Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8c7710c7-6ab8-4545-b04c-0bbeaa573eae.roa
File: 8c7710c7-6ab8-4545-b04c-0bbeaa573eae.roa (raw, json)
Hash identifier: PICd8rW0sMdvvo/0X3s3QAaokxQA3cV6numImonk6lo=
Subject key identifier: 5A:6E:CD:E5:B8:73:2F:C1:48:E4:54:50:52:45:C9:6F:C8:8C:3E:56
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1DD49C9BF868F337E749727CF3FCCF2D6860A947
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8c7710c7-6ab8-4545-b04c-0bbeaa573eae.roa
Signing time: Wed 20 May 2026 00:50:18 +0000
ROA not before: Wed 20 May 2026 00:50:18 +0000
ROA not after: Tue 18 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.112.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:d4:9c:9b:f8:68:f3:37:e7:49:72:7c:f3:fc:cf:2d:68:60:a9:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 00:50:18 2026 GMT
Not After : Aug 18 23:59:59 2026 GMT
Subject: serialNumber=cfcbb14c42ccbfb38540c53814b7b9c701ad33ded2d46649fd15479a19b77312, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:36:ca:7c:7f:9a:2c:8d:fc:30:60:75:5c:2f:
fc:c6:69:79:72:e7:a8:f0:3c:91:ff:66:d7:dc:b4:
58:ce:13:55:58:76:93:ef:d3:0f:d2:31:ca:6d:61:
df:eb:6a:0a:32:1f:74:bb:d8:88:1c:c7:6d:e7:65:
f6:57:6f:c0:91:01:54:33:95:22:07:22:3c:58:11:
43:3e:65:f8:d8:74:b7:42:b3:7f:2d:f0:0d:d9:06:
69:c9:6f:8f:83:07:f9:ea:01:5c:90:ed:d6:c4:9e:
a3:02:ca:f8:97:06:95:26:14:5a:4b:a2:e8:e6:48:
5f:82:3a:b4:c5:d7:e8:a5:d6:91:7f:35:7f:60:48:
25:d9:0b:79:ae:25:37:cf:ce:04:b3:ec:92:23:a9:
06:31:a6:dd:82:aa:d1:b1:ea:b5:e6:62:83:15:a8:
f5:e8:de:06:65:39:2f:2e:61:2d:2f:5a:9f:20:02:
6e:5f:07:24:b8:1a:37:fd:f7:10:a7:f6:06:da:3f:
f5:7b:87:3d:2a:65:8e:1a:7d:3d:3e:79:a3:e3:e8:
a5:38:41:66:23:3a:28:30:0c:16:6e:65:96:1e:f5:
db:f3:ca:53:2d:35:22:d0:9d:c9:f5:bf:b1:d2:45:
06:ed:48:29:81:9a:fe:5a:5d:5a:a6:86:50:c6:60:
be:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:6E:CD:E5:B8:73:2F:C1:48:E4:54:50:52:45:C9:6F:C8:8C:3E:56
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8c7710c7-6ab8-4545-b04c-0bbeaa573eae.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.112.0.0/16
Signature Algorithm: sha256WithRSAEncryption
89:03:f7:5d:d8:3a:3a:48:04:ff:6a:f0:c2:ac:44:a1:f4:42:
59:fe:0b:50:49:66:ee:ee:fd:4b:1e:1c:62:8a:a6:8a:9e:d6:
27:52:66:f7:85:ae:e7:1e:24:43:98:c8:d6:0f:05:9d:bb:37:
99:bf:0d:d2:2e:0b:62:bf:9e:a6:2b:aa:f8:3d:24:36:ff:b7:
7e:f3:c2:55:df:96:47:67:6a:d6:b7:c4:08:14:40:90:25:d2:
0e:93:61:b4:9d:f0:1a:1b:d9:67:0b:ef:f1:ba:ad:f4:25:73:
81:79:b5:7f:59:81:57:ba:e4:05:ac:29:f5:87:ef:5a:1a:44:
2f:ef:9c:f2:fd:00:89:40:78:9f:7c:68:4e:c8:66:39:5f:3f:
b1:5b:78:1f:39:ad:41:40:51:f3:d7:f4:72:d6:d9:08:e0:ea:
13:4e:38:23:5a:d5:94:e7:da:cb:ae:1a:cc:b7:19:19:bb:08:
d4:b8:d5:43:e8:79:8b:d1:b5:f6:b6:b9:d9:9e:e9:a3:0f:29:
43:94:84:20:e0:ae:dd:ff:4c:aa:4f:94:a6:68:7a:1f:09:cc:
e3:38:53:bd:cd:20:bd:71:f6:8d:9b:62:1b:2e:7c:3d:bc:9c:
b7:3c:ad:42:a2:a9:06:dc:a9:a1:6a:c0:70:cf:d3:f0:5e:ac:
42:5f:c0:0c
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUHdScm/ho8zfnSXJ88/zPLWhgqUcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MjAwMDUwMThaFw0yNjA4MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQGNmY2JiMTRjNDJjY2JmYjM4NTQwYzUzODE0YjdiOWM3MDFhZDMzZGVkMmQ0
NjY0OWZkMTU0NzlhMTliNzczMTIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK82ynx/miyN/DBgdVwv/MZpeXLnqPA8kf9m19y0WM4TVVh2k+/TD9Ixym1h
3+tqCjIfdLvYiBzHbedl9ldvwJEBVDOVIgciPFgRQz5l+Nh0t0Kzfy3wDdkGaclv
j4MH+eoBXJDt1sSeowLK+JcGlSYUWkui6OZIX4I6tMXX6KXWkX81f2BIJdkLea4l
N8/OBLPskiOpBjGm3YKq0bHqteZigxWo9ejeBmU5Ly5hLS9anyACbl8HJLgaN/33
EKf2Bto/9XuHPSpljhp9PT55o+PopThBZiM6KDAMFm5llh712/PKUy01ItCdyfW/
sdJFBu1IKYGa/lpdWqaGUMZgvtMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRabs3l
uHMvwUjkVFBSRclvyIw+VjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGM3NzEwYzctNmFiOC00NTQ1LWIwNGMtMGJiZWFhNTczZWFlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNwMA0G
CSqGSIb3DQEBCwUAA4IBAQCJA/dd2Do6SAT/avDCrESh9EJZ/gtQSWbu7v1LHhxi
iqaKntYnUmb3ha7nHiRDmMjWDwWduzeZvw3SLgtiv56mK6r4PSQ2/7d+88JV35ZH
Z2rWt8QIFECQJdIOk2G0nfAaG9lnC+/xuq30JXOBebV/WYFXuuQFrCn1h+9aGkQv
75zy/QCJQHiffGhOyGY5Xz+xW3gfOa1BQFHz1/Ry1tkI4OoTTjgjWtWU59rLrhrM
txkZuwjUuNVD6HmL0bX2trnZnumjDylDlIQg4K7d/0yqT5SmaHofCczjOFO9zSC9
cfaNm2IbLnw9vJy3PK1CoqkG3KmhasBwz9PwXqxCX8AM
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:00:44 2026 by rpki-client