Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/87cbc454-e777-437d-a43a-911995d2a7ce.roa
File: 87cbc454-e777-437d-a43a-911995d2a7ce.roa (raw, json)
Hash identifier: B719DG27iKPpT390zC4bRcDO5z4iGzphojEonAqi3gQ=
Subject key identifier: 92:67:1A:66:C2:C5:45:94:B2:BD:3F:B3:82:67:B7:DC:AD:9C:DB:FD
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5609210E895030593F5A46D776685187AA512B94
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/87cbc454-e777-437d-a43a-911995d2a7ce.roa
Signing time: Mon 27 Apr 2026 00:40:03 +0000
ROA not before: Mon 27 Apr 2026 00:40:03 +0000
ROA not after: Sun 26 Jul 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.21.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:09:21:0e:89:50:30:59:3f:5a:46:d7:76:68:51:87:aa:51:2b:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 27 00:40:03 2026 GMT
Not After : Jul 26 23:59:59 2026 GMT
Subject: serialNumber=54ca9b305d2e6e213162d6e2f94e65bd79b68fd599bbf60453037a43e95711b8, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:0e:f5:63:fe:8b:6e:c9:c5:05:e5:f2:4a:df:
fc:53:45:19:3b:04:e8:0a:d2:63:5d:a5:52:a5:ea:
ff:64:3c:87:67:e5:09:5d:b5:11:b3:4f:05:20:78:
0c:ee:b3:1d:f4:b8:a3:05:17:90:f6:a3:2a:e3:01:
7a:08:e3:c1:77:aa:eb:76:63:2c:56:88:cc:e0:19:
f3:d3:fd:62:9c:bf:5b:6d:d1:04:f5:4a:79:ef:22:
c6:1e:bf:7d:dd:eb:10:0f:30:e8:8e:8e:f7:e0:09:
31:f5:da:7c:49:90:33:ec:7b:70:f4:13:ab:b3:c6:
18:10:13:7f:c2:5b:19:bf:dd:a0:a4:e1:6d:bb:70:
12:04:6c:bf:43:8c:2e:f2:d3:6c:02:7f:64:07:45:
19:bf:71:e0:66:77:a7:80:85:7f:ba:ea:da:03:dc:
81:41:31:63:62:4c:d8:2c:cb:47:9e:ec:90:7d:b9:
4f:39:17:8c:a5:8a:f1:76:28:2b:77:7f:2c:00:ee:
ab:8e:33:03:7d:28:f9:d8:56:f3:10:b3:49:7b:74:
c6:c9:c8:53:36:ff:96:c7:03:52:03:70:45:fe:70:
03:69:b6:1c:10:2d:c2:47:a4:d2:91:67:5a:d1:cf:
61:6f:26:2d:19:4b:11:e5:2f:3b:85:af:aa:f1:2e:
17:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:67:1A:66:C2:C5:45:94:B2:BD:3F:B3:82:67:B7:DC:AD:9C:DB:FD
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/87cbc454-e777-437d-a43a-911995d2a7ce.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.21.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6d:fd:34:b7:0b:45:bc:5d:3e:f9:99:22:3d:a6:fd:14:7a:4a:
a5:da:ec:9d:59:eb:b1:fc:6b:60:b1:02:5a:80:b0:d6:e7:8c:
c7:16:6e:6a:e9:eb:13:ae:61:d8:18:11:cd:30:17:36:64:64:
a4:bf:45:71:6f:a8:72:a7:85:27:13:49:19:a2:30:ec:78:f2:
25:f4:88:8d:e0:a6:98:2d:18:b8:23:a6:5d:e2:9f:6f:94:46:
b5:59:f0:3c:53:3f:bb:0a:d4:83:ec:67:b3:46:fb:42:02:0b:
20:92:c5:ea:2d:24:59:4b:08:f1:a2:b8:14:03:03:f7:ee:8e:
90:5a:b5:f6:65:f2:d6:6b:06:e1:4a:64:f4:a3:0e:c4:6a:9f:
94:9f:8c:83:74:f2:da:91:d3:7f:41:c7:75:93:cf:0d:0e:a7:
cd:c7:95:5b:fb:25:be:76:7b:28:69:aa:65:1b:48:ea:1a:23:
a2:5c:c3:d6:74:95:e5:f8:46:8f:35:7e:6d:62:39:2d:fc:66:
fe:1f:f4:b5:90:73:8b:94:cc:26:e4:3f:a2:9f:16:28:c5:96:
9a:50:67:ab:18:d7:99:49:6d:5e:75:27:70:b6:97:44:6c:b9:
e9:3e:6e:94:52:32:54:6b:6e:c6:ab:1d:69:13:e2:a4:63:71:
5c:63:f5:c6
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUVgkhDolQMFk/WkbXdmhRh6pRK5QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA0MjcwMDQwMDNaFw0yNjA3MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDU0Y2E5YjMwNWQyZTZlMjEzMTYyZDZlMmY5NGU2NWJkNzliNjhmZDU5OWJi
ZjYwNDUzMDM3YTQzZTk1NzExYjgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIcO9WP+i27JxQXl8krf/FNFGTsE6ArSY12lUqXq/2Q8h2flCV21EbNPBSB4
DO6zHfS4owUXkPajKuMBegjjwXeq63ZjLFaIzOAZ89P9Ypy/W23RBPVKee8ixh6/
fd3rEA8w6I6O9+AJMfXafEmQM+x7cPQTq7PGGBATf8JbGb/doKThbbtwEgRsv0OM
LvLTbAJ/ZAdFGb9x4GZ3p4CFf7rq2gPcgUExY2JM2CzLR57skH25TzkXjKWK8XYo
K3d/LADuq44zA30o+dhW8xCzSXt0xsnIUzb/lscDUgNwRf5wA2m2HBAtwkek0pFn
WtHPYW8mLRlLEeUvO4WvqvEuF/ECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSSZxpm
wsVFlLK9P7OCZ7fcrZzb/TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODdjYmM0NTQtZTc3Ny00MzdkLWE0M2EtOTExOTk1ZDJhN2NlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMVMA0G
CSqGSIb3DQEBCwUAA4IBAQBt/TS3C0W8XT75mSI9pv0Uekql2uydWeux/GtgsQJa
gLDW54zHFm5q6esTrmHYGBHNMBc2ZGSkv0Vxb6hyp4UnE0kZojDsePIl9IiN4KaY
LRi4I6Zd4p9vlEa1WfA8Uz+7CtSD7GezRvtCAgsgksXqLSRZSwjxorgUAwP37o6Q
WrX2ZfLWawbhSmT0ow7Eap+Un4yDdPLakdN/Qcd1k88NDqfNx5Vb+yW+dnsoaapl
G0jqGiOiXMPWdJXl+EaPNX5tYjkt/Gb+H/S1kHOLlMwm5D+inxYoxZaaUGerGNeZ
SW1edSdwtpdEbLnpPm6UUjJUa27Gqx1pE+KkY3FcY/XG
-----END CERTIFICATE-----
Generated at Tue May 12 23:12:41 2026 by rpki-client