Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d371c773-1aa2-4d5b-9804-ea5d64fadc0a.roa
File: d371c773-1aa2-4d5b-9804-ea5d64fadc0a.roa (raw, json)
Hash identifier: dckurTzfFrGhVWXfbph2FkwcLDAIoah8QXkc/qCh0L0=
Subject key identifier: CA:77:C7:F4:4C:A5:12:7B:1A:F3:11:77:5C:F2:7C:1B:04:08:57:B6
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0D08A8756279B78C905B11D7537C94B265474D77
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d371c773-1aa2-4d5b-9804-ea5d64fadc0a.roa
Signing time: Tue 19 May 2026 06:00:11 +0000
ROA not before: Tue 19 May 2026 06:00:11 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 143.65.224.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:08:a8:75:62:79:b7:8c:90:5b:11:d7:53:7c:94:b2:65:47:4d:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 06:00:11 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=96a0758ee37aff00592adf86320b3b3ccf8f96dedd87bf89db4e4c5d7d89ae6a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:aa:e9:e0:91:16:41:20:a9:7b:60:ea:ae:88:
e0:34:b9:07:db:c6:b6:e7:00:4b:2a:df:35:49:df:
29:71:a5:00:79:10:6f:2f:5a:49:0d:a3:9c:df:1b:
b9:96:d5:20:b3:fc:b9:a6:0d:fe:a3:87:90:d6:ce:
88:6d:de:5a:17:80:fb:e9:aa:a3:d5:81:4a:6e:0c:
23:4a:40:c3:cb:ae:44:02:7b:69:81:b6:b7:9b:e7:
1e:e2:4b:e7:9e:88:28:2e:13:19:95:00:8b:42:f7:
6d:02:4f:db:82:1a:51:e7:11:95:4d:d6:8a:5b:01:
5a:23:af:79:ca:38:92:36:1f:16:3c:d0:19:a0:65:
b7:e0:f3:89:92:31:2a:1c:93:a9:f0:b5:d6:c1:fe:
d7:62:38:6d:1d:96:17:ab:01:ac:e0:90:c9:45:5c:
c8:84:6e:6a:b8:c2:c9:42:a3:e0:51:34:00:99:bb:
91:47:d8:62:e0:ed:a2:0a:2b:3f:87:f4:a5:06:7e:
20:05:d7:bf:5c:f7:f5:10:3b:b4:e3:95:e7:da:ef:
7c:d6:db:d3:ae:e8:e2:26:f7:56:51:d6:54:11:85:
68:44:92:83:e9:9d:a4:10:a2:35:cb:bb:97:ac:6e:
fd:10:38:6b:97:9f:f5:ea:37:c4:06:34:cf:c7:54:
e1:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:77:C7:F4:4C:A5:12:7B:1A:F3:11:77:5C:F2:7C:1B:04:08:57:B6
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d371c773-1aa2-4d5b-9804-ea5d64fadc0a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.65.224.0/19
Signature Algorithm: sha256WithRSAEncryption
5a:b7:94:99:4d:76:ab:75:8e:65:4d:b6:d5:2c:20:11:32:e4:
8d:8b:03:1e:b7:ba:dc:46:62:a0:cc:0c:f6:99:40:34:20:f5:
c0:66:e7:53:a1:06:39:ef:6d:b9:a1:09:79:68:3a:f4:3c:38:
da:de:07:72:16:bc:0d:7f:9e:1b:e3:29:fe:0b:e4:64:76:df:
85:6f:1a:47:31:f6:c3:4d:06:51:dc:28:e8:7f:eb:ce:00:6a:
89:1c:4c:0d:ee:71:6f:2a:2d:fe:27:a8:d1:a3:8f:e8:2b:57:
b4:10:00:df:9d:8f:05:88:ab:93:69:95:fe:94:a5:f0:4d:fa:
41:32:9e:a1:8c:7d:2c:3a:b7:a8:a5:73:a2:d4:be:ff:e1:63:
76:54:37:f5:43:01:f7:99:2d:b8:ed:a9:b4:7d:f0:4b:6e:f6:
da:07:a5:89:a8:33:14:d0:41:b6:88:71:c8:99:24:fd:96:97:
ae:fe:d0:6b:97:56:24:a0:c5:c8:bf:42:a5:f6:8b:fd:b4:5b:
10:ca:e9:fd:84:0e:95:c3:f7:15:6c:2a:0b:22:c9:d6:ec:5e:
47:ad:28:d3:a2:14:ee:e5:0a:0c:5d:bc:5b:7d:73:6d:74:aa:
80:ab:6d:cc:7e:51:f2:74:05:25:02:c7:90:c0:e5:62:6c:cc:
07:1b:31:9d
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUDQiodWJ5t4yQWxHXU3yUsmVHTXcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNjAwMTFaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDk2YTA3NThlZTM3YWZmMDA1OTJhZGY4NjMyMGIzYjNjY2Y4Zjk2ZGVkZDg3
YmY4OWRiNGU0YzVkN2Q4OWFlNmExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOaq6eCRFkEgqXtg6q6I4DS5B9vGtucASyrfNUnfKXGlAHkQby9aSQ2jnN8b
uZbVILP8uaYN/qOHkNbOiG3eWheA++mqo9WBSm4MI0pAw8uuRAJ7aYG2t5vnHuJL
556IKC4TGZUAi0L3bQJP24IaUecRlU3WilsBWiOveco4kjYfFjzQGaBlt+DziZIx
KhyTqfC11sH+12I4bR2WF6sBrOCQyUVcyIRuarjCyUKj4FE0AJm7kUfYYuDtogor
P4f0pQZ+IAXXv1z39RA7tOOV59rvfNbb067o4ib3VlHWVBGFaESSg+mdpBCiNcu7
l6xu/RA4a5ef9eo3xAY0z8dU4ZcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTKd8f0
TKUSexrzEXdc8nwbBAhXtjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDM3MWM3NzMtMWFhMi00ZDViLTk4MDQtZWE1ZDY0ZmFkYzBhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBY9B4DAN
BgkqhkiG9w0BAQsFAAOCAQEAWreUmU12q3WOZU221SwgETLkjYsDHre63EZioMwM
9plANCD1wGbnU6EGOe9tuaEJeWg69Dw42t4Hcha8DX+eG+Mp/gvkZHbfhW8aRzH2
w00GUdwo6H/rzgBqiRxMDe5xbyot/ieo0aOP6CtXtBAA352PBYirk2mV/pSl8E36
QTKeoYx9LDq3qKVzotS+/+FjdlQ39UMB95ktuO2ptH3wS2722geliagzFNBBtohx
yJkk/ZaXrv7Qa5dWJKDFyL9CpfaL/bRbEMrp/YQOlcP3FWwqCyLJ1uxeR60o06IU
7uUKDF28W31zbXSqgKttzH5R8nQFJQLHkMDlYmzMBxsxnQ==
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:11:57 2026 by rpki-client