Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/49b2b5d5-46a7-42a3-9900-bcb7e3edffdb.roa
File: 49b2b5d5-46a7-42a3-9900-bcb7e3edffdb.roa (raw, json)
Hash identifier: Jc7MtsowCO3IbkpESgDGm9b6KPkkQmJ9SOfoF4PnwVQ=
Subject key identifier: 9B:37:6E:63:01:2D:9E:B8:A5:15:7E:C2:B1:5D:74:77:54:9C:BF:1F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 34C7F964F89414C66E9EB203C491D52C4656905B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/49b2b5d5-46a7-42a3-9900-bcb7e3edffdb.roa
Signing time: Tue 19 May 2026 06:00:53 +0000
ROA not before: Tue 19 May 2026 06:00:53 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.192.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Jun 2026 13:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:c7:f9:64:f8:94:14:c6:6e:9e:b2:03:c4:91:d5:2c:46:56:90:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 06:00:53 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=2c92fcc088bdaf4c90e071c915ef97718c54754b5b8118b199662b907892e10a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:ed:23:a8:55:ca:ea:cc:84:c7:2a:d9:0f:5b:
c2:75:af:ea:07:ad:bd:f6:18:ea:43:74:87:a5:13:
4b:4b:f3:c0:73:fc:e0:0d:c1:5c:96:27:b8:cf:28:
c3:f7:75:87:89:41:0d:1b:52:d8:10:24:8b:ae:a1:
3a:a5:05:63:df:17:66:05:f1:9a:fb:e3:24:78:08:
61:5c:37:9a:41:02:af:5f:b5:52:ee:7c:4b:d0:79:
27:94:2c:b7:68:09:ab:29:e6:1a:18:40:d3:00:f9:
70:62:ad:50:27:25:8d:12:97:29:18:2a:a4:3d:d3:
83:67:84:c1:8f:d3:50:00:ea:1d:3c:25:9a:dc:93:
4f:e6:1c:a4:17:57:bc:0e:a3:f8:70:09:06:9b:e8:
c2:f9:3a:fa:72:4a:51:44:e4:ee:32:5b:28:b7:f0:
39:c9:9e:52:42:f8:76:ca:ae:69:95:a0:f8:a1:54:
cd:05:db:57:33:a4:af:d7:a5:8d:bd:b6:50:cd:54:
a6:dc:1c:c4:d4:c3:d2:88:66:57:fe:20:63:6f:66:
ad:16:24:89:a0:9b:c1:67:53:15:15:1e:fe:00:7a:
dc:64:c0:9c:25:47:29:0a:6f:3d:cd:18:37:da:b1:
f9:10:36:88:84:00:93:b4:0b:49:b4:ee:b3:0e:08:
90:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:37:6E:63:01:2D:9E:B8:A5:15:7E:C2:B1:5D:74:77:54:9C:BF:1F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/49b2b5d5-46a7-42a3-9900-bcb7e3edffdb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.192.0.0/15
Signature Algorithm: sha256WithRSAEncryption
78:be:b1:9d:77:5b:a9:d2:7f:29:76:36:93:26:52:19:0f:a8:
f1:e8:35:4d:a8:64:d8:c6:d9:76:2f:51:ec:b1:23:70:1f:5f:
0c:19:fa:95:f8:b6:12:22:97:7a:f7:36:93:93:ed:9d:cf:2a:
88:84:1d:f0:2f:7a:c7:28:45:83:bf:27:99:29:a9:a9:b6:e2:
54:06:a0:c3:98:cc:24:78:a8:5c:fc:4e:4d:a5:9e:86:fc:3c:
44:8f:df:8d:56:17:95:7f:bf:e6:7b:82:91:7f:45:9f:50:3f:
15:b9:2b:a6:e8:65:37:3e:73:54:2f:91:e1:a3:65:0e:a2:49:
9e:c2:e4:9b:bf:93:0e:fc:76:98:82:b8:67:73:3c:82:9d:6d:
be:71:77:04:a8:1e:0d:f0:61:49:7c:87:03:df:31:bf:2f:db:
9d:e5:b1:e8:e7:3f:e8:29:05:34:92:12:0d:da:27:98:1c:f7:
74:38:f2:b3:79:26:47:f6:b5:4c:44:52:57:07:57:cb:b1:76:
34:3e:3f:da:38:a2:f5:fe:ec:7b:08:72:bd:c3:36:90:10:98:
65:53:83:3d:97:7c:2b:0d:f1:db:a5:01:5d:e7:4b:8e:3d:ea:
ce:d1:d2:c8:27:55:ee:84:7e:e1:4c:a7:d8:11:68:8d:7b:82:
2c:68:7d:de
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUNMf5ZPiUFMZunrIDxJHVLEZWkFswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNjAwNTNaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDJjOTJmY2MwODhiZGFmNGM5MGUwNzFjOTE1ZWY5NzcxOGM1NDc1NGI1Yjgx
MThiMTk5NjYyYjkwNzg5MmUxMGExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOPtI6hVyurMhMcq2Q9bwnWv6getvfYY6kN0h6UTS0vzwHP84A3BXJYnuM8o
w/d1h4lBDRtS2BAki66hOqUFY98XZgXxmvvjJHgIYVw3mkECr1+1Uu58S9B5J5Qs
t2gJqynmGhhA0wD5cGKtUCcljRKXKRgqpD3Tg2eEwY/TUADqHTwlmtyTT+YcpBdX
vA6j+HAJBpvowvk6+nJKUUTk7jJbKLfwOcmeUkL4dsquaZWg+KFUzQXbVzOkr9el
jb22UM1UptwcxNTD0ohmV/4gY29mrRYkiaCbwWdTFRUe/gB63GTAnCVHKQpvPc0Y
N9qx+RA2iIQAk7QLSbTusw4IkBsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSbN25j
AS2euKUVfsKxXXR3VJy/HzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDliMmI1ZDUtNDZhNy00MmEzLTk5MDAtYmNiN2UzZWRmZmRiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPAMA0G
CSqGSIb3DQEBCwUAA4IBAQB4vrGdd1up0n8pdjaTJlIZD6jx6DVNqGTYxtl2L1Hs
sSNwH18MGfqV+LYSIpd69zaTk+2dzyqIhB3wL3rHKEWDvyeZKamptuJUBqDDmMwk
eKhc/E5NpZ6G/DxEj9+NVheVf7/me4KRf0WfUD8VuSum6GU3PnNUL5Hho2UOokme
wuSbv5MO/HaYgrhnczyCnW2+cXcEqB4N8GFJfIcD3zG/L9ud5bHo5z/oKQU0khIN
2ieYHPd0OPKzeSZH9rVMRFJXB1fLsXY0Pj/aOKL1/ux7CHK9wzaQEJhlU4M9l3wr
DfHbpQFd50uOPerO0dLIJ1XuhH7hTKfYEWiNe4IsaH3e
-----END CERTIFICATE-----
Generated at Sat Jun 6 20:14:28 2026 by rpki-client