Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bedc2172-50df-4ea7-8c38-eba2cdf2d5db.roa
File: bedc2172-50df-4ea7-8c38-eba2cdf2d5db.roa (raw, json)
Hash identifier: m21kF4IaMwXGuGZ8yEr6VfVHk6lGv4QdA2Q2+zjskDs=
Subject key identifier: E1:9D:EA:23:41:12:9A:A0:41:CE:CC:29:2A:E0:D6:6C:18:0E:8E:CB
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6B5DCB010329F074E98176C8A628B74D290F6DFC
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bedc2172-50df-4ea7-8c38-eba2cdf2d5db.roa
Signing time: Tue 19 May 2026 05:50:23 +0000
ROA not before: Tue 19 May 2026 05:50:23 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 152.134.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:5d:cb:01:03:29:f0:74:e9:81:76:c8:a6:28:b7:4d:29:0f:6d:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 05:50:23 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=58c3020a8af29fc2ec14c0b1fa91ac6cd430e60c2e1145b179ff444bf5ad7071, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:1f:eb:3a:13:d4:4d:55:5f:04:45:d6:2d:91:
9f:8a:a3:70:1f:39:f3:7f:c1:f8:5d:83:21:b1:d3:
15:3d:ec:fc:ce:44:e4:2a:a5:93:03:84:d1:5a:9f:
90:cb:b7:fe:57:f7:02:fe:89:ad:ca:27:8a:45:3c:
d3:a3:f4:15:83:9b:64:d1:66:e3:3f:27:7b:2a:87:
d6:1a:d6:fb:31:b3:9a:ab:61:71:3d:b7:df:59:ec:
35:f4:92:c5:a2:95:af:13:ff:a0:d8:c5:88:2d:78:
e2:7f:2a:82:9c:7b:f8:4f:ce:8e:71:e4:71:44:cd:
0e:48:59:53:23:7b:68:95:f4:98:53:13:b7:bb:6a:
f3:21:18:5b:61:60:d3:50:f9:af:85:c7:55:6d:a7:
2c:74:96:57:93:8a:e2:7c:e1:ab:90:b4:06:fe:01:
fc:16:3c:75:43:7a:4a:60:13:40:09:c1:53:09:f8:
30:d0:e6:6e:6b:61:a1:be:c3:a6:14:5d:ca:71:95:
ea:d9:3c:90:19:5e:8d:a2:91:33:ed:ab:e0:f3:47:
60:73:b3:cd:df:fe:21:23:e8:36:d1:c6:18:aa:45:
94:1e:7b:b9:2d:d7:7c:c3:8c:e0:ad:ce:47:79:e9:
50:da:f7:4a:e3:4f:00:df:29:df:13:ce:48:44:28:
96:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:9D:EA:23:41:12:9A:A0:41:CE:CC:29:2A:E0:D6:6C:18:0E:8E:CB
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bedc2172-50df-4ea7-8c38-eba2cdf2d5db.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.134.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0d:7f:12:4d:5d:fb:eb:d1:e8:d5:ec:60:52:c2:45:a9:3c:41:
17:87:8e:29:71:67:7b:22:30:ce:7b:1a:1a:57:6b:34:40:b1:
64:f8:42:16:66:3e:f3:88:f3:6b:ab:e9:d0:81:91:cd:9f:f6:
fc:1c:ca:ed:9f:c9:82:df:96:9c:ab:d7:ad:7c:11:a6:15:0e:
b0:01:fc:6b:ab:e5:90:34:8e:4c:c6:72:85:1d:d1:2c:b6:71:
13:0d:b7:40:2c:91:d5:bc:ea:42:22:b0:bc:60:3c:18:81:7f:
c1:5e:d4:98:10:19:f5:d8:3e:15:da:a4:d3:96:5a:b4:89:42:
39:5a:df:91:65:17:11:fa:2d:9b:fa:b6:73:52:b0:c7:6e:45:
17:5d:15:21:aa:f0:97:66:cb:03:87:80:54:d0:c7:f3:da:92:
6f:a2:96:b3:61:a8:36:19:3f:6a:f4:e9:1a:96:b1:b3:46:89:
5c:26:d0:ac:3f:5b:88:de:a9:c4:03:8f:e5:fc:92:2f:b7:40:
c7:91:c6:af:b3:79:5e:3d:96:83:77:fb:74:95:c3:2e:9b:85:
dd:9a:8d:0e:76:55:03:00:a8:47:4a:b3:16:c3:6e:d5:80:93:
0b:7a:a2:0c:64:65:86:ff:f7:f9:0f:de:db:fe:89:c8:fc:39:
10:81:c5:7c
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUa13LAQMp8HTpgXbIpii3TSkPbfwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNTUwMjNaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDU4YzMwMjBhOGFmMjlmYzJlYzE0YzBiMWZhOTFhYzZjZDQzMGU2MGMyZTEx
NDViMTc5ZmY0NDRiZjVhZDcwNzExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJAf6zoT1E1VXwRF1i2Rn4qjcB8583/B+F2DIbHTFT3s/M5E5CqlkwOE0Vqf
kMu3/lf3Av6JrconikU806P0FYObZNFm4z8neyqH1hrW+zGzmqthcT2331nsNfSS
xaKVrxP/oNjFiC144n8qgpx7+E/OjnHkcUTNDkhZUyN7aJX0mFMTt7tq8yEYW2Fg
01D5r4XHVW2nLHSWV5OK4nzhq5C0Bv4B/BY8dUN6SmATQAnBUwn4MNDmbmthob7D
phRdynGV6tk8kBlejaKRM+2r4PNHYHOzzd/+ISPoNtHGGKpFlB57uS3XfMOM4K3O
R3npUNr3SuNPAN8p3xPOSEQolrkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBThneoj
QRKaoEHOzCkq4NZsGA6OyzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YmVkYzIxNzItNTBkZi00ZWE3LThjMzgtZWJhMmNkZjJkNWRiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJiGMA0G
CSqGSIb3DQEBCwUAA4IBAQANfxJNXfvr0ejV7GBSwkWpPEEXh44pcWd7IjDOexoa
V2s0QLFk+EIWZj7ziPNrq+nQgZHNn/b8HMrtn8mC35acq9etfBGmFQ6wAfxrq+WQ
NI5MxnKFHdEstnETDbdALJHVvOpCIrC8YDwYgX/BXtSYEBn12D4V2qTTllq0iUI5
Wt+RZRcR+i2b+rZzUrDHbkUXXRUhqvCXZssDh4BU0Mfz2pJvopazYag2GT9q9Oka
lrGzRolcJtCsP1uI3qnEA4/l/JIvt0DHkcavs3lePZaDd/t0lcMum4Xdmo0OdlUD
AKhHSrMWw27VgJMLeqIMZGWG//f5D97b/onI/DkQgcV8
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:12:02 2026 by rpki-client