Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a08b99a-284f-4e69-83b1-fbfba94e7f22.roa
File: 9a08b99a-284f-4e69-83b1-fbfba94e7f22.roa (raw, json)
Hash identifier: /jDWWKGobuvcMpl58DUy3772PbKQ37O1STH2B2b4z5U=
Subject key identifier: 2A:34:A0:45:56:83:90:EB:8C:84:37:9B:E5:08:55:C8:93:8E:ED:3F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4EA862AD95B43F18BBC1A481017617E265DEC149
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a08b99a-284f-4e69-83b1-fbfba94e7f22.roa
Signing time: Tue 19 May 2026 06:00:10 +0000
ROA not before: Tue 19 May 2026 06:00:10 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 145.55.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:a8:62:ad:95:b4:3f:18:bb:c1:a4:81:01:76:17:e2:65:de:c1:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 06:00:10 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=fef2f68ed69d0f09c12b5a60e8d60ec994260253779d99a256b918ec3a850653, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:8c:88:e1:ec:44:4a:5a:88:02:b1:29:8f:38:
68:b6:2b:a1:22:62:ef:64:a7:3c:dd:9e:da:f9:a6:
a6:a8:2b:04:2e:ba:34:e7:e1:eb:97:66:ff:3a:09:
c8:71:8c:ed:e2:14:73:3f:b7:0e:5a:8b:9c:53:79:
8c:d5:f6:6f:fc:a6:ec:05:21:a8:dc:0e:78:1c:2a:
35:13:ff:0a:4e:40:65:24:23:d0:05:b3:5c:fc:73:
c7:92:f2:f9:3c:59:6c:fb:2d:1e:a7:a4:81:f3:27:
ba:ce:9d:e9:6c:bf:9a:f6:9c:68:31:81:4d:e7:d8:
b5:4d:6d:bc:6f:7a:17:4a:fc:47:87:e0:08:45:e6:
b8:f5:5f:1c:70:ad:31:f2:8f:c9:bd:fa:31:54:79:
36:e1:46:52:62:82:32:70:cb:f6:ad:19:90:29:8b:
72:55:f4:93:10:01:a0:19:b1:1a:ec:f5:a6:df:92:
4c:f9:3f:42:6a:a6:ab:5d:f0:5f:0b:6e:14:b6:12:
e5:51:87:ce:57:d1:4a:7c:e8:9d:ad:44:04:c0:18:
56:bc:6e:7d:aa:9e:50:22:cd:88:2b:29:2d:9b:e4:
5e:97:ee:79:72:9d:a2:5d:ea:a6:63:74:c6:4e:2b:
ee:a4:eb:3f:da:76:d9:b1:f1:81:b0:ac:06:5e:c6:
6d:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:34:A0:45:56:83:90:EB:8C:84:37:9B:E5:08:55:C8:93:8E:ED:3F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a08b99a-284f-4e69-83b1-fbfba94e7f22.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.55.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1c:87:ea:c4:77:1e:b7:97:c7:34:07:8d:49:4b:f0:ac:77:fb:
90:75:cb:f6:c8:37:90:6e:9a:26:29:a9:99:79:75:3f:4b:d6:
24:93:bd:88:eb:98:2f:bc:54:ed:fc:01:f7:fe:1b:30:30:d1:
9a:34:c9:4c:98:eb:94:82:1c:01:d9:b6:13:7a:97:f5:1e:c7:
df:b1:fa:12:f4:ab:8d:1a:19:e1:82:ec:42:00:82:6b:f0:f1:
02:bb:4d:bc:a9:c5:4d:02:a2:71:42:96:92:86:d1:c6:78:de:
64:bf:75:79:c6:f7:b4:14:9b:32:19:30:07:81:02:e9:35:87:
09:0e:82:50:f1:57:ac:f2:2a:b6:e2:b4:01:69:63:e1:63:be:
80:73:8a:f8:f1:3e:89:e7:06:7f:7b:43:ae:4c:78:06:c5:d4:
35:3a:fd:41:7e:1c:b4:7d:5c:42:fa:1f:36:c8:94:32:65:e0:
07:3f:68:b2:c6:06:e3:f7:72:c5:f9:02:d6:d6:b3:ed:3c:46:
d6:d9:3b:46:40:8e:69:41:ba:50:94:00:e4:34:73:62:99:23:
4b:9f:25:17:ba:1e:e5:51:64:f7:56:8c:a2:9b:0d:90:f9:64:
a3:86:63:c1:b3:43:e9:7e:74:88:23:a9:eb:95:d7:0a:83:b0:
c4:94:4a:5a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUTqhirZW0Pxi7waSBAXYX4mXewUkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNjAwMTBaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGZlZjJmNjhlZDY5ZDBmMDljMTJiNWE2MGU4ZDYwZWM5OTQyNjAyNTM3Nzlk
OTlhMjU2YjkxOGVjM2E4NTA2NTMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOCMiOHsREpaiAKxKY84aLYroSJi72SnPN2e2vmmpqgrBC66NOfh65dm/zoJ
yHGM7eIUcz+3DlqLnFN5jNX2b/ym7AUhqNwOeBwqNRP/Ck5AZSQj0AWzXPxzx5Ly
+TxZbPstHqekgfMnus6d6Wy/mvacaDGBTefYtU1tvG96F0r8R4fgCEXmuPVfHHCt
MfKPyb36MVR5NuFGUmKCMnDL9q0ZkCmLclX0kxABoBmxGuz1pt+STPk/Qmqmq13w
XwtuFLYS5VGHzlfRSnzona1EBMAYVrxufaqeUCLNiCspLZvkXpfueXKdol3qpmN0
xk4r7qTrP9p22bHxgbCsBl7GbccCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQqNKBF
VoOQ64yEN5vlCFXIk47tPzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWEwOGI5OWEtMjg0Zi00ZTY5LTgzYjEtZmJmYmE5NGU3ZjIyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJE3MA0G
CSqGSIb3DQEBCwUAA4IBAQAch+rEdx63l8c0B41JS/Csd/uQdcv2yDeQbpomKamZ
eXU/S9Ykk72I65gvvFTt/AH3/hswMNGaNMlMmOuUghwB2bYTepf1HsffsfoS9KuN
GhnhguxCAIJr8PECu028qcVNAqJxQpaShtHGeN5kv3V5xve0FJsyGTAHgQLpNYcJ
DoJQ8Ves8iq24rQBaWPhY76Ac4r48T6J5wZ/e0OuTHgGxdQ1Ov1Bfhy0fVxC+h82
yJQyZeAHP2iyxgbj93LF+QLW1rPtPEbW2TtGQI5pQbpQlADkNHNimSNLnyUXuh7l
UWT3Voyimw2Q+WSjhmPBs0PpfnSII6nrldcKg7DElEpa
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:25:46 2026 by rpki-client