Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/226b8c83-9647-47e2-847b-1787f3d54040.roa
File: 226b8c83-9647-47e2-847b-1787f3d54040.roa (raw, json)
Hash identifier: rHH0Axlh4Jr7pjy24VMs46p1jMt3cVhQokiU/Ov2acE=
Subject key identifier: 12:2C:69:B0:C9:BB:4F:94:41:4B:7A:0E:4C:F9:83:D6:A1:9E:C8:85
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2A6F1451B68B6CFD231139E444666A6852131E8B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/226b8c83-9647-47e2-847b-1787f3d54040.roa
Signing time: Mon 27 Apr 2026 00:40:05 +0000
ROA not before: Mon 27 Apr 2026 00:40:05 +0000
ROA not after: Sun 26 Jul 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.94.0.0/15 maxlen: 15
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 04 May 2026 05:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:6f:14:51:b6:8b:6c:fd:23:11:39:e4:44:66:6a:68:52:13:1e:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 27 00:40:05 2026 GMT
Not After : Jul 26 23:59:59 2026 GMT
Subject: serialNumber=817960e3b2904250a06640ef81b3c707cee12f0c7460f63bd601ebe7aface88c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:a6:7b:1c:9d:f5:25:5b:79:ee:3e:4c:27:7a:
40:ed:06:e6:23:c9:b3:d4:db:4f:82:0d:06:4b:e4:
2f:e8:d4:64:6a:c2:d2:9b:55:c0:aa:0b:db:e4:5a:
1c:73:16:28:70:f9:91:36:e7:76:65:26:a1:f5:b7:
1a:0c:00:c4:f0:ea:5c:79:91:56:22:af:9d:f7:c3:
2e:80:44:67:26:f9:fa:7f:fe:6e:20:2f:13:fa:b1:
74:81:17:2c:f9:b2:7a:68:d6:42:5f:9c:e7:8c:6d:
df:06:20:75:e1:21:e7:d9:a7:b1:53:cd:ab:8b:9d:
09:06:df:49:39:1a:5c:19:d7:20:b9:b7:5c:bf:fc:
63:59:ed:5f:7b:2a:58:7d:b1:54:13:74:6a:97:03:
8d:f2:39:fb:a6:39:36:bc:4b:63:fe:4e:80:35:31:
b1:20:cc:34:e9:60:47:6c:57:cf:4f:44:4e:f2:13:
f3:97:f2:4f:22:ea:d2:14:b5:7e:df:57:39:32:6b:
ec:6a:bb:8f:a7:ca:86:20:06:fc:f6:b0:d7:f7:2d:
74:16:5a:2a:71:6b:cc:b9:f3:c9:1b:a9:b8:92:0f:
5a:07:8e:dc:49:d7:17:05:ce:c3:01:91:e1:a5:33:
1b:7a:ad:2d:5d:d4:cf:be:52:c7:09:2a:4e:e4:02:
3b:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:2C:69:B0:C9:BB:4F:94:41:4B:7A:0E:4C:F9:83:D6:A1:9E:C8:85
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/226b8c83-9647-47e2-847b-1787f3d54040.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.94.0.0/15
Signature Algorithm: sha256WithRSAEncryption
85:f8:09:f0:ac:58:be:27:32:34:0d:1e:6e:93:c9:ac:35:5d:
80:a1:e4:3e:1e:3d:89:52:b1:5a:4b:f5:2c:1f:a7:14:08:27:
1d:51:d2:1a:12:29:e4:0a:95:f4:38:dc:1c:54:5c:a4:d2:ce:
08:d5:0a:d8:f3:d0:b8:52:e3:0e:1f:7f:8d:e7:68:db:a0:b9:
26:8d:12:b6:6b:db:60:b3:89:ec:4e:54:fd:a6:8d:16:5b:54:
a2:31:87:27:47:79:fa:70:e6:7c:a7:8b:56:ef:4c:79:83:f4:
d3:d9:32:83:91:30:cb:0c:73:fa:61:e0:3a:96:74:ea:79:66:
2c:fc:2c:6e:e4:34:3a:ac:04:bb:cb:34:0d:20:bd:3e:6f:52:
50:2d:d9:1b:7a:9b:9e:ec:f3:b2:d5:c7:45:1a:24:90:e8:f4:
b1:45:bd:9d:16:65:14:97:63:ea:08:d3:65:70:6c:9a:a1:62:
6b:7e:55:b4:e8:3d:c3:28:c1:11:f7:31:7f:70:0e:3c:50:95:
e8:b0:77:8e:0e:92:49:1b:d1:e2:45:39:df:84:c9:f9:05:61:
ce:3e:00:f5:9b:fb:2b:a1:28:a6:4e:9d:a6:c3:98:fa:90:5f:
c2:91:be:ea:a4:80:5e:40:3f:69:0b:c5:42:b4:de:da:9a:3a:
22:ed:9b:8d
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUKm8UUbaLbP0jETnkRGZqaFITHoswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA0MjcwMDQwMDVaFw0yNjA3MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDgxNzk2MGUzYjI5MDQyNTBhMDY2NDBlZjgxYjNjNzA3Y2VlMTJmMGM3NDYw
ZjYzYmQ2MDFlYmU3YWZhY2U4OGMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL2mexyd9SVbee4+TCd6QO0G5iPJs9TbT4INBkvkL+jUZGrC0ptVwKoL2+Ra
HHMWKHD5kTbndmUmofW3GgwAxPDqXHmRViKvnffDLoBEZyb5+n/+biAvE/qxdIEX
LPmyemjWQl+c54xt3wYgdeEh59mnsVPNq4udCQbfSTkaXBnXILm3XL/8Y1ntX3sq
WH2xVBN0apcDjfI5+6Y5NrxLY/5OgDUxsSDMNOlgR2xXz09ETvIT85fyTyLq0hS1
ft9XOTJr7Gq7j6fKhiAG/Paw1/ctdBZaKnFrzLnzyRupuJIPWgeO3EnXFwXOwwGR
4aUzG3qtLV3Uz75SxwkqTuQCO8sCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQSLGmw
ybtPlEFLeg5M+YPWoZ7IhTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjI2YjhjODMtOTY0Ny00N2UyLTg0N2ItMTc4N2YzZDU0MDQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATNeMA0G
CSqGSIb3DQEBCwUAA4IBAQCF+AnwrFi+JzI0DR5uk8msNV2AoeQ+Hj2JUrFaS/Us
H6cUCCcdUdIaEinkCpX0ONwcVFyk0s4I1QrY89C4UuMOH3+N52jboLkmjRK2a9tg
s4nsTlT9po0WW1SiMYcnR3n6cOZ8p4tW70x5g/TT2TKDkTDLDHP6YeA6lnTqeWYs
/Cxu5DQ6rAS7yzQNIL0+b1JQLdkbepue7POy1cdFGiSQ6PSxRb2dFmUUl2PqCNNl
cGyaoWJrflW06D3DKMER9zF/cA48UJXosHeODpJJG9HiRTnfhMn5BWHOPgD1m/sr
oSimTp2mw5j6kF/Ckb7qpIBeQD9pC8VCtN7amjoi7ZuN
-----END CERTIFICATE-----
Generated at Sun May 3 14:48:06 2026 by rpki-client