Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b39e8644-b3a5-4477-b7b6-d340235a9010.roa
File: b39e8644-b3a5-4477-b7b6-d340235a9010.roa (raw, json)
Hash identifier: 9VAqz3uqs9C+4s5SWX96ifFU2eeOPFjvO3kJUs0BOCo=
Subject key identifier: 92:4B:BC:57:73:A2:2A:29:2C:77:73:3E:D6:3D:D4:D4:05:1A:8E:4E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 356679BC12D784234B0D38DDF18EBB921991EC57
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b39e8644-b3a5-4477-b7b6-d340235a9010.roa
Signing time: Fri 15 May 2026 00:00:11 +0000
ROA not before: Fri 15 May 2026 00:00:11 +0000
ROA not after: Thu 13 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.168.0.0/15 maxlen: 15
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:66:79:bc:12:d7:84:23:4b:0d:38:dd:f1:8e:bb:92:19:91:ec:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 15 00:00:11 2026 GMT
Not After : Aug 13 23:59:59 2026 GMT
Subject: serialNumber=848765329a89e94aab7435d8723a33a75ae5dd9c4dee495d9b8c859ff6c7948e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:b6:fe:c1:6d:10:a6:86:7e:64:d7:56:1b:35:
69:be:49:e1:57:40:84:f6:9b:03:9c:05:9d:83:ad:
f4:6a:76:85:f8:c4:a6:87:73:17:27:97:e4:af:8e:
26:97:d8:a2:0c:6e:fe:a1:3b:88:dd:b4:f1:8c:53:
3e:8b:74:09:1d:ad:0c:aa:0b:c6:b6:cf:b7:52:e5:
f2:a4:2b:e1:dd:00:5d:df:25:d5:ed:28:b3:e5:ba:
6e:33:e6:83:2b:ad:f9:32:d3:8d:4c:7e:8c:ce:3b:
2d:40:e3:97:a2:37:55:02:d3:ac:0b:43:c8:0f:11:
8d:ed:3f:2f:b0:9c:d2:cf:12:2c:37:02:52:de:55:
bc:1c:f9:7d:b5:72:ce:29:c8:dc:01:88:32:e5:8c:
95:81:67:32:63:a5:28:28:c5:fd:91:df:1f:77:be:
6b:c6:05:64:85:62:2e:47:eb:ba:4d:82:a5:b3:e5:
a2:db:5b:1f:60:82:2e:cf:e7:97:49:ad:2b:fd:d3:
a5:74:8d:bf:13:95:0b:aa:34:44:7e:40:d3:80:2e:
95:e4:d1:0f:02:05:0e:bf:b1:4a:37:6f:b2:8f:28:
88:59:5b:1a:c4:19:45:36:4c:38:e9:93:e5:82:9e:
3d:a6:e0:47:38:e2:b7:c6:30:35:6a:87:38:91:56:
1d:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:4B:BC:57:73:A2:2A:29:2C:77:73:3E:D6:3D:D4:D4:05:1A:8E:4E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b39e8644-b3a5-4477-b7b6-d340235a9010.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.168.0.0/15
Signature Algorithm: sha256WithRSAEncryption
29:81:0c:a1:80:df:0d:2f:a0:8c:82:06:91:7a:38:d8:b1:07:
2c:45:bd:0c:83:ef:31:e8:65:b3:9c:be:67:41:70:8e:fb:19:
0a:00:67:cc:25:08:49:de:85:d8:c1:27:1b:10:12:a4:20:7f:
f0:f9:19:17:22:1e:cc:75:6f:2a:f2:fd:04:c1:d1:37:00:06:
5f:95:d5:43:53:21:af:7f:df:27:b6:56:c0:ae:eb:a0:39:f3:
8d:de:73:2c:10:33:85:0f:4b:ac:2d:79:8d:7e:97:f4:11:90:
7a:c4:2d:42:21:db:5b:16:9e:f4:32:15:ef:83:a6:5b:42:83:
6a:6a:e7:8d:dc:7e:0a:1d:34:2a:7b:8c:82:91:1f:17:87:2e:
94:b6:1d:b7:64:ea:a0:7e:8b:4b:5a:58:a9:d4:96:cb:df:29:
f0:39:9c:6c:ac:d4:f1:6f:d7:c1:fe:fa:65:0d:14:29:de:de:
46:23:c3:66:33:d8:17:3d:65:b1:4b:f1:38:5f:d0:5b:c7:5a:
9e:0e:22:a4:4f:29:25:2e:f2:ab:53:ce:84:16:2d:91:0e:23:
ae:01:19:78:9e:db:93:ff:ad:b1:41:ad:eb:18:61:71:f6:6e:
e4:e2:ed:41:99:a7:6f:bd:db:ab:4d:71:9d:8a:d8:09:c4:9d:
21:bb:03:9e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUNWZ5vBLXhCNLDTjd8Y67khmR7FcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTUwMDAwMTFaFw0yNjA4MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDg0ODc2NTMyOWE4OWU5NGFhYjc0MzVkODcyM2EzM2E3NWFlNWRkOWM0ZGVl
NDk1ZDliOGM4NTlmZjZjNzk0OGUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL62/sFtEKaGfmTXVhs1ab5J4VdAhPabA5wFnYOt9Gp2hfjEpodzFyeX5K+O
JpfYogxu/qE7iN208YxTPot0CR2tDKoLxrbPt1Ll8qQr4d0AXd8l1e0os+W6bjPm
gyut+TLTjUx+jM47LUDjl6I3VQLTrAtDyA8Rje0/L7Cc0s8SLDcCUt5VvBz5fbVy
zinI3AGIMuWMlYFnMmOlKCjF/ZHfH3e+a8YFZIViLkfruk2CpbPlottbH2CCLs/n
l0mtK/3TpXSNvxOVC6o0RH5A04AuleTRDwIFDr+xSjdvso8oiFlbGsQZRTZMOOmT
5YKePabgRzjit8YwNWqHOJFWHa0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSSS7xX
c6IqKSx3cz7WPdTUBRqOTjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjM5ZTg2NDQtYjNhNS00NDc3LWI3YjYtZDM0MDIzNWE5MDEwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOoMA0G
CSqGSIb3DQEBCwUAA4IBAQApgQyhgN8NL6CMggaRejjYsQcsRb0Mg+8x6GWznL5n
QXCO+xkKAGfMJQhJ3oXYwScbEBKkIH/w+RkXIh7MdW8q8v0EwdE3AAZfldVDUyGv
f98ntlbAruugOfON3nMsEDOFD0usLXmNfpf0EZB6xC1CIdtbFp70MhXvg6ZbQoNq
aueN3H4KHTQqe4yCkR8Xhy6Uth23ZOqgfotLWlip1JbL3ynwOZxsrNTxb9fB/vpl
DRQp3t5GI8NmM9gXPWWxS/E4X9Bbx1qeDiKkTyklLvKrU86EFi2RDiOuARl4ntuT
/62xQa3rGGFx9m7k4u1BmadvvdurTXGditgJxJ0huwOe
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:01:41 2026 by rpki-client