Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/aa15a3a6-022f-41a6-9a60-2175164bb741.roa
File: aa15a3a6-022f-41a6-9a60-2175164bb741.roa (raw, json)
Hash identifier: 5sBbgt17K8bDmmqxHNPF7oBCNyleYeLNrnizGztL5rk=
Subject key identifier: 00:7C:FB:B0:24:61:58:C9:D7:82:83:FC:71:D2:D4:16:AD:E6:FC:7A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 72AE0C479BD857CF678269B2C4B91AE6F18E67CE
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/aa15a3a6-022f-41a6-9a60-2175164bb741.roa
Signing time: Wed 20 May 2026 00:50:07 +0000
ROA not before: Wed 20 May 2026 00:50:07 +0000
ROA not after: Tue 18 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.16.204.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:ae:0c:47:9b:d8:57:cf:67:82:69:b2:c4:b9:1a:e6:f1:8e:67:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 00:50:07 2026 GMT
Not After : Aug 18 23:59:59 2026 GMT
Subject: serialNumber=9f7e3fac57bc9fef024b237b7b4bf7fa6cfe2bc8e7110c733eaa458c5630e127, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:8a:97:f0:61:5b:04:07:f6:01:74:ce:11:f3:
b5:0b:4c:94:75:64:98:ab:d2:3e:59:b0:ba:75:e0:
e4:8c:c3:d3:ef:69:b3:98:39:14:d3:7a:bf:15:73:
7e:57:fb:6b:ca:93:65:d9:7a:8e:d2:b7:f5:85:c9:
de:6c:7d:50:53:67:e6:58:bc:86:a9:bb:85:01:98:
9a:63:ab:89:f9:70:2a:99:93:ca:d0:a8:96:63:8a:
8a:04:79:48:5a:54:0f:55:07:40:b6:70:87:8c:a8:
0c:f0:16:54:ca:50:8e:99:e6:3d:99:0e:7b:45:ae:
a9:3c:17:2a:14:b9:84:56:f7:7d:de:dd:f7:9c:62:
11:d7:0d:19:f3:70:84:f4:2a:43:ae:3a:39:b3:f7:
18:fa:46:6d:ac:05:00:e8:8b:29:17:fd:0a:97:7a:
ae:f3:22:cd:5e:92:d0:10:76:f9:84:05:61:46:b2:
99:7e:23:48:37:73:d8:23:84:32:eb:f8:d7:e0:bd:
d8:28:95:14:5c:7a:16:34:88:6d:08:28:22:32:b0:
a3:e2:73:f8:35:8a:65:af:02:0c:5d:4c:7f:ea:7e:
b2:cf:81:ae:c6:9d:8c:21:88:51:1d:7e:9e:24:5f:
20:77:65:40:7f:38:0f:15:11:b8:72:e7:3f:43:9b:
63:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:7C:FB:B0:24:61:58:C9:D7:82:83:FC:71:D2:D4:16:AD:E6:FC:7A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/aa15a3a6-022f-41a6-9a60-2175164bb741.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.16.204.0/24
Signature Algorithm: sha256WithRSAEncryption
42:ed:e7:00:f2:f6:e8:18:13:36:d5:12:8e:55:61:57:6d:5d:
af:6e:0f:e7:16:44:f0:d9:39:1f:fd:84:b4:35:45:93:04:34:
5b:3b:30:67:18:66:98:bd:f8:66:a6:2d:2e:62:d8:4f:b2:fa:
b1:e7:0b:03:7f:95:1f:77:d5:da:c9:f4:87:c6:9c:20:85:30:
b6:c4:b8:47:6b:29:ea:00:21:47:46:9a:9c:29:07:c5:bb:fb:
0e:d3:95:2f:50:3d:c1:8d:af:96:97:22:f2:2f:cf:1a:db:3a:
5c:0f:22:e2:07:de:6b:46:73:0c:d1:11:1f:bc:b4:07:1d:9e:
17:d2:04:23:84:3c:6a:91:7c:e2:b9:cb:06:d2:be:75:9f:74:
b5:19:77:88:65:b4:61:62:22:a0:65:1e:ad:00:e7:ab:0e:6e:
ca:ad:91:c3:f2:77:4d:dd:01:9c:4c:f5:06:31:21:b1:1f:53:
57:8d:6e:83:b6:df:1d:6b:51:b8:fa:55:f3:8f:90:80:4c:9f:
45:96:bc:9f:19:60:5b:74:e1:1f:5f:12:45:ba:ae:b1:0a:bc:
77:33:b3:b3:f2:39:36:88:a1:94:96:3b:43:86:70:66:de:2f:
cf:1b:55:15:b6:41:d3:c4:f4:9b:2e:ee:b6:d7:42:37:25:b0:
bf:6d:2d:3d
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUcq4MR5vYV89ngmmyxLka5vGOZ84wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MjAwMDUwMDdaFw0yNjA4MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDlmN2UzZmFjNTdiYzlmZWYwMjRiMjM3YjdiNGJmN2ZhNmNmZTJiYzhlNzEx
MGM3MzNlYWE0NThjNTYzMGUxMjcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJWKl/BhWwQH9gF0zhHztQtMlHVkmKvSPlmwunXg5IzD0+9ps5g5FNN6vxVz
flf7a8qTZdl6jtK39YXJ3mx9UFNn5li8hqm7hQGYmmOriflwKpmTytColmOKigR5
SFpUD1UHQLZwh4yoDPAWVMpQjpnmPZkOe0WuqTwXKhS5hFb3fd7d95xiEdcNGfNw
hPQqQ646ObP3GPpGbawFAOiLKRf9Cpd6rvMizV6S0BB2+YQFYUaymX4jSDdz2COE
Muv41+C92CiVFFx6FjSIbQgoIjKwo+Jz+DWKZa8CDF1Mf+p+ss+BrsadjCGIUR1+
niRfIHdlQH84DxURuHLnP0ObYy0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQAfPuw
JGFYydeCg/xx0tQWreb8ejAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YWExNWEzYTYtMDIyZi00MWE2LTlhNjAtMjE3NTE2NGJiNzQxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADMQzDAN
BgkqhkiG9w0BAQsFAAOCAQEAQu3nAPL26BgTNtUSjlVhV21dr24P5xZE8Nk5H/2E
tDVFkwQ0WzswZxhmmL34ZqYtLmLYT7L6secLA3+VH3fV2sn0h8acIIUwtsS4R2sp
6gAhR0aanCkHxbv7DtOVL1A9wY2vlpci8i/PGts6XA8i4gfea0ZzDNERH7y0Bx2e
F9IEI4Q8apF84rnLBtK+dZ90tRl3iGW0YWIioGUerQDnqw5uyq2Rw/J3Td0BnEz1
BjEhsR9TV41ug7bfHWtRuPpV84+QgEyfRZa8nxlgW3ThH18SRbqusQq8dzOzs/I5
NoihlJY7Q4ZwZt4vzxtVFbZB08T0my7uttdCNyWwv20tPQ==
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:02:01 2026 by rpki-client