Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/42f47c85-e9fe-40f9-ae1c-57ea1b805412.roa
File: 42f47c85-e9fe-40f9-ae1c-57ea1b805412.roa (raw, json)
Hash identifier: J1utIEoR6IIGQMnfNiOFzRDyfHiYQKEIrM7lZXNEZGw=
Subject key identifier: 41:A5:BF:9F:8E:54:F0:B3:08:DA:42:C1:14:1B:ED:1A:1F:01:33:F8
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0748975EE3FF0CA7469B2E336EB9904156ABF141
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/42f47c85-e9fe-40f9-ae1c-57ea1b805412.roa
Signing time: Mon 27 Apr 2026 00:40:10 +0000
ROA not before: Mon 27 Apr 2026 00:40:10 +0000
ROA not after: Sun 26 Jul 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.24.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 04 May 2026 11:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:48:97:5e:e3:ff:0c:a7:46:9b:2e:33:6e:b9:90:41:56:ab:f1:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 27 00:40:10 2026 GMT
Not After : Jul 26 23:59:59 2026 GMT
Subject: serialNumber=c14578955528a3ad7f3b86ceb4c18efd6734ad625e7ac34c7f50083f9dc2f8cb, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:62:3e:3b:d5:0d:da:db:8e:f2:c3:8d:f7:b4:
5e:82:70:d0:5d:c3:b9:69:71:12:6b:ca:53:8a:a5:
94:f7:13:11:6f:0f:b3:f1:36:24:1c:ea:78:72:fa:
10:09:6d:5c:84:9e:13:90:32:90:58:31:d7:5a:7f:
e6:f5:d3:fa:7c:07:94:d1:c5:0e:06:5c:04:9f:6f:
10:43:33:d5:3c:0a:bf:9f:94:91:2d:fc:da:1d:8e:
30:a2:75:c7:2f:00:59:3c:2a:b0:c5:89:46:d9:73:
a3:31:1e:8e:a4:d0:45:50:66:e4:48:b5:60:e7:0b:
71:9b:e7:60:af:93:41:2f:28:37:c9:9e:cd:fe:c8:
65:92:6b:51:ab:58:57:a9:8d:88:4e:2a:2a:1e:88:
0f:eb:1f:05:fc:7a:28:2e:f6:3f:d6:55:b1:2e:ee:
c6:6f:00:c3:51:b6:9d:12:6d:5d:04:91:33:c4:cb:
b8:99:61:6d:b9:94:10:cc:e5:f5:69:de:45:3e:b4:
fc:96:b1:05:8f:7c:86:16:e9:e9:1a:60:bb:2d:97:
2b:88:e5:f6:5a:b6:66:36:7a:3f:b6:5a:bf:ce:a6:
6c:68:47:a1:29:61:ac:f5:4a:5a:ae:9a:77:d8:24:
da:55:ea:5a:4e:9e:b3:7d:47:5a:9a:9c:62:1a:57:
c3:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:A5:BF:9F:8E:54:F0:B3:08:DA:42:C1:14:1B:ED:1A:1F:01:33:F8
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/42f47c85-e9fe-40f9-ae1c-57ea1b805412.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.24.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4b:f0:d3:f2:fe:61:ff:27:df:cc:89:83:b8:66:96:fd:fa:ca:
d3:4d:1d:fe:7e:27:d6:86:0f:67:ab:e6:8b:9a:6f:16:54:17:
ee:8a:9f:c5:79:2f:e2:7b:3a:3f:92:d2:2e:2a:fe:3b:ec:9a:
6a:81:ba:c9:bc:c7:f0:17:09:c9:04:d4:b3:4a:4b:a1:70:1a:
2d:be:7f:c3:a0:51:51:8d:ca:3f:cd:b3:2c:56:19:ad:14:03:
fd:33:60:bf:98:84:8e:c0:04:d6:d2:56:46:16:f0:a5:94:b5:
2e:e8:d2:1c:cf:91:e2:38:cd:5b:26:25:61:d9:de:0f:bb:b5:
af:34:cd:4c:9f:fa:a4:cf:73:0d:3c:a6:be:b2:73:30:1c:cf:
dc:70:0b:7a:62:21:1e:df:cb:37:5e:a1:13:a5:e1:46:75:8d:
ee:cd:92:ea:6b:8c:23:30:79:aa:c6:a8:ef:f2:db:70:0e:63:
0f:06:b0:c7:64:aa:75:ba:97:b7:70:41:e9:a8:10:d9:f7:20:
67:ae:50:46:53:78:38:c0:e9:86:9f:3a:2c:b9:9e:74:19:17:
08:38:67:6c:82:ae:80:3d:04:f5:22:1d:8e:0c:2f:96:24:82:
f0:e6:cc:82:0a:98:f9:f4:3e:78:4c:a6:0d:26:0f:e3:8b:7c:
cc:ff:ea:c2
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUB0iXXuP/DKdGmy4zbrmQQVar8UEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA0MjcwMDQwMTBaFw0yNjA3MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGMxNDU3ODk1NTUyOGEzYWQ3ZjNiODZjZWI0YzE4ZWZkNjczNGFkNjI1ZTdh
YzM0YzdmNTAwODNmOWRjMmY4Y2IxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALdiPjvVDdrbjvLDjfe0XoJw0F3DuWlxEmvKU4qllPcTEW8Ps/E2JBzqeHL6
EAltXISeE5AykFgx11p/5vXT+nwHlNHFDgZcBJ9vEEMz1TwKv5+UkS382h2OMKJ1
xy8AWTwqsMWJRtlzozEejqTQRVBm5Ei1YOcLcZvnYK+TQS8oN8mezf7IZZJrUatY
V6mNiE4qKh6ID+sfBfx6KC72P9ZVsS7uxm8Aw1G2nRJtXQSRM8TLuJlhbbmUEMzl
9WneRT60/JaxBY98hhbp6Rpguy2XK4jl9lq2ZjZ6P7Zav86mbGhHoSlhrPVKWq6a
d9gk2lXqWk6es31HWpqcYhpXw2ECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRBpb+f
jlTwswjaQsEUG+0aHwEz+DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDJmNDdjODUtZTlmZS00MGY5LWFlMWMtNTdlYTFiODA1NDEyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMYMA0G
CSqGSIb3DQEBCwUAA4IBAQBL8NPy/mH/J9/MiYO4Zpb9+srTTR3+fifWhg9nq+aL
mm8WVBfuip/FeS/iezo/ktIuKv477JpqgbrJvMfwFwnJBNSzSkuhcBotvn/DoFFR
jco/zbMsVhmtFAP9M2C/mISOwATW0lZGFvCllLUu6NIcz5HiOM1bJiVh2d4Pu7Wv
NM1Mn/qkz3MNPKa+snMwHM/ccAt6YiEe38s3XqETpeFGdY3uzZLqa4wjMHmqxqjv
8ttwDmMPBrDHZKp1upe3cEHpqBDZ9yBnrlBGU3g4wOmGnzosuZ50GRcIOGdsgq6A
PQT1Ih2ODC+WJILw5syCCpj59D54TKYNJg/ji3zM/+rC
-----END CERTIFICATE-----
Generated at Sun May 3 16:11:13 2026 by rpki-client