Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b8eca1c-0001-4580-9357-36838b685542.roa
File: 5b8eca1c-0001-4580-9357-36838b685542.roa (raw, json)
Hash identifier: uURg9e0wDib1W/TlPb0afz3w56eFehwIyKGuhoaR0Uo=
Subject key identifier: 7D:06:4C:D2:22:B9:00:C5:AF:8D:CD:CE:1A:43:DC:36:F5:5D:D0:C7
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2EDEEF14AB8A5B0E7A7F164B213F6AEC844DB805
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b8eca1c-0001-4580-9357-36838b685542.roa
Signing time: Mon 04 May 2026 15:30:06 +0000
ROA not before: Mon 04 May 2026 15:30:06 +0000
ROA not after: Sun 02 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 159.239.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:de:ef:14:ab:8a:5b:0e:7a:7f:16:4b:21:3f:6a:ec:84:4d:b8:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 4 15:30:06 2026 GMT
Not After : Aug 2 23:59:59 2026 GMT
Subject: serialNumber=ed2288bcb18d48524a9e172945e1247ceeff4c337afbe54805c9d19dfb91da58, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:73:86:fc:93:66:b7:4e:02:57:01:5d:63:e5:
0c:4c:67:aa:e4:27:d5:6b:de:6c:07:69:64:fe:25:
b3:05:7b:db:e7:47:07:bb:14:0c:36:56:6f:8d:2f:
47:6e:67:ff:e6:36:27:a7:7b:40:53:9b:75:87:eb:
02:cd:8e:ce:bd:6b:f3:d4:77:b4:7b:7e:88:c7:5e:
3f:bb:3a:f5:10:e6:2d:87:35:1d:91:d5:6e:ca:6e:
52:4f:65:08:f9:49:01:45:a0:c8:4a:e5:16:f8:55:
d8:d3:de:68:4e:3e:72:cf:5d:2b:2a:de:7d:48:29:
5e:f5:f9:f7:53:14:6f:8f:89:c6:62:d0:d2:db:33:
57:2e:75:74:dc:7b:40:c7:d0:0b:e8:6e:37:1a:eb:
69:74:98:22:87:b3:01:c7:37:57:9c:29:1f:30:37:
db:df:13:af:c3:41:aa:e6:88:99:97:7c:15:ad:f4:
6a:e3:d5:6c:09:45:18:49:71:6d:96:54:fe:93:03:
df:9d:8e:d0:2d:6a:74:74:ad:43:3c:14:29:0f:c5:
8c:89:11:a2:26:d9:66:15:9c:ee:12:70:c1:f8:59:
ff:fa:c8:7f:44:55:29:11:f0:3f:59:ec:b2:1a:47:
e4:57:1f:97:fe:3b:af:81:5b:27:fc:74:8c:87:52:
54:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:06:4C:D2:22:B9:00:C5:AF:8D:CD:CE:1A:43:DC:36:F5:5D:D0:C7
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b8eca1c-0001-4580-9357-36838b685542.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.239.0.0/16
Signature Algorithm: sha256WithRSAEncryption
28:29:dc:7b:2c:be:b7:22:d1:20:c2:1a:82:73:b2:de:0c:bb:
19:c3:79:58:50:68:3e:83:d6:32:4b:00:2e:87:94:52:25:17:
47:73:77:06:6f:40:7e:11:e8:5a:1b:41:85:71:68:d5:90:ec:
4e:e7:cd:78:cc:52:eb:15:b3:a8:0e:d5:7b:58:ea:67:b9:55:
9b:6b:c7:b5:79:38:64:b1:ac:d7:96:0b:6c:82:2a:97:b8:65:
18:34:48:30:f5:f0:80:fc:a8:b6:29:e3:47:4c:bd:27:3b:bd:
73:c6:f3:c0:0b:e3:31:1c:65:ba:8c:fb:6e:1d:79:32:6d:3b:
3a:57:3a:b8:06:33:94:9b:b4:f6:49:fd:59:70:64:40:13:9f:
ad:f2:10:93:df:e2:ea:5b:25:0b:07:b3:0b:06:c1:93:4b:53:
47:b0:95:f5:aa:5f:46:e5:5f:63:de:51:14:e2:04:6f:c5:fa:
a4:33:8c:9a:b5:db:83:57:23:95:7e:f3:d8:bd:a6:38:16:05:
86:f6:9e:40:ec:9f:4b:63:20:fe:de:77:fb:30:ee:93:65:33:
ce:df:b5:8e:ff:44:0e:8d:d6:c1:7d:e2:bc:ea:87:ce:d4:94:
a0:da:a7:94:23:d3:44:6c:d5:22:ea:1c:66:80:0f:79:92:41:
98:ba:97:27
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIULt7vFKuKWw56fxZLIT9q7IRNuAUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MDQxNTMwMDZaFw0yNjA4MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQGVkMjI4OGJjYjE4ZDQ4NTI0YTllMTcyOTQ1ZTEyNDdjZWVmZjRjMzM3YWZi
ZTU0ODA1YzlkMTlkZmI5MWRhNTgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANpzhvyTZrdOAlcBXWPlDExnquQn1WvebAdpZP4lswV72+dHB7sUDDZWb40v
R25n/+Y2J6d7QFObdYfrAs2Ozr1r89R3tHt+iMdeP7s69RDmLYc1HZHVbspuUk9l
CPlJAUWgyErlFvhV2NPeaE4+cs9dKyrefUgpXvX591MUb4+JxmLQ0tszVy51dNx7
QMfQC+huNxrraXSYIoezAcc3V5wpHzA3298Tr8NBquaImZd8Fa30auPVbAlFGElx
bZZU/pMD352O0C1qdHStQzwUKQ/FjIkRoibZZhWc7hJwwfhZ//rIf0RVKRHwP1ns
shpH5Fcfl/47r4FbJ/x0jIdSVDsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR9BkzS
IrkAxa+Nzc4aQ9w29V3QxzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NWI4ZWNhMWMtMDAwMS00NTgwLTkzNTctMzY4MzhiNjg1NTQyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJ/vMA0G
CSqGSIb3DQEBCwUAA4IBAQAoKdx7LL63ItEgwhqCc7LeDLsZw3lYUGg+g9YySwAu
h5RSJRdHc3cGb0B+EehaG0GFcWjVkOxO5814zFLrFbOoDtV7WOpnuVWba8e1eThk
sazXlgtsgiqXuGUYNEgw9fCA/Ki2KeNHTL0nO71zxvPAC+MxHGW6jPtuHXkybTs6
Vzq4BjOUm7T2Sf1ZcGRAE5+t8hCT3+LqWyULB7MLBsGTS1NHsJX1ql9G5V9j3lEU
4gRvxfqkM4yatduDVyOVfvPYvaY4FgWG9p5A7J9LYyD+3nf7MO6TZTPO37WO/0QO
jdbBfeK86ofO1JSg2qeUI9NEbNUi6hxmgA95kkGYupcn
-----END CERTIFICATE-----
Generated at Tue May 12 23:28:19 2026 by rpki-client