Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/95019996-0ef4-4f98-90e2-dd7efc004375.roa
File: 95019996-0ef4-4f98-90e2-dd7efc004375.roa (raw, json)
Hash identifier: akIVc1wOS/t1hiS1yALvb/hVb2YW22qo+1AhUIqqWhc=
Subject key identifier: 59:64:B4:ED:D1:69:06:7C:32:79:CF:6A:62:97:A7:7D:D2:00:A1:FC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0AF097D1A4397D766B202B993088DB66BDC3FE16
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/95019996-0ef4-4f98-90e2-dd7efc004375.roa
Signing time: Tue 19 May 2026 05:50:33 +0000
ROA not before: Tue 19 May 2026 05:50:33 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 159.244.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:f0:97:d1:a4:39:7d:76:6b:20:2b:99:30:88:db:66:bd:c3:fe:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 05:50:33 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=1f82039b3734b95c49753fb9ccd3f8dc5533ebfbe71d96a8e4e3c9e335beb82b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:c4:cc:b8:c7:82:0f:e7:96:05:1f:af:80:49:
48:89:54:e6:b6:fd:88:ea:f1:20:a2:2d:9d:28:e4:
e1:73:8a:a3:ad:81:dd:fb:7e:90:bb:3d:f6:7f:06:
1a:19:f2:c6:7e:cd:6a:24:2c:c2:26:ca:45:2a:81:
66:2d:84:ff:3c:b0:b0:e8:a7:bd:d8:84:dc:b2:f7:
cd:9c:22:7f:39:a3:c6:f2:5b:43:51:96:1e:06:23:
24:97:1b:00:6e:4a:5c:73:77:91:76:17:2a:43:52:
88:92:61:01:13:41:12:4a:54:6f:44:fc:fb:5c:1b:
90:7b:85:71:7d:9c:f1:e0:fc:d9:d0:5f:2f:1b:b7:
c4:17:26:8a:bf:e5:b7:61:83:91:97:65:5a:65:c6:
3b:da:50:c1:6a:d4:de:a7:6f:34:d9:06:ec:94:ee:
91:13:09:47:d3:a8:ea:ef:61:e1:92:0c:89:42:fe:
37:1d:6c:2c:41:14:ea:55:4b:22:59:12:21:f4:87:
6b:f3:4b:16:ba:05:b3:d0:08:fb:8d:51:79:f9:51:
f1:f7:7c:a4:9f:73:e2:fd:48:3a:6b:bf:70:e0:ca:
f4:20:da:80:09:16:a0:80:5b:2d:8b:7b:ec:0f:d0:
00:62:1c:69:da:4b:f3:23:a6:6c:25:93:50:83:b4:
5d:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:64:B4:ED:D1:69:06:7C:32:79:CF:6A:62:97:A7:7D:D2:00:A1:FC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/95019996-0ef4-4f98-90e2-dd7efc004375.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.244.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8e:66:d5:93:72:f1:30:03:f6:0e:c9:af:05:72:7a:f8:9c:cc:
58:4b:27:d8:ce:fe:96:89:31:4c:35:2f:85:44:5b:95:9e:4c:
1d:84:46:14:d2:f2:b5:40:97:f5:f6:dd:da:cd:58:36:f6:b5:
33:24:d2:f9:ab:a3:a0:ab:76:56:24:9c:13:81:a0:f0:2d:0e:
bc:44:a0:d2:b7:ae:ee:44:74:d2:24:a2:5c:57:8d:85:4f:af:
26:37:37:8f:19:1a:ee:11:31:a7:e1:79:42:8d:03:0a:94:61:
96:ec:96:cd:e4:b3:ca:fc:57:e9:14:86:de:14:9e:66:61:1a:
3e:32:5a:88:d0:db:1e:0c:7c:80:5e:03:1d:b5:b5:4f:c5:1c:
e4:44:22:09:d8:90:54:66:73:5d:e1:2b:fe:8b:b2:43:6e:15:
92:86:df:03:de:05:4f:a8:0d:e8:fa:52:2c:ee:b5:0f:99:9a:
90:1d:b7:d8:67:4d:c2:4e:76:49:55:c5:75:89:be:37:5d:e6:
98:c9:9f:b5:23:28:ea:b8:03:01:55:e3:15:c4:f9:d0:d5:30:
23:72:04:e9:d9:c4:6a:a2:35:c9:41:3c:85:ab:2a:ba:b4:ed:
a0:b0:d4:ac:49:06:70:4c:26:ec:fc:ad:c1:a6:dc:c5:bb:7b:
e7:78:28:ba
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUCvCX0aQ5fXZrICuZMIjbZr3D/hYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNTUwMzNaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDFmODIwMzliMzczNGI5NWM0OTc1M2ZiOWNjZDNmOGRjNTUzM2ViZmJlNzFk
OTZhOGU0ZTNjOWUzMzViZWI4MmIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMDEzLjHgg/nlgUfr4BJSIlU5rb9iOrxIKItnSjk4XOKo62B3ft+kLs99n8G
Ghnyxn7NaiQswibKRSqBZi2E/zywsOinvdiE3LL3zZwifzmjxvJbQ1GWHgYjJJcb
AG5KXHN3kXYXKkNSiJJhARNBEkpUb0T8+1wbkHuFcX2c8eD82dBfLxu3xBcmir/l
t2GDkZdlWmXGO9pQwWrU3qdvNNkG7JTukRMJR9Oo6u9h4ZIMiUL+Nx1sLEEU6lVL
IlkSIfSHa/NLFroFs9AI+41ReflR8fd8pJ9z4v1IOmu/cODK9CDagAkWoIBbLYt7
7A/QAGIcadpL8yOmbCWTUIO0XWECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRZZLTt
0WkGfDJ5z2pil6d90gCh/DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OTUwMTk5OTYtMGVmNC00Zjk4LTkwZTItZGQ3ZWZjMDA0Mzc1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJ/0MA0G
CSqGSIb3DQEBCwUAA4IBAQCOZtWTcvEwA/YOya8Fcnr4nMxYSyfYzv6WiTFMNS+F
RFuVnkwdhEYU0vK1QJf19t3azVg29rUzJNL5q6Ogq3ZWJJwTgaDwLQ68RKDSt67u
RHTSJKJcV42FT68mNzePGRruETGn4XlCjQMKlGGW7JbN5LPK/FfpFIbeFJ5mYRo+
MlqI0NseDHyAXgMdtbVPxRzkRCIJ2JBUZnNd4Sv+i7JDbhWSht8D3gVPqA3o+lIs
7rUPmZqQHbfYZ03CTnZJVcV1ib43XeaYyZ+1IyjquAMBVeMVxPnQ1TAjcgTp2cRq
ojXJQTyFqyq6tO2gsNSsSQZwTCbs/K3BptzFu3vneCi6
-----END CERTIFICATE-----
Generated at Sat Jun 13 07:59:58 2026 by rpki-client