Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b2cfc52a-1f15-43b9-93f9-9828d60fbe69.roa
File: b2cfc52a-1f15-43b9-93f9-9828d60fbe69.roa (raw, json)
Hash identifier: 2BuEEgCnrKQTHi/7vhO3p/9VDK+0gJp/cG/PDAjRSQU=
Subject key identifier: F5:96:2D:0B:6E:5B:F7:DB:38:BA:60:F1:3C:13:47:F0:40:F0:24:17
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 56B4CA1742C8A9C2F1690453841376B9B5B269B6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b2cfc52a-1f15-43b9-93f9-9828d60fbe69.roa
Signing time: Tue 19 May 2026 05:50:37 +0000
ROA not before: Tue 19 May 2026 05:50:37 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 193.218.122.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:b4:ca:17:42:c8:a9:c2:f1:69:04:53:84:13:76:b9:b5:b2:69:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 05:50:37 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=aa31f9ee2b6779cc8799115e39143ca4ff6fb7c56aebf6c0022a191834dc574a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:69:3e:75:86:05:11:59:83:02:71:6b:85:b2:
2f:95:91:9d:cc:84:5e:19:0d:48:21:b9:88:46:be:
9b:85:f9:4b:fc:d9:eb:5d:21:f9:1e:5e:2d:75:99:
f8:e8:af:dc:ef:e9:30:89:d9:e6:65:15:51:7a:2f:
c8:7d:da:af:83:29:bb:ff:62:64:20:c5:43:12:ad:
19:50:25:de:88:02:17:b2:ac:56:e0:15:6e:b5:21:
ee:9a:92:03:f7:db:72:a6:da:f8:ff:d8:42:50:4c:
e0:23:49:63:4f:c4:3e:a7:2e:4e:db:ed:09:5d:ba:
be:25:df:ae:8a:d5:01:55:9d:35:91:bb:13:d2:f5:
cf:0f:10:89:5e:f1:d4:84:d9:02:fe:e6:38:11:16:
f6:aa:ff:b2:60:43:07:29:ae:1d:bb:b6:76:b9:e9:
b3:56:27:87:2c:8d:a1:a4:12:c0:ef:15:a7:cc:51:
34:89:fe:f7:f3:b5:7b:5b:cf:00:a2:f8:20:eb:62:
30:ed:a0:3d:d1:6a:03:1e:18:62:88:1c:9f:2c:f8:
bc:90:e4:d1:ed:6e:31:d7:84:80:13:be:d8:b4:04:
ce:20:a6:85:e3:3f:80:87:85:74:fc:bf:9f:28:2b:
10:99:1b:29:23:fb:b0:9e:ff:76:69:bb:06:3d:2c:
2b:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:96:2D:0B:6E:5B:F7:DB:38:BA:60:F1:3C:13:47:F0:40:F0:24:17
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b2cfc52a-1f15-43b9-93f9-9828d60fbe69.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.218.122.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:c0:41:af:24:a7:40:c7:04:7a:32:ce:69:4a:f4:da:29:f5:
ee:b8:ab:b1:8d:fa:80:a6:dd:72:5d:af:2e:20:86:02:3a:8b:
97:ee:14:ee:2b:a8:f2:0d:9d:7f:32:82:fb:fd:ba:ab:a3:84:
4e:ab:38:ee:c7:29:c3:cd:3d:27:48:0d:20:c4:f6:d8:6a:91:
43:25:39:72:a8:1d:b5:2f:a6:f4:97:ef:7e:1b:48:1c:04:44:
70:d2:c4:e6:64:fd:8a:aa:5a:95:9a:88:b5:37:7c:0c:82:01:
3b:05:2b:19:e9:93:9e:d5:27:f8:b8:3a:9d:76:9b:58:76:c7:
7b:2e:bd:1a:e1:60:7f:2a:3d:12:d9:51:df:75:f0:a3:58:1f:
8d:5f:e5:69:46:61:86:6b:43:af:8e:c1:45:79:e9:02:19:87:
19:d5:76:06:83:20:2f:3d:a0:95:b6:de:c0:34:0b:49:9a:82:
72:60:6f:2b:8a:ee:17:36:24:a1:09:e6:94:a4:16:95:7f:f5:
d9:33:69:21:62:df:ef:31:68:eb:ea:7d:c8:eb:ad:c8:10:83:
2c:f5:9a:df:dd:c2:d6:5a:94:fb:23:ea:c9:e5:89:08:f6:95:
c2:f2:fe:f7:9f:3e:a6:1a:51:f1:d9:bd:c4:39:f5:4c:31:af:
a2:b8:99:bd
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUVrTKF0LIqcLxaQRThBN2ubWyabYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNTUwMzdaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGFhMzFmOWVlMmI2Nzc5Y2M4Nzk5MTE1ZTM5MTQzY2E0ZmY2ZmI3YzU2YWVi
ZjZjMDAyMmExOTE4MzRkYzU3NGExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKZpPnWGBRFZgwJxa4WyL5WRncyEXhkNSCG5iEa+m4X5S/zZ610h+R5eLXWZ
+Oiv3O/pMInZ5mUVUXovyH3ar4Mpu/9iZCDFQxKtGVAl3ogCF7KsVuAVbrUh7pqS
A/fbcqba+P/YQlBM4CNJY0/EPqcuTtvtCV26viXfrorVAVWdNZG7E9L1zw8QiV7x
1ITZAv7mOBEW9qr/smBDBymuHbu2drnps1YnhyyNoaQSwO8Vp8xRNIn+9/O1e1vP
AKL4IOtiMO2gPdFqAx4YYogcnyz4vJDk0e1uMdeEgBO+2LQEziCmheM/gIeFdPy/
nygrEJkbKSP7sJ7/dmm7Bj0sK1sCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT1li0L
blv32zi6YPE8E0fwQPAkFzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjJjZmM1MmEtMWYxNS00M2I5LTkzZjktOTgyOGQ2MGZiZTY5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMHaejAN
BgkqhkiG9w0BAQsFAAOCAQEALsBBrySnQMcEejLOaUr02in17rirsY36gKbdcl2v
LiCGAjqLl+4U7iuo8g2dfzKC+/26q6OETqs47scpw809J0gNIMT22GqRQyU5cqgd
tS+m9JfvfhtIHAREcNLE5mT9iqpalZqItTd8DIIBOwUrGemTntUn+Lg6nXabWHbH
ey69GuFgfyo9EtlR33Xwo1gfjV/laUZhhmtDr47BRXnpAhmHGdV2BoMgLz2glbbe
wDQLSZqCcmBvK4ruFzYkoQnmlKQWlX/12TNpIWLf7zFo6+p9yOutyBCDLPWa393C
1lqU+yPqyeWJCPaVwvL+958+phpR8dm9xDn1TDGvoriZvQ==
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:12:18 2026 by rpki-client