Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/de83ab0d-730e-4ba0-9d22-af2c8b7fd8f7.roa
File: de83ab0d-730e-4ba0-9d22-af2c8b7fd8f7.roa (raw, json)
Hash identifier: Zj8zsnlsD8pQQe0a4FtjSvrIz6DVK3Kx9H7ujBPvpSg=
Subject key identifier: 77:06:BD:A0:8D:0B:9F:24:14:95:44:CA:6D:03:CC:D6:CD:7B:1E:4B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 217EFB1EFB42C481FFA3C4892A23ACBC940E1CC0
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/de83ab0d-730e-4ba0-9d22-af2c8b7fd8f7.roa
Signing time: Tue 19 May 2026 05:50:38 +0000
ROA not before: Tue 19 May 2026 05:50:38 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.40.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:7e:fb:1e:fb:42:c4:81:ff:a3:c4:89:2a:23:ac:bc:94:0e:1c:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 05:50:38 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=a17ad5b51e0e2d78fac5713a37cacdfbba7ea0a88cef6856c9d608fb24525de9, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:75:b6:62:78:4e:d5:36:1c:d5:7a:7a:ef:d2:
ae:93:53:63:fa:f9:0e:16:ff:00:3f:9e:42:40:0a:
a7:f8:c2:1b:a0:be:4c:b6:09:8a:72:72:6f:42:1b:
62:22:10:24:a5:4b:69:5a:f3:06:17:18:81:7a:d7:
30:9d:3d:dc:02:34:fa:bf:71:3a:e4:51:a2:7e:4c:
30:7a:ec:41:ff:37:7b:b9:8b:09:41:97:d5:eb:da:
25:ba:59:f3:d2:89:b6:83:5a:a2:28:32:35:f3:6a:
2f:12:bb:7f:2d:f0:09:5c:06:27:d6:24:cd:a2:d5:
8f:3d:93:f7:27:31:9a:8a:46:c4:22:d7:30:2e:87:
d9:4e:8c:c1:66:91:de:91:79:f3:06:e6:31:c7:4c:
2b:92:fe:54:8f:4c:5f:df:dc:e8:82:6e:6e:fe:d3:
4d:98:84:f8:ad:8c:a9:ea:80:0c:22:05:ae:c6:9e:
62:ed:a4:6c:52:90:83:eb:ab:ad:a0:cf:62:6f:78:
30:42:65:93:3a:71:24:0c:36:eb:f8:91:4c:a4:88:
ba:86:22:73:ff:30:83:23:86:d4:35:d0:5b:0f:93:
06:b7:d7:d8:30:5d:0e:cd:34:25:a0:50:48:d4:f0:
7b:07:65:05:e0:77:4a:cc:d6:d3:d0:f2:fe:9a:2a:
62:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:06:BD:A0:8D:0B:9F:24:14:95:44:CA:6D:03:CC:D6:CD:7B:1E:4B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/de83ab0d-730e-4ba0-9d22-af2c8b7fd8f7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.40.0.0/16
Signature Algorithm: sha256WithRSAEncryption
18:e8:2a:35:ae:92:d3:0c:b3:48:19:aa:6f:51:37:cf:35:a9:
3a:97:aa:b4:1c:9f:10:a4:a4:3e:c9:47:0f:0c:33:63:77:80:
6c:96:5c:ce:f4:5d:e1:1d:66:4a:2b:35:83:48:72:cf:8d:96:
4e:c5:5b:b4:d8:0c:e3:e0:11:9b:96:4c:b7:cd:a5:e3:90:99:
db:41:80:7b:62:08:97:7f:a5:26:5a:16:38:71:71:29:41:79:
1a:9a:e2:7a:34:86:ba:b6:68:56:1b:41:b3:97:3b:8c:4c:57:
48:41:46:e3:8b:bf:b9:83:0b:52:23:79:53:fb:f2:4e:87:bd:
3f:53:e2:78:02:7b:28:6c:ee:7f:8d:91:b2:20:ac:18:6b:06:
fc:57:64:b0:56:49:07:b2:08:13:48:03:38:f8:70:9a:3c:98:
b5:1f:45:a2:45:42:e0:11:6d:37:04:25:db:01:24:09:91:48:
bf:7e:8b:36:5d:94:8f:30:16:9c:9d:a2:49:b8:da:a4:63:ea:
64:dc:ce:44:5e:81:84:b2:47:0e:df:94:60:fa:eb:f2:09:0b:
95:43:2c:57:57:fe:1a:70:43:37:3d:b2:ea:5c:21:4b:7f:98:
35:d0:e7:ae:db:af:fe:ad:fe:bc:8f:31:a5:33:a5:83:8d:a9:
70:ef:51:cf
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUIX77HvtCxIH/o8SJKiOsvJQOHMAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNTUwMzhaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGExN2FkNWI1MWUwZTJkNzhmYWM1NzEzYTM3Y2FjZGZiYmE3ZWEwYTg4Y2Vm
Njg1NmM5ZDYwOGZiMjQ1MjVkZTkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMt1tmJ4TtU2HNV6eu/SrpNTY/r5Dhb/AD+eQkAKp/jCG6C+TLYJinJyb0Ib
YiIQJKVLaVrzBhcYgXrXMJ093AI0+r9xOuRRon5MMHrsQf83e7mLCUGX1evaJbpZ
89KJtoNaoigyNfNqLxK7fy3wCVwGJ9YkzaLVjz2T9ycxmopGxCLXMC6H2U6MwWaR
3pF58wbmMcdMK5L+VI9MX9/c6IJubv7TTZiE+K2MqeqADCIFrsaeYu2kbFKQg+ur
raDPYm94MEJlkzpxJAw26/iRTKSIuoYic/8wgyOG1DXQWw+TBrfX2DBdDs00JaBQ
SNTwewdlBeB3SszW09Dy/poqYkMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR3Br2g
jQufJBSVRMptA8zWzXseSzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZGU4M2FiMGQtNzMwZS00YmEwLTlkMjItYWYyYzhiN2ZkOGY3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMoMA0G
CSqGSIb3DQEBCwUAA4IBAQAY6Co1rpLTDLNIGapvUTfPNak6l6q0HJ8QpKQ+yUcP
DDNjd4BsllzO9F3hHWZKKzWDSHLPjZZOxVu02Azj4BGblky3zaXjkJnbQYB7YgiX
f6UmWhY4cXEpQXkamuJ6NIa6tmhWG0GzlzuMTFdIQUbji7+5gwtSI3lT+/JOh70/
U+J4AnsobO5/jZGyIKwYawb8V2SwVkkHsggTSAM4+HCaPJi1H0WiRULgEW03BCXb
ASQJkUi/fos2XZSPMBacnaJJuNqkY+pk3M5EXoGEskcO35Rg+uvyCQuVQyxXV/4a
cEM3PbLqXCFLf5g10Oeu26/+rf68jzGlM6WDjalw71HP
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:11:51 2026 by rpki-client