Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a1b27e87-801f-4c9e-98a2-f81b54e8b8d9.roa
File: a1b27e87-801f-4c9e-98a2-f81b54e8b8d9.roa (raw, json)
Hash identifier: UP5nM7V5c2jvhtZjlnZsGxhD8tUPbK0YHuWdSepCwag=
Subject key identifier: 08:3A:CF:99:ED:29:45:4F:1F:10:41:63:64:B0:CB:E1:80:6B:5E:0A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 34250319AE4E745AC4350B4661F1C760B834A361
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a1b27e87-801f-4c9e-98a2-f81b54e8b8d9.roa
Signing time: Wed 20 May 2026 00:50:08 +0000
ROA not before: Wed 20 May 2026 00:50:08 +0000
ROA not after: Tue 18 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.112.0.0/15 maxlen: 15
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:25:03:19:ae:4e:74:5a:c4:35:0b:46:61:f1:c7:60:b8:34:a3:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 00:50:08 2026 GMT
Not After : Aug 18 23:59:59 2026 GMT
Subject: serialNumber=82af4896264f44df1234b57356586b5aa76a4eab1e6cee4a70134a253c5816ba, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ad:d6:da:b4:30:d8:a8:a1:2d:ca:cc:a8:d6:
c7:ac:ca:dd:d6:99:e5:da:66:62:1c:6c:55:a7:9d:
8f:ac:e0:55:12:de:53:57:0f:35:5c:0d:5b:cd:a6:
40:c3:7a:8d:91:b0:9c:4f:21:f5:a3:3f:19:ce:d1:
ed:a1:82:28:5d:94:b4:26:d5:de:51:76:4b:75:f4:
f3:9f:21:7a:39:b8:a2:57:1d:60:f7:b6:bf:db:b1:
81:b9:7e:3c:c6:b7:d1:5e:8c:6f:50:34:e5:ea:82:
c4:f5:03:61:04:6a:b4:e8:4e:36:02:2e:8a:67:fb:
a5:bb:cf:ab:88:cb:1e:23:30:24:35:07:d7:fb:81:
a6:aa:84:1f:61:a8:22:01:13:ee:45:39:b5:01:78:
7b:0f:95:11:38:d1:d6:ad:d6:9b:ed:55:72:c8:a4:
ac:7b:c1:37:65:dd:f5:56:76:2d:7e:79:86:d7:78:
b1:42:8c:37:32:15:ee:82:07:57:43:33:11:3b:bb:
35:db:54:3b:74:31:43:a9:f9:c7:d4:37:59:7e:92:
8b:49:9b:b7:ab:fa:ba:a7:c6:2f:18:03:1f:24:9b:
1f:74:84:3a:ce:ba:4a:62:99:67:59:41:27:67:00:
ad:bb:23:cb:3a:a4:8f:a1:67:91:97:69:d9:7c:b3:
4c:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:3A:CF:99:ED:29:45:4F:1F:10:41:63:64:B0:CB:E1:80:6B:5E:0A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a1b27e87-801f-4c9e-98a2-f81b54e8b8d9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.112.0.0/15
Signature Algorithm: sha256WithRSAEncryption
c8:86:81:3c:7c:98:ae:d3:50:d1:36:72:2f:bf:79:36:17:11:
5c:1b:19:60:35:70:69:57:2d:af:f6:33:51:d5:14:52:1d:48:
80:05:34:ac:70:f0:31:1a:30:ca:7c:5d:7e:ca:b8:71:2c:34:
50:4b:40:01:07:33:06:85:fb:3d:59:cc:93:0f:e2:6b:4d:49:
9b:ee:07:0f:18:98:ba:4d:7d:54:52:f5:95:7e:c8:aa:64:f2:
f2:af:00:17:95:b2:53:76:07:19:16:bd:18:21:d7:3c:ae:82:
1d:ee:27:1d:83:b0:64:ae:01:8d:a7:52:f2:90:f3:54:d3:a4:
f1:2e:e3:60:7a:05:ea:c5:66:0f:17:da:b8:e4:6e:91:b9:3f:
da:69:85:01:ee:b7:2c:26:22:0e:47:3e:b0:24:62:5b:ee:c4:
60:ef:f3:e4:8c:01:f0:68:5f:b3:46:31:b6:34:52:58:0d:a0:
61:22:61:e6:d3:b9:bb:2c:1c:90:8e:68:81:f5:94:31:1e:a3:
a9:e1:8f:de:4b:6e:97:c5:01:09:1f:6a:0b:ff:ce:ff:5e:99:
3a:cf:05:15:ca:da:7c:5f:bd:6a:78:4c:cb:06:d8:58:9b:24:
71:88:64:f0:a1:87:71:dc:b2:94:bd:9a:f1:bb:06:4b:a4:ac:
b8:a1:58:c1
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUNCUDGa5OdFrENQtGYfHHYLg0o2EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MjAwMDUwMDhaFw0yNjA4MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDgyYWY0ODk2MjY0ZjQ0ZGYxMjM0YjU3MzU2NTg2YjVhYTc2YTRlYWIxZTZj
ZWU0YTcwMTM0YTI1M2M1ODE2YmExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALqt1tq0MNiooS3KzKjWx6zK3daZ5dpmYhxsVaedj6zgVRLeU1cPNVwNW82m
QMN6jZGwnE8h9aM/Gc7R7aGCKF2UtCbV3lF2S3X0858hejm4olcdYPe2v9uxgbl+
PMa30V6Mb1A05eqCxPUDYQRqtOhONgIuimf7pbvPq4jLHiMwJDUH1/uBpqqEH2Go
IgET7kU5tQF4ew+VETjR1q3Wm+1VcsikrHvBN2Xd9VZ2LX55htd4sUKMNzIV7oIH
V0MzETu7NdtUO3QxQ6n5x9Q3WX6Si0mbt6v6uqfGLxgDHySbH3SEOs66SmKZZ1lB
J2cArbsjyzqkj6FnkZdp2XyzTLECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQIOs+Z
7SlFTx8QQWNksMvhgGteCjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YTFiMjdlODctODAxZi00YzllLTk4YTItZjgxYjU0ZThiOGQ5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATNwMA0G
CSqGSIb3DQEBCwUAA4IBAQDIhoE8fJiu01DRNnIvv3k2FxFcGxlgNXBpVy2v9jNR
1RRSHUiABTSscPAxGjDKfF1+yrhxLDRQS0ABBzMGhfs9WcyTD+JrTUmb7gcPGJi6
TX1UUvWVfsiqZPLyrwAXlbJTdgcZFr0YIdc8roId7icdg7BkrgGNp1LykPNU06Tx
LuNgegXqxWYPF9q45G6RuT/aaYUB7rcsJiIORz6wJGJb7sRg7/PkjAHwaF+zRjG2
NFJYDaBhImHm07m7LByQjmiB9ZQxHqOp4Y/eS26XxQEJH2oL/87/Xpk6zwUVytp8
X71qeEzLBthYmyRxiGTwoYdx3LKUvZrxuwZLpKy4oVjB
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:01:56 2026 by rpki-client