Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5480e32c-3a23-4243-82e3-c7eea059d814.roa
File: 5480e32c-3a23-4243-82e3-c7eea059d814.roa (raw, json)
Hash identifier: CjNooiOu5WblrscSVJXfczNkIbFd+3wjnQZkOTnbWmY=
Subject key identifier: 65:8F:C6:12:80:AA:0E:D7:35:2A:89:19:6A:1E:B7:14:9D:EC:87:48
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 734382325B4B933ADAAFDFC62EA26C93F5B249DB
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5480e32c-3a23-4243-82e3-c7eea059d814.roa
Signing time: Mon 27 Apr 2026 00:40:34 +0000
ROA not before: Mon 27 Apr 2026 00:40:34 +0000
ROA not after: Sun 26 Jul 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.92.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 04 May 2026 05:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:43:82:32:5b:4b:93:3a:da:af:df:c6:2e:a2:6c:93:f5:b2:49:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 27 00:40:34 2026 GMT
Not After : Jul 26 23:59:59 2026 GMT
Subject: serialNumber=b8295d9932d7e832b57867dca5f4c213b5570ca8059c6e3461b4c3cad04b4309, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:91:66:aa:2e:2d:97:af:27:8a:24:8a:1d:06:
fa:82:8d:b9:46:9a:7e:b5:ac:89:66:dc:01:0e:69:
56:56:44:2c:8b:35:1a:dc:3e:cf:69:0f:e2:cf:f4:
66:98:11:a3:17:bf:21:be:00:3f:2b:ea:73:35:d1:
52:d1:b5:02:16:50:9c:09:a3:c2:f9:9c:3d:36:b8:
31:56:8c:36:a6:a5:5f:2c:46:a7:6a:1b:26:3e:ee:
ee:04:7b:eb:46:56:73:42:38:e4:22:47:78:aa:4e:
2a:5d:46:7f:d7:85:33:df:ba:43:1b:f2:d9:46:38:
06:37:cf:03:bd:7f:3e:fd:c9:bf:21:45:34:45:c1:
3d:c9:6e:39:dc:af:78:c9:96:d9:c3:11:2e:bf:5f:
b3:90:f5:1e:5e:0a:04:ca:53:a0:24:4c:99:0e:76:
91:18:28:1f:c8:4f:68:e4:a1:d5:62:7c:66:be:75:
9d:90:ff:66:7f:e7:84:a4:3a:79:3d:26:c4:b5:81:
fe:b1:67:f8:7a:85:5a:10:b2:9e:a6:d3:a8:3e:db:
7f:33:4f:4d:88:1e:1b:a7:49:78:bf:e6:ae:c7:82:
50:27:4c:44:aa:42:0a:5e:e6:71:af:e2:14:b0:cc:
7a:c5:1e:dd:05:32:f7:e5:ce:63:73:29:ff:e6:c5:
9d:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:8F:C6:12:80:AA:0E:D7:35:2A:89:19:6A:1E:B7:14:9D:EC:87:48
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5480e32c-3a23-4243-82e3-c7eea059d814.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.92.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b0:bc:a7:d4:98:14:6c:99:65:1f:83:e0:12:d6:11:5e:3e:4a:
e5:0d:8b:94:8c:f9:ef:8a:c7:7e:e1:f5:d6:d5:b9:43:17:26:
0b:5a:63:ed:52:4b:32:61:ab:62:3c:12:74:b9:49:55:68:1c:
98:be:ea:a8:22:fa:89:96:34:81:95:f4:d8:90:6d:4e:a6:4b:
60:e0:bb:f5:00:d2:1a:5a:39:69:41:59:1b:29:11:f8:15:6a:
e0:c1:d3:af:ec:ce:2b:a9:94:6c:f9:84:cd:f0:34:fd:46:8a:
fa:a0:9b:98:a7:32:57:83:bd:94:a5:bf:86:14:69:59:dd:75:
e6:d5:0b:4b:7f:1e:8c:31:6e:85:bf:fd:36:58:08:e1:98:53:
95:67:12:ce:b0:94:f8:cb:90:1c:07:33:5f:33:6c:f0:b5:09:
b5:ad:f5:b6:5c:e1:6e:7c:6f:27:c8:c0:58:e1:e5:33:9a:eb:
84:7e:dd:02:96:df:19:29:fc:50:6a:cb:e1:96:9a:54:87:cc:
4b:10:7b:5b:56:94:36:b6:27:74:7f:40:37:43:d9:19:ce:7b:
54:c7:64:d2:fb:34:35:52:ce:e1:bc:62:86:81:b8:47:93:da:
18:df:e7:ba:b9:67:3c:7b:d3:77:34:8f:86:e2:7e:4d:d2:26:
24:8b:20:ab
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUc0OCMltLkzrar9/GLqJsk/WySdswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA0MjcwMDQwMzRaFw0yNjA3MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGI4Mjk1ZDk5MzJkN2U4MzJiNTc4NjdkY2E1ZjRjMjEzYjU1NzBjYTgwNTlj
NmUzNDYxYjRjM2NhZDA0YjQzMDkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKmRZqouLZevJ4okih0G+oKNuUaafrWsiWbcAQ5pVlZELIs1Gtw+z2kP4s/0
ZpgRoxe/Ib4APyvqczXRUtG1AhZQnAmjwvmcPTa4MVaMNqalXyxGp2obJj7u7gR7
60ZWc0I45CJHeKpOKl1Gf9eFM9+6Qxvy2UY4BjfPA71/Pv3JvyFFNEXBPcluOdyv
eMmW2cMRLr9fs5D1Hl4KBMpToCRMmQ52kRgoH8hPaOSh1WJ8Zr51nZD/Zn/nhKQ6
eT0mxLWB/rFn+HqFWhCynqbTqD7bfzNPTYgeG6dJeL/mrseCUCdMRKpCCl7mca/i
FLDMesUe3QUy9+XOY3Mp/+bFnQcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRlj8YS
gKoO1zUqiRlqHrcUneyHSDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTQ4MGUzMmMtM2EyMy00MjQzLTgyZTMtYzdlZWEwNTlkODE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNcMA0G
CSqGSIb3DQEBCwUAA4IBAQCwvKfUmBRsmWUfg+AS1hFePkrlDYuUjPnvisd+4fXW
1blDFyYLWmPtUksyYatiPBJ0uUlVaByYvuqoIvqJljSBlfTYkG1Opktg4Lv1ANIa
WjlpQVkbKRH4FWrgwdOv7M4rqZRs+YTN8DT9Ror6oJuYpzJXg72Upb+GFGlZ3XXm
1QtLfx6MMW6Fv/02WAjhmFOVZxLOsJT4y5AcBzNfM2zwtQm1rfW2XOFufG8nyMBY
4eUzmuuEft0Clt8ZKfxQasvhlppUh8xLEHtbVpQ2tid0f0A3Q9kZzntUx2TS+zQ1
Us7hvGKGgbhHk9oY3+e6uWc8e9N3NI+G4n5N0iYkiyCr
-----END CERTIFICATE-----
Generated at Sun May 3 15:23:21 2026 by rpki-client