Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b41fa9b7-d736-4d41-9fc2-9feda5a87248.roa
File: b41fa9b7-d736-4d41-9fc2-9feda5a87248.roa (raw, json)
Hash identifier: qqJ/qGtf1IjhVP23ByksmXq/0xkwuYomMgLDF3L/RZU=
Subject key identifier: C7:94:7A:1F:50:DE:F0:35:FB:5E:DF:30:93:9A:6F:28:CB:F9:5F:DE
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0CB0A0CFE827D11EE615CE65111E6ECE1750E276
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b41fa9b7-d736-4d41-9fc2-9feda5a87248.roa
Signing time: Wed 20 May 2026 00:50:08 +0000
ROA not before: Wed 20 May 2026 00:50:08 +0000
ROA not after: Tue 18 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.16.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:b0:a0:cf:e8:27:d1:1e:e6:15:ce:65:11:1e:6e:ce:17:50:e2:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 00:50:08 2026 GMT
Not After : Aug 18 23:59:59 2026 GMT
Subject: serialNumber=83ee643949e84393485517432b7a2bfd9a089c056bc4e4dd1933e72f99b4095b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:ac:4a:15:3c:f8:ad:38:eb:19:04:26:f4:e2:
30:66:93:17:9b:92:f1:46:61:7e:81:08:78:0f:cc:
89:0c:c9:27:dd:65:6d:83:10:83:d1:ec:ad:b6:72:
dd:87:47:cd:50:b4:70:0d:f3:d5:a8:24:92:f0:1f:
1f:56:b6:df:45:3b:cb:b8:1b:73:c7:a5:87:95:df:
b1:d3:e5:33:6a:d4:a4:ac:52:83:48:80:4f:e6:52:
c7:4e:c4:81:a7:a2:0a:df:a4:5d:02:aa:f0:58:93:
52:99:f0:36:14:00:4a:50:86:87:e9:25:18:cf:56:
e2:6e:c0:ab:98:86:d3:91:51:cf:3f:64:3f:95:5d:
24:91:e7:e6:3e:02:f4:e8:30:34:a1:92:2c:51:fa:
be:b1:0b:ec:95:6e:17:65:e1:b3:b2:11:00:94:a8:
1e:db:40:38:cc:d3:0c:43:37:76:61:fb:aa:7f:0b:
a2:b2:b0:0b:8b:e0:ce:9d:9d:92:54:69:1a:4f:dd:
fb:8f:71:72:5b:49:e5:34:d7:45:6b:47:18:87:b0:
6a:5b:42:c8:51:e3:42:e1:31:2c:3b:83:22:45:aa:
cc:cc:bf:0e:3a:b8:83:dd:d7:07:da:ed:f0:83:0a:
72:67:5c:75:5e:de:86:74:44:b0:e4:be:da:3b:88:
eb:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:94:7A:1F:50:DE:F0:35:FB:5E:DF:30:93:9A:6F:28:CB:F9:5F:DE
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b41fa9b7-d736-4d41-9fc2-9feda5a87248.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.16.255.0/24
Signature Algorithm: sha256WithRSAEncryption
66:bc:f6:4f:4f:cb:fa:2e:ed:c0:bf:55:05:2b:00:c4:fa:0b:
cf:4c:f2:a1:f3:49:56:b6:27:a6:ab:c0:4f:66:8e:dc:ef:18:
79:5a:db:6f:dd:cf:35:ab:e7:4a:8f:f6:af:bf:9a:4a:2a:4e:
45:8e:53:5a:6f:ed:87:e2:19:f9:a3:d3:66:5b:e9:17:a3:12:
76:07:48:e0:ad:b9:00:e8:ff:7c:71:15:38:d6:f6:e7:a6:56:
00:ae:c4:1c:c4:54:08:27:5c:44:df:49:fb:09:e1:3a:32:f4:
5e:0f:3e:cf:fe:72:45:61:c7:c9:36:29:30:53:00:9b:0a:6e:
ba:1a:0c:f1:db:75:e9:26:2d:b1:47:49:bb:e8:8f:58:78:08:
12:47:91:45:80:dc:1c:1e:8c:ef:e7:71:7a:00:fe:e7:47:a5:
bf:18:fb:99:c0:d5:62:20:dc:98:20:48:7e:95:b4:ea:87:48:
5b:35:f2:71:98:90:1c:78:6b:d2:5f:d5:17:aa:d2:a1:e8:92:
79:e6:c2:70:34:af:3b:23:3d:10:50:31:47:ce:8d:de:d0:37:
0f:1f:e3:aa:a3:31:43:cc:25:a7:11:21:59:29:da:6a:6a:8a:
d6:f9:7b:72:c1:e6:41:43:04:b1:f5:30:0f:66:a9:6f:53:4c:
8f:50:c7:2f
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUDLCgz+gn0R7mFc5lER5uzhdQ4nYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MjAwMDUwMDhaFw0yNjA4MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDgzZWU2NDM5NDllODQzOTM0ODU1MTc0MzJiN2EyYmZkOWEwODljMDU2YmM0
ZTRkZDE5MzNlNzJmOTliNDA5NWIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKGsShU8+K046xkEJvTiMGaTF5uS8UZhfoEIeA/MiQzJJ91lbYMQg9HsrbZy
3YdHzVC0cA3z1agkkvAfH1a230U7y7gbc8elh5XfsdPlM2rUpKxSg0iAT+ZSx07E
gaeiCt+kXQKq8FiTUpnwNhQASlCGh+klGM9W4m7Aq5iG05FRzz9kP5VdJJHn5j4C
9OgwNKGSLFH6vrEL7JVuF2Xhs7IRAJSoHttAOMzTDEM3dmH7qn8LorKwC4vgzp2d
klRpGk/d+49xcltJ5TTXRWtHGIewaltCyFHjQuExLDuDIkWqzMy/Djq4g93XB9rt
8IMKcmdcdV7ehnREsOS+2juI6wMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTHlHof
UN7wNfte3zCTmm8oy/lf3jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjQxZmE5YjctZDczNi00ZDQxLTlmYzItOWZlZGE1YTg3MjQ4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADMQ/zAN
BgkqhkiG9w0BAQsFAAOCAQEAZrz2T0/L+i7twL9VBSsAxPoLz0zyofNJVrYnpqvA
T2aO3O8YeVrbb93PNavnSo/2r7+aSipORY5TWm/th+IZ+aPTZlvpF6MSdgdI4K25
AOj/fHEVONb256ZWAK7EHMRUCCdcRN9J+wnhOjL0Xg8+z/5yRWHHyTYpMFMAmwpu
uhoM8dt16SYtsUdJu+iPWHgIEkeRRYDcHB6M7+dxegD+50elvxj7mcDVYiDcmCBI
fpW06odIWzXycZiQHHhr0l/VF6rSoeiSeebCcDSvOyM9EFAxR86N3tA3Dx/jqqMx
Q8wlpxEhWSnaamqK1vl7csHmQUMEsfUwD2apb1NMj1DHLw==
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:12:06 2026 by rpki-client