Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/94c2a36e-245b-439a-bf61-04132c5df5a4.roa
File: 94c2a36e-245b-439a-bf61-04132c5df5a4.roa (raw, json)
Hash identifier: sgAdY8nLUHNDAfNY1tI5OIZC803WCwdRrIUR8lSOK5o=
Subject key identifier: E5:E0:B2:55:05:3A:A5:87:5D:CB:22:7C:03:E5:A0:CD:2F:54:3C:55
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4424BB225181A6291C7B1F076DA4DA703B6B532A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/94c2a36e-245b-439a-bf61-04132c5df5a4.roa
Signing time: Tue 19 May 2026 05:40:03 +0000
ROA not before: Tue 19 May 2026 05:40:03 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.35.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:24:bb:22:51:81:a6:29:1c:7b:1f:07:6d:a4:da:70:3b:6b:53:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 05:40:03 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=6addd4d2e39c41e9295b1226ad18d6df05c00aeb86df344d4e821461dc28f67f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:41:38:30:16:b0:58:4a:3c:ba:db:90:d6:b9:
7f:49:71:2b:7f:a9:a5:67:00:b0:a3:34:3c:9b:36:
bf:39:cc:d9:7a:9b:3c:2f:82:4c:f3:aa:dd:36:45:
ec:60:aa:ff:ba:7a:91:94:04:86:12:65:72:17:a7:
af:f7:7c:d2:70:5d:27:15:4c:24:cd:55:ab:0b:53:
c3:1e:b5:d7:a4:33:0a:6c:59:90:89:45:a4:24:1a:
7f:d0:87:ab:ff:3e:26:07:11:74:d1:3d:6a:a3:9c:
86:11:ba:20:9c:7d:e8:e5:5f:ab:ff:2d:20:10:a6:
a3:bb:2c:1c:04:ae:fe:33:e0:8a:c8:71:04:a3:b3:
ca:ab:90:95:09:2b:9a:45:19:59:f1:d7:38:87:b2:
aa:f9:9c:7a:08:2b:86:43:ab:34:99:10:f0:13:a2:
c7:d6:de:dc:57:45:aa:cf:47:59:aa:44:61:dc:46:
cc:c2:89:ad:02:33:b7:00:dc:a6:0d:81:5c:a3:78:
f1:e2:ad:34:5a:f8:fc:91:3f:38:c8:0b:90:d6:e1:
45:15:2b:ec:8f:b9:23:77:a4:2a:30:27:92:71:58:
c8:cc:7d:9b:3d:aa:04:6e:34:fb:94:d5:fc:06:26:
3f:77:27:9f:93:8e:b6:46:04:6e:08:38:7f:d1:f2:
53:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:E0:B2:55:05:3A:A5:87:5D:CB:22:7C:03:E5:A0:CD:2F:54:3C:55
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/94c2a36e-245b-439a-bf61-04132c5df5a4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.35.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4d:10:b6:1d:67:45:6b:a8:b0:f7:9e:2b:7b:28:53:99:65:af:
4a:6c:76:76:2f:a7:b9:da:99:97:10:d4:76:dc:bd:9b:f9:f3:
94:5c:3e:a8:48:07:45:2b:61:9d:01:75:14:17:81:d8:83:ac:
91:98:b5:2e:29:43:d6:fd:b5:94:39:00:ef:81:d9:98:2f:ed:
7a:5a:28:6c:ec:3d:fa:51:ae:22:f8:a3:8f:82:05:a1:30:57:
b0:b3:56:4a:e0:b8:e9:67:ee:b6:28:eb:86:b9:11:71:5b:ed:
84:6e:bd:4c:db:a8:08:d2:c9:2a:bd:26:11:14:3b:ba:79:e9:
a7:6b:2b:d5:76:c7:37:c6:8f:78:cc:f9:6d:8e:2f:59:6a:fc:
ae:4e:ce:45:7c:7d:17:eb:c5:80:ad:30:32:d4:fb:97:4f:7b:
b7:d9:6c:b2:43:7a:c6:a5:e5:c6:1e:1e:20:6f:6b:00:e2:5e:
45:79:0f:3c:b0:bd:e9:f7:6d:00:89:d9:9f:d9:cd:70:7d:55:
04:b7:93:3a:b9:7b:65:e7:43:9e:fc:3c:52:a6:85:27:b0:de:
d1:13:e6:a9:ef:15:de:5a:a4:d3:73:3a:d3:d1:03:1d:24:86:
e5:23:8f:f8:46:c9:6b:38:1e:85:ca:4b:81:3a:8e:0d:b5:c7:
bb:39:a0:21
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIURCS7IlGBpikcex8HbaTacDtrUyowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNTQwMDNaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDZhZGRkNGQyZTM5YzQxZTkyOTViMTIyNmFkMThkNmRmMDVjMDBhZWI4NmRm
MzQ0ZDRlODIxNDYxZGMyOGY2N2YxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO1BODAWsFhKPLrbkNa5f0lxK3+ppWcAsKM0PJs2vznM2XqbPC+CTPOq3TZF
7GCq/7p6kZQEhhJlchenr/d80nBdJxVMJM1VqwtTwx6116QzCmxZkIlFpCQaf9CH
q/8+JgcRdNE9aqOchhG6IJx96OVfq/8tIBCmo7ssHASu/jPgishxBKOzyquQlQkr
mkUZWfHXOIeyqvmceggrhkOrNJkQ8BOix9be3FdFqs9HWapEYdxGzMKJrQIztwDc
pg2BXKN48eKtNFr4/JE/OMgLkNbhRRUr7I+5I3ekKjAnknFYyMx9mz2qBG40+5TV
/AYmP3cnn5OOtkYEbgg4f9HyU4cCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTl4LJV
BTqlh13LInwD5aDNL1Q8VTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OTRjMmEzNmUtMjQ1Yi00MzlhLWJmNjEtMDQxMzJjNWRmNWE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMjMA0G
CSqGSIb3DQEBCwUAA4IBAQBNELYdZ0VrqLD3nit7KFOZZa9KbHZ2L6e52pmXENR2
3L2b+fOUXD6oSAdFK2GdAXUUF4HYg6yRmLUuKUPW/bWUOQDvgdmYL+16Wihs7D36
Ua4i+KOPggWhMFews1ZK4LjpZ+62KOuGuRFxW+2Ebr1M26gI0skqvSYRFDu6eemn
ayvVdsc3xo94zPltji9ZavyuTs5FfH0X68WArTAy1PuXT3u32WyyQ3rGpeXGHh4g
b2sA4l5FeQ88sL3p920Aidmf2c1wfVUEt5M6uXtl50Oe/DxSpoUnsN7RE+ap7xXe
WqTTczrT0QMdJIblI4/4RslrOB6FykuBOo4Ntce7OaAh
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:00:32 2026 by rpki-client