Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f0b62efe-867d-4733-9b0c-8354a04195f8.roa
File: f0b62efe-867d-4733-9b0c-8354a04195f8.roa (raw, json)
Hash identifier: YeHJLsp2WAd2N6S6rrbSz/Ua8bVxR4XP84s+hrBjynE=
Subject key identifier: 48:81:33:A5:4B:EA:D5:0D:A7:C6:19:67:62:20:34:FE:11:13:48:68
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 116E60DB8E9ED2B7D487E9DE556C4E81C82E1943
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f0b62efe-867d-4733-9b0c-8354a04195f8.roa
Signing time: Tue 19 May 2026 05:50:12 +0000
ROA not before: Tue 19 May 2026 05:50:12 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.128.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:6e:60:db:8e:9e:d2:b7:d4:87:e9:de:55:6c:4e:81:c8:2e:19:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 05:50:12 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=118855143429acb19109e1bfff1ede5f73a6f678d1669ac7ae650db2d8d424b4, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:53:9d:fa:81:e2:51:77:09:71:ae:03:e9:38:
14:64:83:1c:73:8e:f4:16:67:61:54:17:95:06:69:
69:96:b1:87:bd:a5:49:20:10:3c:aa:63:d8:6a:c2:
cf:25:a8:05:29:c8:45:e0:3f:a5:9f:ea:ca:6e:d5:
7b:58:30:d1:cd:c5:3c:54:5e:ae:c5:4c:e9:a6:b4:
0e:13:f2:71:1f:10:f4:9d:7d:86:16:6d:bb:bb:1b:
d3:4d:51:96:07:11:2b:ea:f7:ec:d5:a4:dc:e6:7c:
fa:2f:7f:71:b2:1f:98:e9:75:cc:1d:aa:c6:8d:32:
f6:51:76:75:bf:62:af:a2:93:ce:0a:65:da:e5:1f:
c3:6e:f9:30:47:c4:0a:17:35:eb:63:f8:06:ef:01:
c6:d1:94:e3:a2:81:8d:28:47:66:83:57:a5:51:14:
6c:4b:dc:73:3e:ce:ae:53:a5:62:c0:ac:6f:bf:d8:
34:d9:a1:89:9d:8f:85:b9:ca:32:c6:25:c1:ef:fe:
4c:8f:c2:56:28:71:9c:bd:82:5b:0e:58:98:e9:a5:
b1:35:06:dc:9c:0e:37:09:b6:e0:4c:97:60:44:58:
50:93:b7:ca:d2:ec:b5:ea:74:6c:1c:9f:bd:88:d2:
f4:bd:cb:aa:be:1b:a9:54:7e:7d:a8:29:4a:e1:59:
84:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:81:33:A5:4B:EA:D5:0D:A7:C6:19:67:62:20:34:FE:11:13:48:68
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f0b62efe-867d-4733-9b0c-8354a04195f8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.128.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8d:77:95:86:0a:59:fa:43:2c:8e:60:58:84:77:2c:93:62:eb:
4c:2e:45:41:ea:36:f5:2d:38:58:ab:8f:c7:8a:29:06:6a:6c:
ea:49:0f:6f:2c:22:6d:b3:07:86:42:3d:ff:6a:83:7b:55:09:
14:c8:cf:50:db:b4:0c:59:e6:a2:49:a6:9f:5c:9c:36:57:66:
8b:63:93:58:a6:25:9c:8b:ef:4d:5b:cf:08:b3:7e:c9:8c:84:
3f:91:84:5f:49:93:92:3f:1b:74:7e:3f:8c:c6:0e:8b:67:b1:
0a:81:d2:62:7e:67:06:c8:25:dd:38:46:86:5f:9f:b7:1d:96:
97:3f:43:d6:89:35:61:ec:ce:17:89:80:4c:92:5c:0c:32:9a:
bd:21:73:66:bf:62:4f:1f:26:4a:d5:ed:23:2b:d9:55:68:b0:
51:77:ac:ae:d2:1d:61:4a:27:bd:53:3c:56:23:c0:25:cb:30:
2c:56:1a:f8:7c:91:16:35:68:4b:cf:0a:5c:fe:a6:0b:d5:81:
5d:65:3c:60:08:6f:7c:21:88:35:5e:39:bf:3b:a4:7d:91:7e:
ae:13:b7:cf:a4:70:6d:a7:09:3c:be:21:90:ea:66:94:38:4a:
44:e8:09:1e:27:15:6d:6c:7d:cc:92:c3:42:9b:ba:75:d8:3b:
f8:30:2a:a6
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUEW5g246e0rfUh+neVWxOgcguGUMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNTUwMTJaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDExODg1NTE0MzQyOWFjYjE5MTA5ZTFiZmZmMWVkZTVmNzNhNmY2NzhkMTY2
OWFjN2FlNjUwZGIyZDhkNDI0YjQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKJTnfqB4lF3CXGuA+k4FGSDHHOO9BZnYVQXlQZpaZaxh72lSSAQPKpj2GrC
zyWoBSnIReA/pZ/qym7Ve1gw0c3FPFRersVM6aa0DhPycR8Q9J19hhZtu7sb001R
lgcRK+r37NWk3OZ8+i9/cbIfmOl1zB2qxo0y9lF2db9ir6KTzgpl2uUfw275MEfE
Chc162P4Bu8BxtGU46KBjShHZoNXpVEUbEvccz7OrlOlYsCsb7/YNNmhiZ2PhbnK
MsYlwe/+TI/CVihxnL2CWw5YmOmlsTUG3JwONwm24EyXYERYUJO3ytLstep0bByf
vYjS9L3Lqr4bqVR+fagpSuFZhKMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRIgTOl
S+rVDafGGWdiIDT+ERNIaDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjBiNjJlZmUtODY3ZC00NzMzLTliMGMtODM1NGEwNDE5NWY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOAMA0G
CSqGSIb3DQEBCwUAA4IBAQCNd5WGCln6QyyOYFiEdyyTYutMLkVB6jb1LThYq4/H
iikGamzqSQ9vLCJtsweGQj3/aoN7VQkUyM9Q27QMWeaiSaafXJw2V2aLY5NYpiWc
i+9NW88Is37JjIQ/kYRfSZOSPxt0fj+Mxg6LZ7EKgdJifmcGyCXdOEaGX5+3HZaX
P0PWiTVh7M4XiYBMklwMMpq9IXNmv2JPHyZK1e0jK9lVaLBRd6yu0h1hSie9UzxW
I8AlyzAsVhr4fJEWNWhLzwpc/qYL1YFdZTxgCG98IYg1Xjm/O6R9kX6uE7fPpHBt
pwk8viGQ6maUOEpE6AkeJxVtbH3MksNCm7p12Dv4MCqm
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:15:30 2026 by rpki-client