Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8dcd1031-0c8d-4ee4-9563-57ddb63e1678.roa
File: 8dcd1031-0c8d-4ee4-9563-57ddb63e1678.roa (raw, json)
Hash identifier: j0kMHyhuCQZSG2cxJ8gm4G2I5wk3aIARiWPu85SPWHY=
Subject key identifier: 6E:84:90:33:D7:E2:8E:96:9A:04:03:05:00:1B:C8:CD:83:14:09:5B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4B454F01116EBBD785C847CAF5DB43FB54B35F9A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8dcd1031-0c8d-4ee4-9563-57ddb63e1678.roa
Signing time: Tue 19 May 2026 06:00:08 +0000
ROA not before: Tue 19 May 2026 06:00:08 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.226.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:45:4f:01:11:6e:bb:d7:85:c8:47:ca:f5:db:43:fb:54:b3:5f:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 06:00:08 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=68b03f7903b9e2d74ff3805c1353848df5be6a825e9a0a855ea13263743f6719, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:27:d7:6e:b0:d7:58:95:45:ee:46:73:1c:12:
d8:80:07:a1:bf:af:28:4f:ca:88:09:44:fa:2f:2a:
f2:bb:fb:aa:6e:17:b5:8c:dc:5a:86:03:42:e1:82:
cb:ff:89:3d:29:e9:de:48:a0:ba:9a:83:24:15:a5:
97:82:62:d7:a7:d9:da:60:00:13:b0:73:85:d6:c7:
d9:00:6d:90:a5:39:24:05:48:3b:28:70:c0:d0:09:
80:b0:43:5e:02:02:cb:24:e1:21:4b:80:da:52:82:
b1:87:1b:8a:c4:ad:26:6b:e7:25:32:82:0d:e2:cb:
7c:6d:a2:b2:39:03:74:3f:42:ae:ab:7d:7d:77:38:
ef:a5:cf:9e:21:5b:5a:dc:e3:13:a7:5a:80:cd:4f:
6f:b1:5b:e8:9d:ba:7c:1c:70:60:49:c1:da:20:ed:
01:1c:fe:fa:a7:7e:c7:95:0a:35:22:7f:02:a2:0a:
54:ca:b5:bb:c7:7d:d6:3c:21:a5:90:43:95:2f:aa:
f0:2c:29:b0:50:28:73:27:2e:3c:87:31:02:78:80:
de:4d:b4:2b:cc:a1:cc:0d:b7:64:43:29:3d:32:f1:
f5:98:bc:a0:45:d9:c4:8a:87:e2:d8:d1:62:49:14:
db:c0:62:8d:66:68:e6:ed:ff:2d:e3:86:65:6a:8a:
25:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:84:90:33:D7:E2:8E:96:9A:04:03:05:00:1B:C8:CD:83:14:09:5B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8dcd1031-0c8d-4ee4-9563-57ddb63e1678.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.226.0.0/15
Signature Algorithm: sha256WithRSAEncryption
1c:bc:7c:4d:92:36:f8:c0:8a:65:81:a1:b8:d3:99:ef:9e:2b:
6c:99:d8:27:92:93:84:57:91:30:d4:d0:9c:ac:b1:ce:aa:b7:
6f:6c:53:ee:f3:ef:6c:87:44:90:71:1d:5b:87:50:1b:7c:c6:
e8:e1:ca:d8:ba:25:dd:a1:54:af:b9:45:6a:0c:b1:4c:62:6d:
72:45:9b:71:96:a4:45:00:ec:97:27:1a:5d:e9:e8:9a:22:4e:
61:a5:03:71:26:76:28:fe:93:0f:7a:50:af:12:03:33:d2:19:
94:46:c1:b5:c0:07:28:dc:44:4d:c3:5e:cb:cc:86:e6:60:99:
ca:2d:e4:84:c5:4c:68:21:1b:fa:35:e7:7c:90:19:12:cf:ec:
1f:2b:98:5a:77:eb:1c:ea:d2:19:f4:cc:e2:59:0a:27:81:cb:
30:04:5c:47:85:90:26:c5:ce:79:3c:a2:11:41:09:64:b2:6a:
ff:68:2f:7b:7e:f8:7c:71:fa:1a:b8:21:83:de:ae:ae:e3:9f:
a7:57:0d:05:9e:a6:82:f9:2d:a2:98:91:0f:a5:af:bf:1a:ac:
06:66:5e:32:bd:5d:fc:36:40:7f:e3:f4:eb:20:13:55:91:52:
b8:b6:67:a5:fe:de:47:bf:44:f1:fb:73:8f:73:a3:09:f6:b0:
bb:8c:c9:d7
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUS0VPARFuu9eFyEfK9dtD+1SzX5owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNjAwMDhaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDY4YjAzZjc5MDNiOWUyZDc0ZmYzODA1YzEzNTM4NDhkZjViZTZhODI1ZTlh
MGE4NTVlYTEzMjYzNzQzZjY3MTkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMsn126w11iVRe5GcxwS2IAHob+vKE/KiAlE+i8q8rv7qm4XtYzcWoYDQuGC
y/+JPSnp3kigupqDJBWll4Ji16fZ2mAAE7BzhdbH2QBtkKU5JAVIOyhwwNAJgLBD
XgICyyThIUuA2lKCsYcbisStJmvnJTKCDeLLfG2isjkDdD9Crqt9fXc476XPniFb
WtzjE6dagM1Pb7Fb6J26fBxwYEnB2iDtARz++qd+x5UKNSJ/AqIKVMq1u8d91jwh
pZBDlS+q8CwpsFAocycuPIcxAniA3k20K8yhzA23ZEMpPTLx9Zi8oEXZxIqH4tjR
YkkU28BijWZo5u3/LeOGZWqKJcECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRuhJAz
1+KOlpoEAwUAG8jNgxQJWzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGRjZDEwMzEtMGM4ZC00ZWU0LTk1NjMtNTdkZGI2M2UxNjc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPiMA0G
CSqGSIb3DQEBCwUAA4IBAQAcvHxNkjb4wIplgaG405nvnitsmdgnkpOEV5Ew1NCc
rLHOqrdvbFPu8+9sh0SQcR1bh1AbfMbo4crYuiXdoVSvuUVqDLFMYm1yRZtxlqRF
AOyXJxpd6eiaIk5hpQNxJnYo/pMPelCvEgMz0hmURsG1wAco3ERNw17LzIbmYJnK
LeSExUxoIRv6Ned8kBkSz+wfK5had+sc6tIZ9MziWQongcswBFxHhZAmxc55PKIR
QQlksmr/aC97fvh8cfoauCGD3q6u45+nVw0FnqaC+S2imJEPpa+/GqwGZl4yvV38
NkB/4/TrIBNVkVK4tmel/t5Hv0Tx+3OPc6MJ9rC7jMnX
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:23:56 2026 by rpki-client