Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/46eb8bb9-8a91-491d-8f3f-9cc4afcf5ecd.roa
File: 46eb8bb9-8a91-491d-8f3f-9cc4afcf5ecd.roa (raw, json)
Hash identifier: X+OEJqGg/RAy5PtDlJuPMzDgOnRLoB5G1F/atyrHu34=
Subject key identifier: 50:8C:0D:EB:55:83:AD:1F:25:2B:3A:2D:03:26:6A:6E:5E:95:81:C9
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 79D7C7554679FD1E3C63C9488E82618ABEE717F3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/46eb8bb9-8a91-491d-8f3f-9cc4afcf5ecd.roa
Signing time: Mon 04 May 2026 15:30:08 +0000
ROA not before: Mon 04 May 2026 15:30:08 +0000
ROA not after: Sun 02 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.108.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:d7:c7:55:46:79:fd:1e:3c:63:c9:48:8e:82:61:8a:be:e7:17:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 4 15:30:08 2026 GMT
Not After : Aug 2 23:59:59 2026 GMT
Subject: serialNumber=5855318a5751972fe7eeacd125d595b562ed1e13204d9e4185c394b4027f3150, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:aa:de:39:16:5c:2a:ad:86:04:f8:b2:e4:8b:
13:20:66:22:6a:d0:ee:70:f4:7d:9a:fe:0a:9b:26:
45:c2:16:84:12:a2:72:e7:bd:a4:f6:a2:89:d9:10:
23:41:96:e4:db:7a:dd:23:ed:15:6d:7a:c3:ac:ce:
5e:01:ae:87:98:57:e8:db:67:4c:9f:d1:ca:a0:92:
6d:d5:06:62:28:e1:5d:aa:c6:56:08:b0:58:7c:fc:
bc:ed:b7:79:eb:1c:b6:81:79:89:b2:b3:dc:66:bb:
20:25:bc:63:52:37:be:fb:a2:68:be:16:d9:b2:23:
0d:8a:ef:73:7a:07:2e:95:69:28:af:6e:42:1f:a5:
ee:63:ae:22:43:0e:f2:bf:cb:12:9c:6d:8a:9d:44:
15:00:4f:5a:f4:a1:a0:a6:23:b5:aa:b1:36:4e:89:
9a:23:0a:01:4d:72:53:bd:b5:46:a2:5b:ec:e5:f8:
df:92:42:79:a2:4f:9d:84:34:b5:93:3e:96:ab:c7:
f3:d3:20:f2:6a:d0:14:a9:3e:e3:da:cb:47:95:57:
4e:34:79:b7:65:f3:df:03:08:fd:7e:2f:f5:59:64:
6d:cb:8f:c0:49:a0:01:12:47:f2:cb:ff:6c:4e:bb:
19:10:09:4c:ed:69:ae:f6:26:12:a2:6c:8b:f2:9b:
c3:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:8C:0D:EB:55:83:AD:1F:25:2B:3A:2D:03:26:6A:6E:5E:95:81:C9
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/46eb8bb9-8a91-491d-8f3f-9cc4afcf5ecd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.108.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b3:a4:78:4f:d4:88:54:b1:ec:1d:68:7c:63:95:4f:79:7d:e6:
74:45:0e:0a:39:87:d1:fd:ab:91:4f:b3:bb:db:a6:71:7b:56:
c8:a1:37:0e:16:26:2a:c2:de:c6:bf:5c:e0:bd:3b:4d:88:2f:
93:3d:70:47:c8:81:fe:ff:ad:63:56:22:65:a6:05:a6:a6:14:
e1:d0:4a:11:07:e2:7f:c5:bd:4a:a2:e9:b0:5d:27:0e:5f:2d:
dd:b3:2d:ae:2d:97:50:10:28:49:1c:7f:4c:c0:67:43:7e:6f:
79:1b:eb:27:e8:3f:c6:db:c4:61:e8:e0:54:72:d2:69:6e:8f:
4d:dd:1f:b1:ab:75:7b:15:e5:b6:93:27:2b:3b:bd:98:c7:b6:
49:3e:5b:d9:88:cd:ca:ad:0c:1f:f7:a0:b0:a7:b1:3c:67:3d:
4b:db:dc:5c:01:ad:8d:af:05:60:ce:30:9c:e9:bc:cc:96:f0:
7e:5a:12:19:69:9c:31:76:c5:f1:ca:d0:eb:37:ed:e2:fc:ef:
64:06:1f:35:00:53:07:f2:b6:44:37:68:28:9c:22:7b:74:32:
aa:e5:c9:18:1e:64:61:e1:f3:c7:c7:d9:63:86:f6:e9:b7:95:
78:95:62:28:a4:3c:8f:4c:71:46:30:f0:35:3f:41:4e:88:ac:
a1:85:20:04
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUedfHVUZ5/R48Y8lIjoJhir7nF/MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MDQxNTMwMDhaFw0yNjA4MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDU4NTUzMThhNTc1MTk3MmZlN2VlYWNkMTI1ZDU5NWI1NjJlZDFlMTMyMDRk
OWU0MTg1YzM5NGI0MDI3ZjMxNTAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALCq3jkWXCqthgT4suSLEyBmImrQ7nD0fZr+CpsmRcIWhBKicue9pPaiidkQ
I0GW5Nt63SPtFW16w6zOXgGuh5hX6NtnTJ/RyqCSbdUGYijhXarGVgiwWHz8vO23
eesctoF5ibKz3Ga7ICW8Y1I3vvuiaL4W2bIjDYrvc3oHLpVpKK9uQh+l7mOuIkMO
8r/LEpxtip1EFQBPWvShoKYjtaqxNk6JmiMKAU1yU721RqJb7OX435JCeaJPnYQ0
tZM+lqvH89Mg8mrQFKk+49rLR5VXTjR5t2Xz3wMI/X4v9VlkbcuPwEmgARJH8sv/
bE67GRAJTO1prvYmEqJsi/Kbw2kCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRQjA3r
VYOtHyUrOi0DJmpuXpWByTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDZlYjhiYjktOGE5MS00OTFkLThmM2YtOWNjNGFmY2Y1ZWNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNsMA0G
CSqGSIb3DQEBCwUAA4IBAQCzpHhP1IhUsewdaHxjlU95feZ0RQ4KOYfR/auRT7O7
26Zxe1bIoTcOFiYqwt7Gv1zgvTtNiC+TPXBHyIH+/61jViJlpgWmphTh0EoRB+J/
xb1KoumwXScOXy3dsy2uLZdQEChJHH9MwGdDfm95G+sn6D/G28Rh6OBUctJpbo9N
3R+xq3V7FeW2kycrO72Yx7ZJPlvZiM3KrQwf96Cwp7E8Zz1L29xcAa2NrwVgzjCc
6bzMlvB+WhIZaZwxdsXxytDrN+3i/O9kBh81AFMH8rZEN2gonCJ7dDKq5ckYHmRh
4fPHx9ljhvbpt5V4lWIopDyPTHFGMPA1P0FOiKyhhSAE
-----END CERTIFICATE-----
Generated at Tue May 12 23:36:03 2026 by rpki-client