Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f9c2130f-6f88-42ac-853e-f39d188adb6d.roa
File: f9c2130f-6f88-42ac-853e-f39d188adb6d.roa (raw, json)
Hash identifier: JnFpY5aoQq4VRp0WGf+nHS1KQLvbFsvpqFgK5ObSj6s=
Subject key identifier: 75:C5:44:26:25:7E:23:AA:D6:95:38:E6:33:4B:4B:66:93:67:E3:8D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6CCE8D5C8AB639CCB56A5CDBFBCC585356AE16F8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f9c2130f-6f88-42ac-853e-f39d188adb6d.roa
Signing time: Mon 04 May 2026 15:30:23 +0000
ROA not before: Mon 04 May 2026 15:30:23 +0000
ROA not after: Sun 02 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.232.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:ce:8d:5c:8a:b6:39:cc:b5:6a:5c:db:fb:cc:58:53:56:ae:16:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 4 15:30:23 2026 GMT
Not After : Aug 2 23:59:59 2026 GMT
Subject: serialNumber=bd1236313c52124ada2f272d06c95d6aaf946addb5f485f9a7bd9da25b0d967e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:fd:f1:63:fe:b7:9d:32:5f:2e:11:dc:0c:72:
e9:8d:9f:d4:62:05:d5:6a:fc:3e:70:be:2c:e4:07:
78:4b:5b:07:c2:1d:11:4a:df:62:40:36:9f:1e:59:
9d:31:24:ac:74:ce:ed:07:46:fc:ff:26:22:b5:9c:
cf:17:91:40:8f:2d:38:47:47:a5:93:2e:dc:da:23:
15:3d:1a:a0:58:61:40:3a:fb:a5:a2:9b:b2:0b:17:
4a:24:cf:28:d8:28:40:3e:a2:76:0e:84:f5:a4:20:
8d:62:12:ad:b1:fa:46:a5:73:48:0a:64:2e:4b:70:
88:98:b3:a3:46:ef:40:79:ae:10:dd:27:1a:45:f1:
c0:44:b8:39:c1:2f:19:db:18:fb:6a:fb:63:64:56:
40:9b:9b:d0:83:6a:b4:a9:8d:33:cc:43:52:05:fe:
67:ad:11:cc:4a:72:b3:e8:f6:b0:b8:f5:c1:ba:35:
a1:f4:89:bf:27:ff:3d:09:40:b7:0a:f2:0e:5c:ef:
3c:89:0c:ad:75:0d:c0:b3:15:da:60:d9:4d:a1:ed:
88:d5:9c:98:9a:fb:06:6d:5d:c7:32:cd:be:de:0b:
dc:74:34:6b:81:b1:22:6d:fc:05:ba:f3:3c:13:5e:
93:c9:82:a1:fe:7d:a3:ee:42:3c:c1:a1:d1:c4:a9:
71:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:C5:44:26:25:7E:23:AA:D6:95:38:E6:33:4B:4B:66:93:67:E3:8D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f9c2130f-6f88-42ac-853e-f39d188adb6d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.232.0.0/15
Signature Algorithm: sha256WithRSAEncryption
18:e4:4f:f7:23:01:dd:26:50:92:47:22:32:61:3e:59:04:58:
00:04:aa:d4:48:8c:e6:a1:90:0f:8b:89:59:c2:c8:52:06:fd:
b9:86:e5:c2:04:36:dd:a6:af:c7:50:7c:fd:c6:4e:b9:94:32:
61:34:4a:74:df:c6:b5:03:68:33:18:86:50:ad:9a:79:f8:09:
e4:05:af:b8:99:6a:65:89:86:bb:98:eb:24:5d:ec:f0:99:e7:
16:83:ab:cc:29:85:62:49:f6:1d:17:3b:8a:f7:0d:2b:2b:2e:
84:52:eb:ca:6e:f5:5c:52:80:bf:6e:be:33:b6:d9:e3:47:3d:
96:e7:94:cc:36:4f:e8:48:4a:21:f9:0c:a8:50:61:26:88:bd:
ab:31:a7:e3:2c:7e:99:cf:c4:8a:54:76:11:b3:2c:10:82:ac:
07:e3:81:93:05:62:77:f7:24:98:d7:96:3d:28:53:7a:fa:fa:
68:c4:d0:24:aa:8a:d0:7e:ff:3f:68:fe:95:26:a6:ca:5f:87:
e0:7b:58:7e:73:dc:0e:a4:dc:39:3e:45:d8:6e:b4:6f:d7:b5:
72:de:e0:16:87:89:18:b0:91:85:30:67:56:50:20:ac:c9:c8:
00:8b:43:4d:f6:19:a3:81:99:3d:42:4f:82:7c:d2:1b:64:b4:
ef:91:27:c7
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUbM6NXIq2Ocy1alzb+8xYU1auFvgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MDQxNTMwMjNaFw0yNjA4MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQGJkMTIzNjMxM2M1MjEyNGFkYTJmMjcyZDA2Yzk1ZDZhYWY5NDZhZGRiNWY0
ODVmOWE3YmQ5ZGEyNWIwZDk2N2UxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPX98WP+t50yXy4R3Axy6Y2f1GIF1Wr8PnC+LOQHeEtbB8IdEUrfYkA2nx5Z
nTEkrHTO7QdG/P8mIrWczxeRQI8tOEdHpZMu3NojFT0aoFhhQDr7paKbsgsXSiTP
KNgoQD6idg6E9aQgjWISrbH6RqVzSApkLktwiJizo0bvQHmuEN0nGkXxwES4OcEv
GdsY+2r7Y2RWQJub0INqtKmNM8xDUgX+Z60RzEpys+j2sLj1wbo1ofSJvyf/PQlA
twryDlzvPIkMrXUNwLMV2mDZTaHtiNWcmJr7Bm1dxzLNvt4L3HQ0a4GxIm38Bbrz
PBNek8mCof59o+5CPMGh0cSpcVsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR1xUQm
JX4jqtaVOOYzS0tmk2fjjTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjljMjEzMGYtNmY4OC00MmFjLTg1M2UtZjM5ZDE4OGFkYjZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPoMA0G
CSqGSIb3DQEBCwUAA4IBAQAY5E/3IwHdJlCSRyIyYT5ZBFgABKrUSIzmoZAPi4lZ
wshSBv25huXCBDbdpq/HUHz9xk65lDJhNEp038a1A2gzGIZQrZp5+AnkBa+4mWpl
iYa7mOskXezwmecWg6vMKYViSfYdFzuK9w0rKy6EUuvKbvVcUoC/br4zttnjRz2W
55TMNk/oSEoh+QyoUGEmiL2rMafjLH6Zz8SKVHYRsywQgqwH44GTBWJ39ySY15Y9
KFN6+vpoxNAkqorQfv8/aP6VJqbKX4fge1h+c9wOpNw5PkXYbrRv17Vy3uAWh4kY
sJGFMGdWUCCsycgAi0NN9hmjgZk9Qk+CfNIbZLTvkSfH
-----END CERTIFICATE-----
Generated at Tue May 12 23:23:44 2026 by rpki-client