Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/81bd2649-ad60-4c6a-bdf9-7b775e3d060e.roa
File: 81bd2649-ad60-4c6a-bdf9-7b775e3d060e.roa (raw, json)
Hash identifier: 51QJ0Adv3E8HZFvbXuLztVntTRbeLER6L2v/OjWCcmY=
Subject key identifier: BF:04:5F:E6:7B:9E:B7:A5:E1:F8:88:74:BB:AC:D3:77:E3:53:25:3A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 752F3E78F6087027EA2C39E76E2B15878C5DB3CF
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/81bd2649-ad60-4c6a-bdf9-7b775e3d060e.roa
Signing time: Mon 04 May 2026 15:30:10 +0000
ROA not before: Mon 04 May 2026 15:30:10 +0000
ROA not after: Sun 02 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a01:578::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:2f:3e:78:f6:08:70:27:ea:2c:39:e7:6e:2b:15:87:8c:5d:b3:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 4 15:30:10 2026 GMT
Not After : Aug 2 23:59:59 2026 GMT
Subject: serialNumber=b4625a544422a31ef38bb048c183d8c0685a1d7d46c61ac57d3033c4489339a8, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:b0:fa:76:1d:ca:51:e1:af:0e:73:ec:e3:bb:
f3:77:3d:0b:3b:dd:53:91:a1:9d:30:57:70:be:91:
17:b0:20:eb:ee:81:19:d1:a7:df:40:64:22:87:4f:
8a:7a:4e:d1:13:c7:16:10:02:f0:5d:a3:d2:2e:7c:
12:09:66:6a:fb:22:46:71:82:fa:8f:69:3d:92:ed:
1c:6d:32:38:ae:a9:21:a5:65:3d:0d:20:7d:0f:a2:
c7:ab:8d:43:15:59:58:7f:67:13:e0:09:20:e8:4c:
60:5b:f6:f9:b6:fa:e3:d1:60:51:d2:10:30:7c:f4:
a1:5c:1e:aa:27:68:f8:18:4a:93:23:10:14:57:87:
64:77:80:fc:34:0e:bb:16:d6:22:ae:1c:d4:6c:f0:
f0:4c:47:39:63:ee:e8:df:ed:26:52:19:b4:21:cf:
46:d8:be:fa:fc:63:45:e0:d1:f0:f7:bb:ef:ae:fa:
19:6e:9f:4c:67:1d:ee:56:e9:19:9d:f2:a3:10:33:
6a:b3:5d:3a:33:0f:f1:0b:bc:b7:b5:8d:e8:6d:50:
76:16:61:77:29:b2:57:6c:6b:11:2a:42:81:8d:3e:
39:c2:59:58:45:34:a6:34:8c:3f:8d:9d:7b:07:00:
de:a6:03:2e:6d:b7:75:98:ed:f1:3a:67:3d:38:39:
ff:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:04:5F:E6:7B:9E:B7:A5:E1:F8:88:74:BB:AC:D3:77:E3:53:25:3A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/81bd2649-ad60-4c6a-bdf9-7b775e3d060e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578::/32
Signature Algorithm: sha256WithRSAEncryption
69:e3:2b:14:5c:9d:cb:41:aa:7d:36:0d:62:64:62:ee:1d:00:
58:95:81:6d:42:20:3b:d4:5c:c6:e9:9d:e4:e6:f8:9f:a0:e9:
fb:bb:14:c6:21:4a:31:5e:5e:43:d5:2c:80:cd:08:ef:5c:27:
62:18:15:f0:c3:32:f7:4e:e9:3b:8a:e3:cc:ad:52:8b:a1:dc:
a9:83:7b:5c:50:39:9a:7f:8b:71:f8:d4:ba:6d:72:30:1d:83:
80:d7:f3:2b:81:56:4b:38:6e:d4:01:09:d6:c1:68:91:2c:64:
65:db:56:dc:71:13:34:0e:04:ff:8e:83:a4:24:a9:7e:8b:97:
2d:d1:75:e9:1e:5c:fc:05:d2:52:d1:a2:92:d6:90:72:13:91:
3c:72:85:40:27:67:08:f3:e6:40:54:5b:2e:42:70:ce:1d:ac:
68:6f:74:ac:3e:b8:89:2e:37:10:ac:61:b0:bb:49:af:ef:85:
6f:1d:9a:8e:d0:db:06:53:56:35:7f:8b:23:1d:fd:cd:23:ee:
44:d4:69:95:fb:e9:51:52:b4:c3:29:08:79:4a:98:ae:23:b0:
61:85:c6:6d:c1:4a:6d:44:70:07:33:9c:ce:7a:57:5c:10:2a:
1c:4d:9e:ba:d9:bd:ba:12:47:63:58:74:37:4a:26:c5:ad:47:
c5:a1:7b:1a
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUdS8+ePYIcCfqLDnnbisVh4xds88wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MDQxNTMwMTBaFw0yNjA4MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQGI0NjI1YTU0NDQyMmEzMWVmMzhiYjA0OGMxODNkOGMwNjg1YTFkN2Q0NmM2
MWFjNTdkMzAzM2M0NDg5MzM5YTgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALyw+nYdylHhrw5z7OO783c9CzvdU5GhnTBXcL6RF7Ag6+6BGdGn30BkIodP
inpO0RPHFhAC8F2j0i58EglmavsiRnGC+o9pPZLtHG0yOK6pIaVlPQ0gfQ+ix6uN
QxVZWH9nE+AJIOhMYFv2+bb649FgUdIQMHz0oVweqido+BhKkyMQFFeHZHeA/DQO
uxbWIq4c1Gzw8ExHOWPu6N/tJlIZtCHPRti++vxjReDR8Pe77676GW6fTGcd7lbp
GZ3yoxAzarNdOjMP8Qu8t7WN6G1QdhZhdymyV2xrESpCgY0+OcJZWEU0pjSMP42d
ewcA3qYDLm23dZjt8TpnPTg5/yECAwEAAaOCAiIwggIeMB0GA1UdDgQWBBS/BF/m
e563peH4iHS7rNN341MlOjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODFiZDI2NDktYWQ2MC00YzZhLWJkZjktN2I3NzVlM2QwNjBlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoBBXgw
DQYJKoZIhvcNAQELBQADggEBAGnjKxRcnctBqn02DWJkYu4dAFiVgW1CIDvUXMbp
neTm+J+g6fu7FMYhSjFeXkPVLIDNCO9cJ2IYFfDDMvdO6TuK48ytUouh3KmDe1xQ
OZp/i3H41LptcjAdg4DX8yuBVks4btQBCdbBaJEsZGXbVtxxEzQOBP+Og6QkqX6L
ly3RdekeXPwF0lLRopLWkHITkTxyhUAnZwjz5kBUWy5CcM4drGhvdKw+uIkuNxCs
YbC7Sa/vhW8dmo7Q2wZTVjV/iyMd/c0j7kTUaZX76VFStMMpCHlKmK4jsGGFxm3B
Sm1EcAcznM56V1wQKhxNnrrZvboSR2NYdDdKJsWtR8Whexo=
-----END CERTIFICATE-----
Generated at Tue May 12 23:32:51 2026 by rpki-client