaWWMJs2pv2rTLYtVFapbbBfOQAKtjnYP8D
Rrs1A6+kOtBtR6tkDxpPXn4Dawa9RBFZOYf3ZUq6Q8DByEH9Pms2wvY4xg/9ylaE
TyUTXgBRvkOKjx0mvaNcFD5E+vIcleOjdC6QWCx+3gLz
-----END CERTIFICATE-----
Generated at Sat Jun 13 05:43:51 2026 by rpki-client