Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bacf843a-17ee-4ca1-9e3b-8f3728814d21.roa
File: bacf843a-17ee-4ca1-9e3b-8f3728814d21.roa (raw, json)
Hash identifier: LXBWmURNw1CA7F+x1XRX/NjCEwjmqq0xnEV0adKGcwk=
Subject key identifier: 07:47:CF:9D:78:53:C8:9B:60:D7:05:5D:D4:5C:C7:CD:9B:7B:AD:1B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 69E810BF3D508FDA549822AABBF556AC91F00E14
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bacf843a-17ee-4ca1-9e3b-8f3728814d21.roa
Signing time: Tue 19 May 2026 05:50:38 +0000
ROA not before: Tue 19 May 2026 05:50:38 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 14618
IP address blocks: 51.100.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:e8:10:bf:3d:50:8f:da:54:98:22:aa:bb:f5:56:ac:91:f0:0e:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 05:50:38 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=f2c72bedfa2ee1202d097aa1696c709630a16f3fbc64d5ced7e71b1a799a7738, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:3d:37:78:a9:0a:5f:ef:05:1f:c5:63:75:72:
d6:51:ac:31:7a:cb:1a:70:ed:80:16:b6:70:a8:92:
8f:b8:2a:6a:0d:85:f7:e6:64:4b:22:ac:e1:43:51:
b9:af:e4:87:ce:06:ec:ce:c8:bd:41:f6:d2:c9:0b:
ef:0f:e1:79:83:0d:13:b6:47:d4:cc:81:5f:15:3c:
5c:d8:05:76:8f:3a:c4:5f:c1:2d:c6:5c:6f:f8:18:
1e:cf:70:75:d8:17:26:9d:a3:13:90:d5:04:9a:ed:
71:72:95:4a:7f:f6:d7:97:1c:a8:b0:18:51:89:0e:
70:c5:aa:51:c5:40:11:db:2a:cb:76:52:8e:73:45:
93:72:12:8f:98:e5:76:56:25:23:bb:78:91:1e:7c:
d0:44:53:df:d6:90:08:16:d9:95:72:16:0a:61:9b:
05:60:43:4c:de:87:0f:c7:4b:07:a1:43:6b:03:d0:
62:62:3e:5e:3c:47:91:0d:81:1a:b6:ea:e3:24:6d:
8c:bc:e4:72:34:15:e6:87:ff:57:6a:93:7f:a7:26:
5c:de:e9:49:80:e1:92:c6:71:9d:48:ec:88:92:8f:
11:49:cf:47:32:1f:4b:5a:33:e7:e1:4a:40:17:e8:
1b:71:6e:f2:db:22:67:9a:a6:6b:5f:83:e7:7e:33:
37:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:47:CF:9D:78:53:C8:9B:60:D7:05:5D:D4:5C:C7:CD:9B:7B:AD:1B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bacf843a-17ee-4ca1-9e3b-8f3728814d21.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.100.0.0/15
Signature Algorithm: sha256WithRSAEncryption
b3:2b:98:61:32:13:39:14:42:7a:46:6e:cd:2a:cf:15:30:93:
94:77:3a:b5:e2:24:a8:42:77:da:de:48:ea:a8:8d:2e:77:97:
92:61:29:aa:09:b4:29:f6:61:ed:db:2b:44:15:ce:e0:aa:54:
10:55:62:48:86:55:1e:4b:db:1a:e3:78:8c:59:bf:24:2c:51:
0f:fe:85:f7:3d:7a:6b:24:cb:38:db:51:4a:d4:9a:f8:48:da:
97:3a:b0:08:49:ac:6f:76:54:f5:f3:fb:e2:9e:6a:3a:8b:8e:
0d:ec:23:05:98:78:3f:04:ec:48:23:86:14:07:84:4f:2d:be:
65:02:e8:a0:80:cb:1c:5e:68:00:d6:77:b2:ad:69:78:56:83:
1c:bf:91:9f:b7:d5:f4:05:61:8c:ce:be:a3:1f:b5:21:9d:cf:
95:94:81:ed:35:55:44:1e:27:15:fd:0f:32:5e:eb:a2:4e:14:
e5:7b:75:4c:03:21:9d:25:42:ba:25:4f:67:00:91:4d:66:54:
ba:4c:37:8d:15:4f:01:1b:f7:c2:17:8e:2a:b5:a7:7b:e0:9c:
03:0c:72:5d:55:37:a3:74:a7:71:d8:71:90:e5:eb:1c:02:a4:
29:8f:8b:a2:36:d8:23:e3:84:4b:86:84:93:54:f8:1a:51:b1:
56:41:8c:be
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUaegQvz1Qj9pUmCKqu/VWrJHwDhQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNTUwMzhaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGYyYzcyYmVkZmEyZWUxMjAyZDA5N2FhMTY5NmM3MDk2MzBhMTZmM2ZiYzY0
ZDVjZWQ3ZTcxYjFhNzk5YTc3MzgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPI9N3ipCl/vBR/FY3Vy1lGsMXrLGnDtgBa2cKiSj7gqag2F9+ZkSyKs4UNR
ua/kh84G7M7IvUH20skL7w/heYMNE7ZH1MyBXxU8XNgFdo86xF/BLcZcb/gYHs9w
ddgXJp2jE5DVBJrtcXKVSn/215ccqLAYUYkOcMWqUcVAEdsqy3ZSjnNFk3ISj5jl
dlYlI7t4kR580ERT39aQCBbZlXIWCmGbBWBDTN6HD8dLB6FDawPQYmI+XjxHkQ2B
Grbq4yRtjLzkcjQV5of/V2qTf6cmXN7pSYDhksZxnUjsiJKPEUnPRzIfS1oz5+FK
QBfoG3Fu8tsiZ5qma1+D534zN4MCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQHR8+d
eFPIm2DXBV3UXMfNm3utGzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YmFjZjg0M2EtMTdlZS00Y2ExLTllM2ItOGYzNzI4ODE0ZDIxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATNkMA0G
CSqGSIb3DQEBCwUAA4IBAQCzK5hhMhM5FEJ6Rm7NKs8VMJOUdzq14iSoQnfa3kjq
qI0ud5eSYSmqCbQp9mHt2ytEFc7gqlQQVWJIhlUeS9sa43iMWb8kLFEP/oX3PXpr
JMs421FK1Jr4SNqXOrAISaxvdlT18/vinmo6i44N7CMFmHg/BOxII4YUB4RPLb5l
AuiggMscXmgA1neyrWl4VoMcv5Gft9X0BWGMzr6jH7Uhnc+VlIHtNVVEHicV/Q8y
XuuiThTle3VMAyGdJUK6JU9nAJFNZlS6TDeNFU8BG/fCF44qtad74JwDDHJdVTej
dKdx2HGQ5escAqQpj4uiNtgj44RLhoSTVPgaUbFWQYy+
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:25:33 2026 by rpki-client