Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc353215-935f-47d2-9298-767ccc0eae1a.roa
File: fc353215-935f-47d2-9298-767ccc0eae1a.roa (raw, json)
Hash identifier: lmxXGDg1wM5OdPzEqUth8IpMWQl2WCnZqagOTm2m09U=
Subject key identifier: C8:F3:E5:72:17:5C:88:01:BF:C2:4B:DA:85:FC:A5:80:28:91:08:B3
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7BE1B239B10D9D7444E8E8529BE20ADBD24F0587
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc353215-935f-47d2-9298-767ccc0eae1a.roa
Signing time: Tue 19 May 2026 06:00:09 +0000
ROA not before: Tue 19 May 2026 06:00:09 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 85.151.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:e1:b2:39:b1:0d:9d:74:44:e8:e8:52:9b:e2:0a:db:d2:4f:05:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 06:00:09 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=fa495388d662557b36adf34a8e4c6f783635cffd2dc742ebfb52ed9aa741e610, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:11:e8:6a:c2:8e:b4:08:e1:c3:9a:f0:6f:55:
1d:5b:45:81:10:4b:49:83:a0:89:18:9f:82:55:0d:
74:ac:be:ed:d3:61:e1:5e:1d:ec:67:ba:5e:30:9a:
8b:f6:ca:98:1d:30:90:98:f7:ba:84:29:1c:fe:5a:
fa:d8:61:a5:7a:38:45:4c:77:0e:db:f3:3a:18:2d:
88:75:eb:71:c1:c1:86:f9:b5:6e:6d:49:86:d1:d1:
c5:f0:23:31:1d:1e:17:66:12:83:9f:9c:9c:a5:eb:
57:c4:00:39:cc:52:9f:63:5e:bf:5a:23:95:3a:16:
c8:96:46:a9:da:a2:b8:4c:15:5b:50:a6:d2:a7:5f:
82:96:77:e9:bd:9f:63:e4:b5:73:b1:4d:58:eb:d6:
af:cf:6a:bf:48:a3:31:4e:b1:20:9c:9e:13:76:c7:
9e:64:96:23:e4:9d:b4:1f:74:fc:7f:c1:ee:97:f9:
82:a4:2e:5b:b4:74:9b:1f:2c:e7:8c:8e:b8:89:b1:
55:0a:30:2e:63:a4:ed:e5:b8:02:72:8c:b5:87:93:
37:b7:cc:99:98:0e:d0:63:7c:86:d3:33:22:30:95:
32:fb:b5:76:28:b4:00:a9:42:8e:c0:d1:81:31:78:
5e:8e:ee:f6:b3:c0:64:00:2e:9f:b3:cb:68:e5:8d:
8d:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:F3:E5:72:17:5C:88:01:BF:C2:4B:DA:85:FC:A5:80:28:91:08:B3
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc353215-935f-47d2-9298-767ccc0eae1a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.151.0.0/16
Signature Algorithm: sha256WithRSAEncryption
60:36:74:c6:5d:71:73:66:1f:01:b1:01:e5:b6:fe:12:db:b0:
f9:1d:9f:0d:5d:ea:74:b2:76:89:c2:5e:07:f7:e6:0a:6e:e2:
87:70:3e:19:57:3e:e2:6a:f8:72:47:ae:c8:f3:6f:f2:c7:ce:
ac:6e:14:40:a2:9b:66:49:ca:72:8b:d2:be:a9:30:f6:9e:db:
08:01:e8:83:4b:a9:00:d5:c7:fa:a1:35:b0:0e:15:bc:7a:fc:
84:bc:f6:f8:3d:2b:5c:57:b0:5c:ae:00:23:ae:76:a7:40:58:
25:5f:b6:49:1a:0a:9f:cd:a6:9c:21:42:4b:56:dd:6b:b5:b6:
6b:f9:0e:ec:79:a9:d3:84:42:c7:1e:12:ea:20:30:54:cf:8b:
b0:8f:14:45:c7:bb:02:25:40:17:a7:29:31:53:83:d6:6b:8b:
13:38:38:d3:4c:23:09:74:db:4f:a4:0b:25:5c:4f:37:fa:72:
7a:af:e2:31:b8:a5:82:7a:77:f2:61:0d:03:b1:7a:7a:a0:3b:
83:a9:23:e9:b2:15:42:37:0f:08:a3:e4:0b:12:a2:19:2b:a8:
c7:df:75:db:37:cd:66:3f:c5:c0:cc:61:97:c6:71:03:49:25:
a2:81:13:7e:f3:20:bb:af:b7:2e:c3:4c:25:d4:82:9d:25:7e:
d5:f8:d8:d3
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUe+GyObENnXRE6OhSm+IK29JPBYcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNjAwMDlaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGZhNDk1Mzg4ZDY2MjU1N2IzNmFkZjM0YThlNGM2Zjc4MzYzNWNmZmQyZGM3
NDJlYmZiNTJlZDlhYTc0MWU2MTAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKER6GrCjrQI4cOa8G9VHVtFgRBLSYOgiRifglUNdKy+7dNh4V4d7Ge6XjCa
i/bKmB0wkJj3uoQpHP5a+thhpXo4RUx3DtvzOhgtiHXrccHBhvm1bm1JhtHRxfAj
MR0eF2YSg5+cnKXrV8QAOcxSn2Nev1ojlToWyJZGqdqiuEwVW1Cm0qdfgpZ36b2f
Y+S1c7FNWOvWr89qv0ijMU6xIJyeE3bHnmSWI+SdtB90/H/B7pf5gqQuW7R0mx8s
54yOuImxVQowLmOk7eW4AnKMtYeTN7fMmZgO0GN8htMzIjCVMvu1dii0AKlCjsDR
gTF4Xo7u9rPAZAAun7PLaOWNjakCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTI8+Vy
F1yIAb/CS9qF/KWAKJEIszAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmMzNTMyMTUtOTM1Zi00N2QyLTkyOTgtNzY3Y2NjMGVhZTFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAFWXMA0G
CSqGSIb3DQEBCwUAA4IBAQBgNnTGXXFzZh8BsQHltv4S27D5HZ8NXep0snaJwl4H
9+YKbuKHcD4ZVz7iavhyR67I82/yx86sbhRAoptmScpyi9K+qTD2ntsIAeiDS6kA
1cf6oTWwDhW8evyEvPb4PStcV7BcrgAjrnanQFglX7ZJGgqfzaacIUJLVt1rtbZr
+Q7seanThELHHhLqIDBUz4uwjxRFx7sCJUAXpykxU4PWa4sTODjTTCMJdNtPpAsl
XE83+nJ6r+IxuKWCenfyYQ0DsXp6oDuDqSPpshVCNw8Io+QLEqIZK6jH33XbN81m
P8XAzGGXxnEDSSWigRN+8yC7r7cuw0wl1IKdJX7V+NjT
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:00:19 2026 by rpki-client