Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e398b47e-9867-4e71-96db-760f9102a39f.roa
File: e398b47e-9867-4e71-96db-760f9102a39f.roa (raw, json)
Hash identifier: g0E5yhxnn6onX2+U+MDxfPTkpTE3wvvOvN8i61gs7MY=
Subject key identifier: 62:14:8F:E9:25:94:8D:37:7D:54:12:C6:68:C6:9A:C3:D2:FC:10:F7
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 12C932EC3FC69B9E9680D470B006A858AD4D1F83
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e398b47e-9867-4e71-96db-760f9102a39f.roa
Signing time: Tue 19 May 2026 05:50:07 +0000
ROA not before: Tue 19 May 2026 05:50:07 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 62785
IP address blocks: 193.57.182.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:c9:32:ec:3f:c6:9b:9e:96:80:d4:70:b0:06:a8:58:ad:4d:1f:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 05:50:07 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=20ac15c6e430d8b6bdd86ddda283ec0d191d4971784b5e0c8c20d7e6a77a010c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:e4:e5:f3:8c:49:e8:1b:eb:e3:76:ec:7d:7a:
25:53:63:a9:1b:a4:2c:d6:93:4c:5a:ba:43:7b:a1:
f9:9b:12:97:31:1c:bf:25:c2:2d:56:1c:53:bd:5c:
95:45:b2:d3:00:e5:f4:66:db:98:38:a6:89:77:de:
47:55:e8:e8:1a:a3:10:b3:c8:07:d0:44:28:9d:46:
07:cd:ce:d9:9f:d0:cd:bd:b7:e5:28:d2:53:34:69:
cc:2c:ce:f8:2f:e1:74:db:fa:78:04:5e:ff:d5:c8:
5c:95:0e:16:2d:38:77:45:a6:ab:c2:f2:20:12:30:
3e:b5:3f:68:77:a7:e4:b9:18:11:6d:ee:a0:a6:88:
7b:53:9c:73:c0:dd:a7:d9:65:19:32:78:47:ff:7d:
90:63:c1:83:2c:57:c9:2d:5f:4a:61:53:2f:6b:09:
11:df:3a:e2:4d:8b:aa:95:3f:46:c3:d8:84:6b:97:
23:36:8d:74:34:bc:86:e5:67:d9:39:26:6a:e0:8a:
bd:bc:4b:07:9a:3e:94:90:f6:fc:6d:15:99:72:f8:
70:02:c9:56:03:0a:b0:9a:8f:af:48:fe:93:c7:86:
a3:4e:2d:a5:49:34:85:94:4f:f2:6d:78:f1:6d:b2:
3c:73:8e:67:69:2f:10:32:c9:57:34:8a:33:b5:e4:
89:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:14:8F:E9:25:94:8D:37:7D:54:12:C6:68:C6:9A:C3:D2:FC:10:F7
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e398b47e-9867-4e71-96db-760f9102a39f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.182.0/23
Signature Algorithm: sha256WithRSAEncryption
55:d9:79:d8:5b:cd:af:33:03:d5:85:80:a6:e0:54:db:9a:09:
ba:bb:9b:55:3b:23:c6:92:83:f9:73:61:71:69:4c:a0:10:a1:
f6:a8:a6:90:70:96:3f:b9:b9:6a:18:88:b0:28:8c:d1:03:8d:
54:36:16:a7:ba:22:4a:dc:4c:91:29:b0:45:63:1f:42:44:1c:
a1:8a:bd:83:19:1f:30:62:d6:89:0d:83:a0:91:02:53:df:7c:
6b:08:dd:7c:0e:e3:3e:ba:7d:7d:4a:1c:c6:fd:de:a5:17:ed:
5d:02:3f:04:5a:89:3d:cb:f9:e1:d3:29:c9:b0:4f:c0:99:e1:
91:3b:12:26:d3:15:87:cf:be:81:42:6c:41:bb:47:4b:e3:36:
b0:24:10:53:42:6d:fe:62:01:93:d4:50:d0:99:10:3e:04:03:
54:3e:d6:36:0a:5e:4e:b9:75:84:b3:0e:ee:50:b4:d9:46:8f:
38:39:3a:45:79:02:0b:75:07:20:62:3f:c2:57:8a:9b:76:fe:
cd:d0:d0:b9:76:ac:12:5b:89:98:47:dd:21:32:2f:82:45:c8:
9a:55:2e:9e:89:40:af:f4:2a:51:ed:8d:50:33:48:80:bc:28:
11:a8:38:53:c3:2a:27:83:93:83:f5:20:cc:39:c3:ca:f3:7f:
03:cb:8b:a6
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUEsky7D/Gm56WgNRwsAaoWK1NH4MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNTUwMDdaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDIwYWMxNWM2ZTQzMGQ4YjZiZGQ4NmRkZGEyODNlYzBkMTkxZDQ5NzE3ODRi
NWUwYzhjMjBkN2U2YTc3YTAxMGMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMzk5fOMSegb6+N27H16JVNjqRukLNaTTFq6Q3uh+ZsSlzEcvyXCLVYcU71c
lUWy0wDl9GbbmDimiXfeR1Xo6BqjELPIB9BEKJ1GB83O2Z/Qzb235SjSUzRpzCzO
+C/hdNv6eARe/9XIXJUOFi04d0Wmq8LyIBIwPrU/aHen5LkYEW3uoKaIe1Occ8Dd
p9llGTJ4R/99kGPBgyxXyS1fSmFTL2sJEd864k2LqpU/RsPYhGuXIzaNdDS8huVn
2TkmauCKvbxLB5o+lJD2/G0VmXL4cALJVgMKsJqPr0j+k8eGo04tpUk0hZRP8m14
8W2yPHOOZ2kvEDLJVzSKM7XkiQMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRiFI/p
JZSNN31UEsZoxprD0vwQ9zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTM5OGI0N2UtOTg2Ny00ZTcxLTk2ZGItNzYwZjkxMDJhMzlmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcE5tjAN
BgkqhkiG9w0BAQsFAAOCAQEAVdl52FvNrzMD1YWApuBU25oJurubVTsjxpKD+XNh
cWlMoBCh9qimkHCWP7m5ahiIsCiM0QONVDYWp7oiStxMkSmwRWMfQkQcoYq9gxkf
MGLWiQ2DoJECU998awjdfA7jPrp9fUocxv3epRftXQI/BFqJPcv54dMpybBPwJnh
kTsSJtMVh8++gUJsQbtHS+M2sCQQU0Jt/mIBk9RQ0JkQPgQDVD7WNgpeTrl1hLMO
7lC02UaPODk6RXkCC3UHIGI/wleKm3b+zdDQuXasEluJmEfdITIvgkXImlUunolA
r/QqUe2NUDNIgLwoEag4U8MqJ4OTg/UgzDnDyvN/A8uLpg==
-----END CERTIFICATE-----
Generated at Sat Jun 13 11:34:00 2026 by rpki-client