Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2b51d415-1366-43ea-8ce9-f13b63a2c827.roa
File: 2b51d415-1366-43ea-8ce9-f13b63a2c827.roa (raw, json)
Hash identifier: ojyJ/cCINVdFA1ZU6aRk7flPFWYkLm2JNVhlIPdtNBQ=
Subject key identifier: DE:3D:DE:FA:5F:13:89:B7:E6:5E:7C:E5:DD:C6:10:44:4C:52:63:53
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 46BAC6C5DB59242E4AC9F6368991739C1A71E98F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2b51d415-1366-43ea-8ce9-f13b63a2c827.roa
Signing time: Mon 27 Apr 2026 00:40:34 +0000
ROA not before: Mon 27 Apr 2026 00:40:34 +0000
ROA not after: Sun 26 Jul 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.45.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 04 May 2026 05:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:ba:c6:c5:db:59:24:2e:4a:c9:f6:36:89:91:73:9c:1a:71:e9:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 27 00:40:34 2026 GMT
Not After : Jul 26 23:59:59 2026 GMT
Subject: serialNumber=1d03c4ffcc4d28a06681b37764e00413e2f49c9aadefb1991ab13ff2ec2501eb, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:84:93:ee:49:a3:56:16:fc:c3:33:57:ee:9f:
94:4a:4e:13:f1:51:d3:ab:f4:54:4b:36:b0:34:47:
2d:a0:21:91:ed:01:ae:70:56:f3:ba:e4:7e:32:22:
15:4d:ee:15:5a:fa:b9:c6:87:a8:b0:a3:1f:a1:01:
b5:2a:39:cb:82:08:1e:ce:0f:01:98:e2:a2:30:0f:
88:93:00:3f:7f:a2:61:72:75:60:82:75:ae:b8:ec:
22:40:e5:8e:3e:e4:06:1a:57:03:2d:a9:40:da:c6:
0f:ea:f8:88:09:a2:2c:55:ac:a1:f1:bf:9b:88:aa:
7b:86:d1:9a:b6:b2:73:fb:35:b3:3f:09:c5:bd:bc:
f3:19:b7:fd:8b:ed:38:52:35:d6:af:e1:27:e9:56:
43:7e:42:cf:3d:b4:bd:b5:82:31:e0:74:cc:14:24:
b2:d0:33:8b:3e:d5:40:ab:81:d8:e9:cd:26:85:ae:
b5:da:43:c5:0b:1e:d2:48:cf:13:73:c1:a4:b4:df:
fc:b4:63:c3:92:14:80:7e:81:17:37:6a:41:c7:f8:
f4:90:c1:63:fb:47:7e:52:9f:44:7f:09:00:78:fd:
d9:d5:dc:2a:16:1b:f1:42:75:07:10:60:e7:14:44:
31:f6:96:e0:b7:cf:06:c3:e8:6c:5a:7c:81:c7:62:
db:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:3D:DE:FA:5F:13:89:B7:E6:5E:7C:E5:DD:C6:10:44:4C:52:63:53
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2b51d415-1366-43ea-8ce9-f13b63a2c827.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.45.0.0/16
Signature Algorithm: sha256WithRSAEncryption
d2:58:20:ad:0c:55:9e:71:8b:d2:65:1f:f7:86:bd:e4:ba:2b:
8d:77:6e:cf:4e:51:d6:bb:fb:3c:c9:ba:46:92:5d:a5:36:ca:
d1:d3:a1:22:8b:c0:e8:e1:21:b4:11:75:1b:1b:c4:0c:d1:03:
ef:6f:41:91:18:5d:49:41:e2:92:c8:b1:fa:36:d5:42:6a:33:
3e:fa:92:c4:c1:20:0f:a6:32:c3:24:7b:e2:6a:99:c1:41:69:
97:db:e5:24:08:f1:be:d4:8d:91:30:23:15:c7:13:6d:b7:7f:
23:4c:20:c0:85:67:64:f0:69:ce:82:e6:af:11:f2:9f:b0:3b:
3c:e9:57:29:59:d6:3a:1d:6b:ae:2d:58:fe:77:2f:9a:38:5c:
6d:ec:a0:2a:65:f1:6d:07:07:2f:c3:5c:98:69:1a:ff:9c:8b:
3d:5a:bb:8a:6b:bb:0f:a8:9b:2a:c0:fa:56:ca:bb:a6:62:d0:
43:0e:1b:4a:08:ef:53:1b:93:9c:0f:58:bd:e2:58:dc:11:ce:
9f:48:6c:c9:ca:3d:11:45:21:fb:9c:4d:ca:b5:55:8a:e3:f1:
6e:97:6b:0a:bc:e9:61:ce:c5:a4:c3:8b:61:66:4c:fe:0c:28:
c9:eb:2b:41:a0:3e:d8:31:d8:5d:e6:f8:06:12:2a:fe:1c:b7:
92:8d:d4:14
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIURrrGxdtZJC5KyfY2iZFznBpx6Y8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA0MjcwMDQwMzRaFw0yNjA3MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDFkMDNjNGZmY2M0ZDI4YTA2NjgxYjM3NzY0ZTAwNDEzZTJmNDljOWFhZGVm
YjE5OTFhYjEzZmYyZWMyNTAxZWIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMWEk+5Jo1YW/MMzV+6flEpOE/FR06v0VEs2sDRHLaAhke0BrnBW87rkfjIi
FU3uFVr6ucaHqLCjH6EBtSo5y4IIHs4PAZjiojAPiJMAP3+iYXJ1YIJ1rrjsIkDl
jj7kBhpXAy2pQNrGD+r4iAmiLFWsofG/m4iqe4bRmrayc/s1sz8Jxb288xm3/Yvt
OFI11q/hJ+lWQ35Czz20vbWCMeB0zBQkstAziz7VQKuB2OnNJoWutdpDxQse0kjP
E3PBpLTf/LRjw5IUgH6BFzdqQcf49JDBY/tHflKfRH8JAHj92dXcKhYb8UJ1BxBg
5xREMfaW4LfPBsPobFp8gcdi2ycCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTePd76
XxOJt+ZefOXdxhBETFJjUzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmI1MWQ0MTUtMTM2Ni00M2VhLThjZTktZjEzYjYzYTJjODI3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMtMA0G
CSqGSIb3DQEBCwUAA4IBAQDSWCCtDFWecYvSZR/3hr3kuiuNd27PTlHWu/s8ybpG
kl2lNsrR06Eii8Do4SG0EXUbG8QM0QPvb0GRGF1JQeKSyLH6NtVCajM++pLEwSAP
pjLDJHviapnBQWmX2+UkCPG+1I2RMCMVxxNtt38jTCDAhWdk8GnOguavEfKfsDs8
6VcpWdY6HWuuLVj+dy+aOFxt7KAqZfFtBwcvw1yYaRr/nIs9WruKa7sPqJsqwPpW
yrumYtBDDhtKCO9TG5OcD1i94ljcEc6fSGzJyj0RRSH7nE3KtVWK4/Ful2sKvOlh
zsWkw4thZkz+DCjJ6ytBoD7YMdhd5vgGEir+HLeSjdQU
-----END CERTIFICATE-----
Generated at Sun May 3 15:23:58 2026 by rpki-client