Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2229ee03-08c0-4c87-acab-bbf5abf49264.roa
File: 2229ee03-08c0-4c87-acab-bbf5abf49264.roa (raw, json)
Hash identifier: 4t6Wh2bqj6qZESPfmNXVOetOLBlTjiv5vDkkKZyB7U8=
Subject key identifier: 83:36:4A:51:1A:C7:B0:65:AA:79:2E:9D:76:A8:6D:97:66:85:9C:54
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 16337851E5DE648D1121296741568A466154B80D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2229ee03-08c0-4c87-acab-bbf5abf49264.roa
Signing time: Mon 27 Apr 2026 00:40:33 +0000
ROA not before: Mon 27 Apr 2026 00:40:33 +0000
ROA not after: Sun 26 Jul 2026 23:59:59 +0000
asID: 14618
IP address blocks: 51.86.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:33:78:51:e5:de:64:8d:11:21:29:67:41:56:8a:46:61:54:b8:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 27 00:40:33 2026 GMT
Not After : Jul 26 23:59:59 2026 GMT
Subject: serialNumber=ac9c681505a2111bd240965928b969a9b73b76fd56d40b4ec26bbf013a0c16fd, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:d6:b9:19:ef:f3:c8:da:25:24:d7:2f:e3:d5:
92:ff:7c:5e:d9:3f:a8:fd:d3:a3:93:b4:9e:84:36:
e0:e8:6b:01:cb:b2:4d:f6:d3:aa:c2:ec:9f:07:25:
54:02:98:d2:25:65:97:26:de:45:79:7d:81:fb:f0:
fe:0d:4d:da:13:6b:82:e9:a3:2a:4c:7d:05:ff:87:
14:d9:cf:00:57:3e:7d:22:6d:8d:07:2c:36:cd:7f:
be:6f:7f:09:83:e3:14:2e:92:38:db:30:7d:d0:87:
96:44:e9:0a:45:b0:97:97:9d:3f:b1:66:47:81:c8:
87:ca:3d:fb:df:be:b3:0b:72:da:fa:78:e2:8c:a5:
db:f5:b5:10:23:4e:78:f0:9b:0c:5f:45:ca:e1:17:
92:dd:a1:0e:4b:88:f3:f3:3d:1a:7e:76:64:56:84:
a6:21:7f:84:98:d8:db:75:4c:dc:d9:c1:20:ce:1e:
6c:81:10:63:c2:dc:44:a8:a6:69:c0:74:2c:90:48:
61:a9:5f:8e:a5:3e:d4:db:d1:ef:dd:04:88:e6:bc:
50:37:63:cf:2d:71:18:e3:85:94:a3:72:ca:e5:8e:
6f:4a:12:7d:3e:93:93:59:a1:90:7d:7b:1d:47:ec:
c3:3c:12:54:3a:40:dc:d0:a1:63:ac:0c:56:a4:0b:
d0:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:36:4A:51:1A:C7:B0:65:AA:79:2E:9D:76:A8:6D:97:66:85:9C:54
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2229ee03-08c0-4c87-acab-bbf5abf49264.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.86.0.0/15
Signature Algorithm: sha256WithRSAEncryption
47:bf:23:77:85:85:0b:74:fb:13:5c:df:02:a6:26:12:d2:9b:
38:ee:70:07:fa:ee:a2:94:56:b2:e5:91:33:f0:fd:4e:23:ed:
8e:2f:99:c0:ab:7d:10:84:5b:72:fd:0a:cd:bd:74:16:3c:a4:
97:00:61:18:ff:7d:ca:3b:22:84:4a:62:66:d6:74:eb:26:43:
0d:e7:af:05:f4:8d:03:a7:50:24:dc:b0:69:3b:9f:cd:aa:e9:
e9:8b:29:4c:a0:5f:1e:18:07:3e:08:c1:b8:0e:d9:60:c8:fe:
7c:5d:ab:3e:b3:fc:94:c2:e2:55:cd:10:51:14:49:d1:71:da:
12:32:4f:d6:95:05:35:25:8e:86:4c:84:8a:ce:14:3e:47:ee:
57:33:46:21:ae:f7:99:b7:75:fd:2e:45:91:8a:1c:47:f1:f2:
a0:1b:ef:c6:a3:7e:86:e5:02:40:92:36:8a:01:b2:48:1a:11:
41:8f:e2:77:06:62:2a:cc:01:e7:c0:e3:44:ba:82:97:62:b6:
b0:86:37:5a:33:fd:14:a0:e3:da:73:61:1e:0d:ef:ea:e8:61:
fb:42:5d:4e:3c:43:bc:99:f8:50:b8:5a:57:04:a5:b3:e3:80:
20:a0:82:d0:23:22:65:d4:05:26:b2:e1:6c:6c:50:d4:ad:ef:
0c:82:ba:00
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUFjN4UeXeZI0RISlnQVaKRmFUuA0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA0MjcwMDQwMzNaFw0yNjA3MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGFjOWM2ODE1MDVhMjExMWJkMjQwOTY1OTI4Yjk2OWE5YjczYjc2ZmQ1NmQ0
MGI0ZWMyNmJiZjAxM2EwYzE2ZmQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANrWuRnv88jaJSTXL+PVkv98Xtk/qP3To5O0noQ24OhrAcuyTfbTqsLsnwcl
VAKY0iVllybeRXl9gfvw/g1N2hNrgumjKkx9Bf+HFNnPAFc+fSJtjQcsNs1/vm9/
CYPjFC6SONswfdCHlkTpCkWwl5edP7FmR4HIh8o9+9++swty2vp44oyl2/W1ECNO
ePCbDF9FyuEXkt2hDkuI8/M9Gn52ZFaEpiF/hJjY23VM3NnBIM4ebIEQY8LcRKim
acB0LJBIYalfjqU+1NvR790EiOa8UDdjzy1xGOOFlKNyyuWOb0oSfT6Tk1mhkH17
HUfswzwSVDpA3NChY6wMVqQL0P0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSDNkpR
GsewZap5Lp12qG2XZoWcVDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjIyOWVlMDMtMDhjMC00Yzg3LWFjYWItYmJmNWFiZjQ5MjY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATNWMA0G
CSqGSIb3DQEBCwUAA4IBAQBHvyN3hYULdPsTXN8CpiYS0ps47nAH+u6ilFay5ZEz
8P1OI+2OL5nAq30QhFty/QrNvXQWPKSXAGEY/33KOyKESmJm1nTrJkMN568F9I0D
p1Ak3LBpO5/NqunpiylMoF8eGAc+CMG4DtlgyP58Xas+s/yUwuJVzRBRFEnRcdoS
Mk/WlQU1JY6GTISKzhQ+R+5XM0YhrveZt3X9LkWRihxH8fKgG+/Go36G5QJAkjaK
AbJIGhFBj+J3BmIqzAHnwONEuoKXYrawhjdaM/0UoOPac2EeDe/q6GH7Ql1OPEO8
mfhQuFpXBKWz44AgoILQIyJl1AUmsuFsbFDUre8MgroA
-----END CERTIFICATE-----
Generated at Tue May 12 22:37:18 2026 by rpki-client