Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/938d85ea-da85-4f15-8f87-5780d45bc4c1.roa
File: 938d85ea-da85-4f15-8f87-5780d45bc4c1.roa (raw, json)
Hash identifier: USPAw7ybGmpqnTJfuaNoEpHJuj9ia5pMlwxughV/cw8=
Subject key identifier: C1:F5:DF:8E:45:96:7A:26:63:9E:64:01:AB:59:A1:DB:5B:4E:92:36
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 23ADD7FB0762C961C485F44D60E5B49909E5F927
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/938d85ea-da85-4f15-8f87-5780d45bc4c1.roa
Signing time: Fri 10 Apr 2026 00:00:14 +0000
ROA not before: Fri 10 Apr 2026 00:00:14 +0000
ROA not after: Thu 09 Jul 2026 23:59:59 +0000
asID: 16509
IP address blocks: 57.71.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:ad:d7:fb:07:62:c9:61:c4:85:f4:4d:60:e5:b4:99:09:e5:f9:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 10 00:00:14 2026 GMT
Not After : Jul 9 23:59:59 2026 GMT
Subject: serialNumber=ad68673c6c825dd75a895043098fcbca07e6de531ef6ddba22e77c2007ecfbb1, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:34:00:41:f5:4c:ca:35:2c:32:19:4d:fa:7d:
85:89:53:e7:f2:d1:83:ac:97:e8:45:89:dc:36:9f:
4c:6f:34:35:96:80:f1:c2:ea:0b:9c:47:bd:e3:70:
ac:8b:23:03:81:f5:58:73:bd:2a:72:5f:f9:08:85:
52:ec:df:95:96:08:7e:f0:06:7e:61:b6:f8:ca:b1:
12:87:c0:cf:63:88:55:5f:a4:58:89:8c:ec:df:a7:
2b:f2:80:31:fb:7e:c8:77:9e:7c:1e:d7:9d:f8:f5:
6e:12:37:17:15:0a:55:7a:88:ab:18:f5:f6:f5:05:
11:3f:e2:99:66:33:79:db:25:e1:0c:a4:a4:54:6f:
83:dc:81:79:61:b7:ee:38:41:1d:63:5a:64:35:54:
bb:73:5a:a4:73:c4:b4:db:9e:bf:1a:ba:2e:bb:49:
73:58:fc:6a:e4:65:ec:6b:d9:93:7e:ca:6a:0c:2b:
e7:fd:72:84:ce:db:56:1d:e0:1f:1e:8c:6b:8f:3b:
60:3c:22:38:e8:f8:cf:b2:40:8e:25:81:86:7e:db:
b8:03:27:8b:7a:92:b8:32:32:9a:0d:af:d2:e7:b9:
14:0e:28:0b:13:4f:f5:36:fe:8c:ed:1d:62:c2:f7:
dc:c3:98:aa:09:70:89:bf:85:c2:f4:01:e1:59:61:
55:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:F5:DF:8E:45:96:7A:26:63:9E:64:01:AB:59:A1:DB:5B:4E:92:36
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/938d85ea-da85-4f15-8f87-5780d45bc4c1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.71.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a7:40:cc:15:2d:b2:a7:ac:52:90:8b:e4:4b:bb:e5:6b:88:a3:
79:56:37:15:68:e9:34:6d:33:fb:ed:dd:74:0c:75:81:ad:d2:
e2:5c:c5:33:7d:ea:53:03:94:53:81:94:09:a4:04:6a:20:18:
0b:72:c0:00:89:6f:eb:3f:f0:75:2c:65:b8:ef:71:83:a8:75:
6e:95:e5:2e:81:64:0c:40:a8:3a:ef:d1:d4:47:dd:94:ce:76:
a9:f4:00:46:ce:c7:d2:fa:7f:11:79:1e:fc:60:9f:d3:ac:ee:
08:a9:c7:53:25:87:92:85:6a:a2:67:c5:e6:ee:a9:4d:2b:c7:
91:e1:9e:07:25:56:08:f6:60:53:5f:d4:b0:32:37:6e:46:5e:
7d:0d:af:d2:1d:02:81:54:f9:1a:41:d1:ba:21:97:8f:8f:d5:
63:28:52:66:12:c7:8a:13:cd:e9:29:1f:7d:e5:8b:c8:2e:a8:
a3:89:a3:ef:ba:09:22:ea:44:5a:30:7a:1f:78:3d:56:11:1a:
b1:f6:74:da:ba:91:5d:06:c8:08:09:f0:83:ec:88:7f:47:52:
08:c5:f7:f3:4f:db:00:c7:7b:1d:67:99:8a:9d:34:44:6c:67:
6b:e7:7f:37:d8:e5:f3:ac:b0:7c:23:07:b1:b0:c3:03:a7:eb:
16:18:e7:b3
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUI63X+wdiyWHEhfRNYOW0mQnl+ScwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA0MTAwMDAwMTRaFw0yNjA3MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGFkNjg2NzNjNmM4MjVkZDc1YTg5NTA0MzA5OGZjYmNhMDdlNmRlNTMxZWY2
ZGRiYTIyZTc3YzIwMDdlY2ZiYjExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALw0AEH1TMo1LDIZTfp9hYlT5/LRg6yX6EWJ3DafTG80NZaA8cLqC5xHveNw
rIsjA4H1WHO9KnJf+QiFUuzflZYIfvAGfmG2+MqxEofAz2OIVV+kWImM7N+nK/KA
Mft+yHeefB7Xnfj1bhI3FxUKVXqIqxj19vUFET/imWYzedsl4QykpFRvg9yBeWG3
7jhBHWNaZDVUu3NapHPEtNuevxq6LrtJc1j8auRl7GvZk37Kagwr5/1yhM7bVh3g
Hx6Ma487YDwiOOj4z7JAjiWBhn7buAMni3qSuDIymg2v0ue5FA4oCxNP9Tb+jO0d
YsL33MOYqglwib+FwvQB4VlhVQECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTB9d+O
RZZ6JmOeZAGrWaHbW06SNjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OTM4ZDg1ZWEtZGE4NS00ZjE1LThmODctNTc4MGQ0NWJjNGMxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADlHMA0G
CSqGSIb3DQEBCwUAA4IBAQCnQMwVLbKnrFKQi+RLu+VriKN5VjcVaOk0bTP77d10
DHWBrdLiXMUzfepTA5RTgZQJpARqIBgLcsAAiW/rP/B1LGW473GDqHVuleUugWQM
QKg679HUR92Uznap9ABGzsfS+n8ReR78YJ/TrO4IqcdTJYeShWqiZ8Xm7qlNK8eR
4Z4HJVYI9mBTX9SwMjduRl59Da/SHQKBVPkaQdG6IZePj9VjKFJmEseKE83pKR99
5YvILqijiaPvugki6kRaMHofeD1WERqx9nTaupFdBsgICfCD7Ih/R1IIxffzT9sA
x3sdZ5mKnTREbGdr53832OXzrLB8IwexsMMDp+sWGOez
-----END CERTIFICATE-----
Generated at Fri Apr 17 05:44:28 2026 by rpki-client