Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c806309a-9e3e-4b0e-aad2-1356d070a437.roa
File: c806309a-9e3e-4b0e-aad2-1356d070a437.roa (raw, json)
Hash identifier: dlYs1LBaqwY8ETl2N6b+KuDH7nBmRvVnsodpU4Y+5R8=
Subject key identifier: 7A:72:79:46:D1:AA:CB:E2:6B:3B:01:CA:B2:1C:64:58:72:70:6F:1A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3462487DE8600A10D270FBCF5109B22DA8DC5343
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c806309a-9e3e-4b0e-aad2-1356d070a437.roa
Signing time: Mon 04 May 2026 15:30:07 +0000
ROA not before: Mon 04 May 2026 15:30:07 +0000
ROA not after: Sun 02 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a01:578:13::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 20:10:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:62:48:7d:e8:60:0a:10:d2:70:fb:cf:51:09:b2:2d:a8:dc:53:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 4 15:30:07 2026 GMT
Not After : Aug 2 23:59:59 2026 GMT
Subject: serialNumber=8bba0279bc6c07ce7fddb10cc6df778948b4154e8e2d712595c9af21ed5d24f1, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:d5:40:6b:62:b0:7b:c8:5e:8f:a9:dc:39:3d:
c8:79:61:8c:91:8e:15:ff:e7:00:ab:32:43:36:76:
3c:bb:be:2d:87:de:4c:df:9b:b1:c5:e1:e9:13:cf:
22:04:9b:ad:c1:49:44:60:93:b8:5e:1b:54:3d:ae:
99:cc:59:d1:c7:0a:c6:d7:9d:9b:5f:82:19:a8:9d:
10:63:ec:9c:45:e6:54:7b:0d:13:7e:17:9c:c8:8a:
53:2a:b7:69:89:31:1b:51:05:3c:7b:21:e2:a3:5e:
87:7a:96:11:1f:0f:10:01:6a:fc:7e:89:90:eb:9d:
c9:bf:3a:b2:95:68:d1:3b:4f:b4:12:22:72:a4:36:
f3:a2:f9:9e:c8:bb:e2:c7:45:55:10:cd:f8:0b:a2:
38:41:54:8b:f8:37:f6:e9:34:ed:01:a6:91:d1:24:
fe:df:39:33:c0:00:f9:a3:4c:a3:3c:06:24:3b:d8:
81:ce:e2:48:2a:64:ba:82:c4:82:82:dd:9e:7f:81:
6c:15:41:5c:d0:b1:07:ad:aa:ea:17:3d:f2:79:74:
53:69:93:de:f6:46:ba:19:86:9a:ce:f5:ec:32:9a:
0d:60:a3:21:4d:b8:8f:c2:45:a4:bc:98:26:05:22:
3d:24:32:a4:bb:a8:88:c1:ff:de:ad:64:a4:a2:3b:
f1:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:72:79:46:D1:AA:CB:E2:6B:3B:01:CA:B2:1C:64:58:72:70:6F:1A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c806309a-9e3e-4b0e-aad2-1356d070a437.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578:13::/48
Signature Algorithm: sha256WithRSAEncryption
6f:74:6e:bf:fe:41:5e:66:b8:de:c1:19:16:8f:fe:ca:48:f0:
00:5d:25:3e:69:47:f4:64:fb:08:7f:3e:a9:49:bc:36:64:eb:
c5:c2:c7:ef:aa:10:5d:a3:ff:71:42:8f:51:73:3d:99:53:b8:
32:c8:df:83:80:92:37:f4:7e:90:52:00:11:41:16:19:e1:29:
30:dd:4d:c3:13:20:2a:92:a5:63:c4:62:65:f9:42:ad:96:79:
70:56:5e:3e:ce:18:1e:df:6d:61:2a:7f:ef:25:50:c6:06:40:
2c:3e:8c:58:9b:1d:5c:9c:9c:33:ad:83:16:92:be:b2:21:ab:
e0:36:49:4c:2c:7e:d0:78:64:e5:71:55:ae:2d:4c:7b:05:b0:
39:39:da:c1:ab:c0:3c:5e:d7:6c:6b:57:e0:06:f4:88:cb:8e:
94:0e:b3:90:54:ce:12:2b:54:3d:47:d1:e8:92:2e:93:6c:2b:
a4:f0:4b:96:e5:85:48:d7:90:e4:6c:ff:d3:8a:ac:77:6e:c5:
44:e1:cb:56:e7:33:8a:b1:f2:a7:20:c0:f6:74:cf:1f:2a:77:
ce:ab:31:07:af:59:df:2e:98:a5:02:24:cf:ff:e2:48:9d:5b:
f7:05:24:8f:db:61:69:cc:b0:95:fd:1c:8d:14:88:1b:cd:12:
72:c4:2c:db
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUNGJIfehgChDScPvPUQmyLajcU0MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MDQxNTMwMDdaFw0yNjA4MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDhiYmEwMjc5YmM2YzA3Y2U3ZmRkYjEwY2M2ZGY3Nzg5NDhiNDE1NGU4ZTJk
NzEyNTk1YzlhZjIxZWQ1ZDI0ZjExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMzVQGtisHvIXo+p3Dk9yHlhjJGOFf/nAKsyQzZ2PLu+LYfeTN+bscXh6RPP
IgSbrcFJRGCTuF4bVD2umcxZ0ccKxtedm1+CGaidEGPsnEXmVHsNE34XnMiKUyq3
aYkxG1EFPHsh4qNeh3qWER8PEAFq/H6JkOudyb86spVo0TtPtBIicqQ286L5nsi7
4sdFVRDN+AuiOEFUi/g39uk07QGmkdEk/t85M8AA+aNMozwGJDvYgc7iSCpkuoLE
goLdnn+BbBVBXNCxB62q6hc98nl0U2mT3vZGuhmGms717DKaDWCjIU24j8JFpLyY
JgUiPSQypLuoiMH/3q1kpKI78e8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR6cnlG
0arL4ms7AcqyHGRYcnBvGjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzgwNjMwOWEtOWUzZS00YjBlLWFhZDItMTM1NmQwNzBhNDM3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoBBXgA
EzANBgkqhkiG9w0BAQsFAAOCAQEAb3Ruv/5BXma43sEZFo/+ykjwAF0lPmlH9GT7
CH8+qUm8NmTrxcLH76oQXaP/cUKPUXM9mVO4Msjfg4CSN/R+kFIAEUEWGeEpMN1N
wxMgKpKlY8RiZflCrZZ5cFZePs4YHt9tYSp/7yVQxgZALD6MWJsdXJycM62DFpK+
siGr4DZJTCx+0Hhk5XFVri1MewWwOTnawavAPF7XbGtX4Ab0iMuOlA6zkFTOEitU
PUfR6JIuk2wrpPBLluWFSNeQ5Gz/04qsd27FROHLVuczirHypyDA9nTPHyp3zqsx
B69Z3y6YpQIkz//iSJ1b9wUkj9thacywlf0cjRSIG80ScsQs2w==
-----END CERTIFICATE-----
Generated at Wed May 13 02:42:26 2026 by rpki-client