Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9eb7dfb3-5cb3-484a-b550-418fc540ea28.roa
File: 9eb7dfb3-5cb3-484a-b550-418fc540ea28.roa (raw, json)
Hash identifier: IlpKcYoRMUYI5lNOjyF/mIPivn6xh0QhF0yfs0Tfa1M=
Subject key identifier: F5:EC:B0:77:19:17:10:AA:2B:EF:8E:10:F6:91:88:7C:BB:9D:4B:BE
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6DA2A0F32060E4535E366065A89D0B83F746B093
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9eb7dfb3-5cb3-484a-b550-418fc540ea28.roa
Signing time: Tue 19 May 2026 05:50:21 +0000
ROA not before: Tue 19 May 2026 05:50:21 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.50.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:a2:a0:f3:20:60:e4:53:5e:36:60:65:a8:9d:0b:83:f7:46:b0:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 05:50:21 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=dca88e77f8f7ecf67793880c8198a2504cec50c4252ba0da8d4cdf806e41f524, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:0f:8d:4c:87:7b:b5:cc:e8:0b:b3:98:2d:96:
ec:68:b5:a5:10:93:fa:d8:a4:0c:67:d5:99:ca:51:
cb:04:19:99:11:4a:50:15:df:7b:8a:7c:61:2f:c4:
c6:8b:16:df:a2:a9:ec:00:d4:cc:3d:67:7d:4d:8d:
25:5f:ce:77:15:63:ba:01:16:15:05:51:20:ad:c4:
92:98:07:ad:ce:6c:1b:6d:8a:1f:31:d6:59:6c:b9:
11:f3:c9:94:e6:99:8a:37:92:97:d3:9a:ed:6a:4e:
97:b0:26:e5:e8:12:fd:fe:6f:57:53:06:c8:d2:4f:
b4:53:af:db:5c:1f:e1:bf:57:5f:71:a6:22:08:d1:
e8:72:65:f8:54:38:9a:bf:69:da:1d:37:99:50:b4:
23:2b:a9:03:55:75:a3:d0:a3:be:22:3b:0e:11:f1:
5b:42:b8:06:b3:86:3b:b8:29:bd:f9:77:a4:6f:31:
1a:e8:34:65:ca:b4:8f:bd:d2:31:35:39:c8:af:46:
a0:83:59:ce:34:1f:db:e6:75:41:44:70:d3:de:ef:
ce:b0:26:da:df:b2:8b:ca:61:2d:a5:f7:02:9b:a6:
35:1c:29:2c:ff:c3:f9:62:c0:fc:f1:28:0e:3f:0c:
55:a3:1f:ad:f0:c4:73:09:1e:7a:1c:a2:44:fa:8b:
fd:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:EC:B0:77:19:17:10:AA:2B:EF:8E:10:F6:91:88:7C:BB:9D:4B:BE
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9eb7dfb3-5cb3-484a-b550-418fc540ea28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.50.0.0/16
Signature Algorithm: sha256WithRSAEncryption
52:2a:aa:d3:e7:4c:df:c5:06:d5:ee:c1:b3:f8:57:e0:bf:c6:
f5:ef:7f:a5:31:23:da:3f:b3:99:58:78:13:b1:1c:ce:78:b3:
b4:78:74:6e:4f:74:06:d2:6d:0c:ba:36:30:51:07:d8:5d:0c:
96:6a:fd:62:5e:58:a7:45:be:e6:a9:47:b8:a3:0a:00:3a:92:
4d:ed:97:75:ab:e5:c5:3c:d4:35:ec:c0:21:1e:91:1f:dc:79:
74:8f:e5:67:50:9d:2d:49:aa:ef:20:89:e8:bf:6e:00:2f:70:
07:f3:10:70:2e:e5:4f:fb:fe:ba:7a:f2:c9:bf:6d:eb:4a:b2:
d0:08:94:8d:05:cf:01:81:c1:9c:a5:5a:f5:93:5a:60:82:08:
89:57:f9:89:24:9c:bf:c9:38:98:40:58:4a:d8:6b:16:1d:db:
c8:b2:02:9f:b0:30:b8:20:92:56:7c:5f:30:07:a3:a8:e2:96:
9c:bb:b3:87:e2:28:5c:6a:4d:a9:de:8c:e4:e5:95:5f:d7:11:
5a:60:cb:5f:53:0d:20:65:32:8a:03:9c:9f:37:3d:fd:7f:c5:
49:9d:d1:f5:f5:99:ef:95:63:73:ad:46:cd:c2:7e:c1:7d:0a:
91:ea:cf:6e:60:53:7b:8e:f3:0f:e4:9c:bc:a1:2b:d9:e7:34:
d4:78:42:84
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUbaKg8yBg5FNeNmBlqJ0Lg/dGsJMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNTUwMjFaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGRjYTg4ZTc3ZjhmN2VjZjY3NzkzODgwYzgxOThhMjUwNGNlYzUwYzQyNTJi
YTBkYThkNGNkZjgwNmU0MWY1MjQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALgPjUyHe7XM6AuzmC2W7Gi1pRCT+tikDGfVmcpRywQZmRFKUBXfe4p8YS/E
xosW36Kp7ADUzD1nfU2NJV/OdxVjugEWFQVRIK3EkpgHrc5sG22KHzHWWWy5EfPJ
lOaZijeSl9Oa7WpOl7Am5egS/f5vV1MGyNJPtFOv21wf4b9XX3GmIgjR6HJl+FQ4
mr9p2h03mVC0IyupA1V1o9CjviI7DhHxW0K4BrOGO7gpvfl3pG8xGug0Zcq0j73S
MTU5yK9GoINZzjQf2+Z1QURw097vzrAm2t+yi8phLaX3ApumNRwpLP/D+WLA/PEo
Dj8MVaMfrfDEcwkeehyiRPqL/YsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT17LB3
GRcQqivvjhD2kYh8u51LvjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWViN2RmYjMtNWNiMy00ODRhLWI1NTAtNDE4ZmM1NDBlYTI4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMyMA0G
CSqGSIb3DQEBCwUAA4IBAQBSKqrT50zfxQbV7sGz+Ffgv8b173+lMSPaP7OZWHgT
sRzOeLO0eHRuT3QG0m0MujYwUQfYXQyWav1iXlinRb7mqUe4owoAOpJN7Zd1q+XF
PNQ17MAhHpEf3Hl0j+VnUJ0tSarvIInov24AL3AH8xBwLuVP+/66evLJv23rSrLQ
CJSNBc8BgcGcpVr1k1pgggiJV/mJJJy/yTiYQFhK2GsWHdvIsgKfsDC4IJJWfF8w
B6Oo4pacu7OH4ihcak2p3ozk5ZVf1xFaYMtfUw0gZTKKA5yfNz39f8VJndH19Znv
lWNzrUbNwn7BfQqR6s9uYFN7jvMP5Jy8oSvZ5zTUeEKE
-----END CERTIFICATE-----
Generated at Sat Jun 13 11:34:00 2026 by rpki-client