Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e2093baf-9227-4159-b7ff-180369fe3bda.roa
File: e2093baf-9227-4159-b7ff-180369fe3bda.roa (raw, json)
Hash identifier: Si9y5uMR7Gl9RJJbZMAnAOMt9c0rei+MpdM0F2JX+0M=
Subject key identifier: B5:50:EB:C9:52:58:DB:2B:3D:56:7F:88:E8:00:5B:90:13:BC:4B:0A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 41B92308343C2A7EF4D557028E1348561A1F8BDB
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e2093baf-9227-4159-b7ff-180369fe3bda.roa
Signing time: Tue 19 May 2026 05:50:09 +0000
ROA not before: Tue 19 May 2026 05:50:09 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.88.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:b9:23:08:34:3c:2a:7e:f4:d5:57:02:8e:13:48:56:1a:1f:8b:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 05:50:09 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=ddfa11b1f0e1afd9fc2ec42a72ab0fded292c87e6e7284b02c09552aee5ba95d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:37:5c:75:07:1b:15:4e:94:82:57:8c:a8:4e:
fd:bc:6a:59:cf:64:55:87:1e:bb:c8:73:dc:57:ce:
e0:6c:01:f2:ee:d5:1d:a7:53:e0:11:5b:4a:4e:04:
f8:69:ed:b4:6f:d3:33:f4:68:e9:6f:5e:95:20:ca:
2b:b9:c8:d3:91:8a:d8:6e:74:cb:3b:27:31:ad:57:
f0:50:73:3b:6b:97:4c:f8:59:7d:1c:0e:20:44:8e:
4c:90:6d:2a:e2:05:85:90:3e:d9:2d:c4:82:80:8a:
cf:9e:5a:b8:2e:80:5e:e7:c6:f4:e2:e9:9d:9e:bf:
24:e1:84:67:2d:d3:37:ac:f1:22:ae:ed:4b:9b:1b:
41:0e:a7:aa:8d:ef:db:8e:d8:fc:55:87:2d:d5:d8:
cb:82:15:d5:a0:a1:ba:df:0b:2b:b3:fd:f4:df:a1:
ed:35:9b:77:4a:af:59:4c:80:2e:1f:5d:75:56:51:
e1:56:93:f3:34:71:43:47:78:b8:29:97:52:a6:3d:
fe:63:ce:ac:2d:e1:71:ec:d5:e3:5b:06:b5:f0:74:
ed:17:5e:02:81:b0:c1:7e:e0:43:db:ec:f0:e0:bc:
2b:d6:3a:8b:c3:25:b2:8a:31:4a:af:48:97:fd:e4:
a7:13:48:5d:0e:f6:e5:d5:71:56:e2:47:fc:6a:0f:
95:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:50:EB:C9:52:58:DB:2B:3D:56:7F:88:E8:00:5B:90:13:BC:4B:0A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e2093baf-9227-4159-b7ff-180369fe3bda.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.88.0.0/16
Signature Algorithm: sha256WithRSAEncryption
22:91:93:5d:f2:c9:01:fd:fb:b6:91:f7:9d:78:47:80:85:77:
d2:12:8c:52:18:c0:3f:21:03:0a:66:d2:d8:8d:02:ad:c9:9a:
f2:45:d0:4e:e3:b4:59:bc:27:d9:e1:dc:1c:32:d6:2c:ef:03:
71:df:a6:d3:bd:2d:21:90:09:4c:a8:b7:a5:8c:11:99:b3:27:
e1:b6:17:5c:e2:90:36:74:67:65:f2:23:51:ac:86:b2:27:b6:
9e:d8:6e:4e:b9:1d:5f:8c:9f:54:34:06:87:79:36:b5:44:b7:
cf:cc:f3:b3:3d:c8:2d:3b:8b:ff:f7:27:69:29:74:91:e2:4b:
ff:3a:3d:f9:bf:4b:9b:b3:73:ca:1b:f3:07:75:b4:cd:b0:ec:
2c:9a:58:31:31:f2:01:d3:3b:52:ea:2e:f2:cc:00:6d:a0:ce:
95:10:4f:a7:f8:0e:f6:24:21:38:92:3e:cf:3c:86:07:8b:f5:
72:d8:2a:27:bf:61:b7:b9:be:6c:f6:81:3d:a2:43:96:4f:fd:
bd:1d:90:f3:df:5b:4e:56:fc:6d:50:b5:6d:6a:88:85:59:57:
af:56:44:19:ed:9d:e8:2e:7b:4a:11:b4:59:22:08:a1:23:18:
0e:5c:f0:df:22:fc:49:b3:8d:b1:d8:4d:54:73:c9:21:ea:87:
3f:79:e8:b4
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUQbkjCDQ8Kn701VcCjhNIVhofi9swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNTUwMDlaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGRkZmExMWIxZjBlMWFmZDlmYzJlYzQyYTcyYWIwZmRlZDI5MmM4N2U2ZTcy
ODRiMDJjMDk1NTJhZWU1YmE5NWQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMA3XHUHGxVOlIJXjKhO/bxqWc9kVYceu8hz3FfO4GwB8u7VHadT4BFbSk4E
+GnttG/TM/Ro6W9elSDKK7nI05GK2G50yzsnMa1X8FBzO2uXTPhZfRwOIESOTJBt
KuIFhZA+2S3EgoCKz55auC6AXufG9OLpnZ6/JOGEZy3TN6zxIq7tS5sbQQ6nqo3v
247Y/FWHLdXYy4IV1aChut8LK7P99N+h7TWbd0qvWUyALh9ddVZR4VaT8zRxQ0d4
uCmXUqY9/mPOrC3hcezV41sGtfB07RdeAoGwwX7gQ9vs8OC8K9Y6i8MlsooxSq9I
l/3kpxNIXQ725dVxVuJH/GoPlZ8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS1UOvJ
UljbKz1Wf4joAFuQE7xLCjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTIwOTNiYWYtOTIyNy00MTU5LWI3ZmYtMTgwMzY5ZmUzYmRhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNYMA0G
CSqGSIb3DQEBCwUAA4IBAQAikZNd8skB/fu2kfedeEeAhXfSEoxSGMA/IQMKZtLY
jQKtyZryRdBO47RZvCfZ4dwcMtYs7wNx36bTvS0hkAlMqLeljBGZsyfhthdc4pA2
dGdl8iNRrIayJ7ae2G5OuR1fjJ9UNAaHeTa1RLfPzPOzPcgtO4v/9ydpKXSR4kv/
Oj35v0ubs3PKG/MHdbTNsOwsmlgxMfIB0ztS6i7yzABtoM6VEE+n+A72JCE4kj7P
PIYHi/Vy2Conv2G3ub5s9oE9okOWT/29HZDz31tOVvxtULVtaoiFWVevVkQZ7Z3o
LntKEbRZIgihIxgOXPDfIvxJs42x2E1Uc8kh6oc/eei0
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:12:45 2026 by rpki-client