Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9ebfa348-5910-4667-b4db-cfb5bb3acbc8.roa
File: 9ebfa348-5910-4667-b4db-cfb5bb3acbc8.roa (raw, json)
Hash identifier: XSqgT7upSq4mycYtzh5RBHejqY7oZiukCzjO0WyvW6k=
Subject key identifier: 17:A2:42:B7:8C:E3:66:B2:1A:FA:1B:39:88:3F:21:59:A2:91:A7:8F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 58B22291167B91AAC6561C2B9D23FF65B507F11F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9ebfa348-5910-4667-b4db-cfb5bb3acbc8.roa
Signing time: Tue 19 May 2026 05:50:24 +0000
ROA not before: Tue 19 May 2026 05:50:24 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.188.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:b2:22:91:16:7b:91:aa:c6:56:1c:2b:9d:23:ff:65:b5:07:f1:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 05:50:24 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=4633d9728adb490c92f0c60e3e55b24e730d48dd5a19826812723cbfff97aea2, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:4a:1c:d5:59:93:1c:53:55:81:17:02:f6:bf:
88:8f:05:90:35:4e:4f:ed:74:26:91:e9:6c:4b:97:
42:64:73:c2:d5:bd:cf:c3:23:b2:65:43:0a:3a:1e:
38:9b:1b:b0:6e:c0:54:5e:cb:84:14:56:14:4c:f0:
a3:74:7e:2f:7c:2d:49:f6:4b:f9:26:5c:4a:ac:ae:
a1:30:b1:a5:8b:8f:26:b7:a4:60:e4:a8:2a:16:ff:
a3:24:b8:95:79:30:c5:e6:fe:5c:e2:77:9a:fe:68:
16:54:26:94:a7:6f:3f:0c:1a:9d:54:e9:9d:7c:a6:
82:b0:1b:9a:16:a1:4a:94:6f:0a:0f:23:f7:24:a5:
ed:0a:23:65:16:cc:94:ab:34:ed:54:b0:e8:9c:95:
1d:17:1b:b4:8c:9f:50:b9:5f:79:04:f0:b8:d9:d3:
b5:d6:7f:9f:57:e6:53:f7:18:c1:78:ca:0b:17:8b:
74:8e:65:67:95:99:5a:e0:da:6d:6a:fc:13:50:16:
80:af:4a:97:35:4b:5a:ff:f5:ad:5e:1c:79:00:13:
e0:3b:6f:a7:d0:43:6f:d0:fe:c5:85:e5:66:65:7b:
87:ac:64:0e:f9:fe:84:5e:98:a0:6d:6d:6b:92:c4:
b4:ce:4b:2b:0d:9c:47:13:ba:0e:d2:df:f9:fc:a0:
56:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:A2:42:B7:8C:E3:66:B2:1A:FA:1B:39:88:3F:21:59:A2:91:A7:8F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9ebfa348-5910-4667-b4db-cfb5bb3acbc8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.188.0.0/15
Signature Algorithm: sha256WithRSAEncryption
cf:aa:0b:ec:5a:a5:30:86:86:cb:63:51:5d:81:35:a4:ea:12:
76:f2:18:ee:c2:82:13:e9:d9:40:31:7e:c8:91:2b:15:7f:cf:
eb:05:04:78:cb:2c:c1:8c:0b:d2:0b:4c:d8:a2:80:ce:bc:24:
f4:2c:d7:1b:40:96:44:ab:09:cc:72:c0:a9:61:12:c4:34:9b:
1c:0a:b1:4e:ad:90:e7:28:04:7e:17:31:40:08:10:c4:90:2f:
ec:3a:c0:d1:af:05:c5:d5:24:d0:35:89:51:2e:35:fc:77:04:
e3:dd:71:3d:26:02:c0:04:13:60:86:7b:a6:1c:d8:0d:a8:83:
3e:f7:09:3b:24:d1:bc:29:a2:97:61:dd:1a:77:41:98:6f:b0:
a2:0c:75:66:fa:42:bd:83:0b:02:90:f3:57:4d:96:3a:bd:5f:
2b:e1:e7:1e:d1:5b:13:15:14:7e:40:69:75:d4:04:f1:71:ef:
36:ef:a0:43:b8:25:b1:9f:d3:47:0b:79:ef:b8:39:46:6d:76:
cd:ed:b8:a9:5d:4d:8e:34:97:bd:dc:ba:d2:2c:31:fa:61:4f:
9f:c7:05:3c:ae:c7:ef:da:05:d4:0b:a3:58:b8:54:95:81:41:
01:5b:35:80:c8:9c:48:77:57:97:14:fb:38:25:c3:91:e8:bd:
77:1e:c9:99
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUWLIikRZ7karGVhwrnSP/ZbUH8R8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNTUwMjRaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ2MzNkOTcyOGFkYjQ5MGM5MmYwYzYwZTNlNTViMjRlNzMwZDQ4ZGQ1YTE5
ODI2ODEyNzIzY2JmZmY5N2FlYTIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPBKHNVZkxxTVYEXAva/iI8FkDVOT+10JpHpbEuXQmRzwtW9z8MjsmVDCjoe
OJsbsG7AVF7LhBRWFEzwo3R+L3wtSfZL+SZcSqyuoTCxpYuPJrekYOSoKhb/oyS4
lXkwxeb+XOJ3mv5oFlQmlKdvPwwanVTpnXymgrAbmhahSpRvCg8j9ySl7QojZRbM
lKs07VSw6JyVHRcbtIyfULlfeQTwuNnTtdZ/n1fmU/cYwXjKCxeLdI5lZ5WZWuDa
bWr8E1AWgK9KlzVLWv/1rV4ceQAT4Dtvp9BDb9D+xYXlZmV7h6xkDvn+hF6YoG1t
a5LEtM5LKw2cRxO6DtLf+fygVr0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQXokK3
jONmshr6GzmIPyFZopGnjzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWViZmEzNDgtNTkxMC00NjY3LWI0ZGItY2ZiNWJiM2FjYmM4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATO8MA0G
CSqGSIb3DQEBCwUAA4IBAQDPqgvsWqUwhobLY1FdgTWk6hJ28hjuwoIT6dlAMX7I
kSsVf8/rBQR4yyzBjAvSC0zYooDOvCT0LNcbQJZEqwnMcsCpYRLENJscCrFOrZDn
KAR+FzFACBDEkC/sOsDRrwXF1STQNYlRLjX8dwTj3XE9JgLABBNghnumHNgNqIM+
9wk7JNG8KaKXYd0ad0GYb7CiDHVm+kK9gwsCkPNXTZY6vV8r4ece0VsTFRR+QGl1
1ATxce8276BDuCWxn9NHC3nvuDlGbXbN7bipXU2ONJe93LrSLDH6YU+fxwU8rsfv
2gXUC6NYuFSVgUEBWzWAyJxId1eXFPs4JcOR6L13HsmZ
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:11:48 2026 by rpki-client