Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/54f9687d-a273-4060-846b-ce640aca7c79.roa
File: 54f9687d-a273-4060-846b-ce640aca7c79.roa (raw, json)
Hash identifier: DskLZu2OtYRuJgcZ/IoAUkLR654CLiWABl2EE+60wXM=
Subject key identifier: BD:46:1C:A5:F1:A2:EC:E0:9C:4A:8B:D0:EB:8D:59:FA:FC:EF:B4:C5
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5DB71A142E3AB964DF1C598BBD37E10017DC7228
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/54f9687d-a273-4060-846b-ce640aca7c79.roa
Signing time: Mon 27 Apr 2026 00:40:36 +0000
ROA not before: Mon 27 Apr 2026 00:40:36 +0000
ROA not after: Sun 26 Jul 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.44.0.0/14 maxlen: 14
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 04 May 2026 05:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:b7:1a:14:2e:3a:b9:64:df:1c:59:8b:bd:37:e1:00:17:dc:72:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 27 00:40:36 2026 GMT
Not After : Jul 26 23:59:59 2026 GMT
Subject: serialNumber=6afd61fe11d3e66c467c56a0519ef63815a9da6c14fba9abccefda647fce0aff, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:d1:32:8c:6b:68:c5:42:bb:6d:79:7e:80:e9:
18:4a:44:75:00:ef:03:7f:27:85:a5:5a:fe:30:59:
96:37:6f:31:4f:dd:a6:84:f4:8d:92:ce:c7:09:ca:
c7:91:cc:85:1c:d4:f6:00:53:de:97:03:df:91:08:
7d:7e:35:ba:98:71:41:b9:75:af:71:f5:56:61:c9:
83:0a:d6:24:eb:9a:d8:80:30:25:9d:4a:17:6d:82:
cf:56:2c:93:5f:29:2a:c2:86:40:94:96:bc:07:ba:
d7:d5:28:09:69:91:a0:19:16:ab:09:48:50:67:8b:
b7:62:7a:a5:11:c7:c5:c1:da:e0:bd:05:ff:f0:aa:
9c:ec:6b:66:e7:f3:c0:c2:af:f1:11:80:a9:80:ee:
33:18:c2:df:d6:52:43:fa:30:d8:6b:f0:c4:b1:28:
69:73:00:ad:ae:fe:67:51:b4:25:d5:f4:01:5c:ea:
de:1d:71:f0:a7:af:13:87:0c:a8:15:4f:d9:64:23:
a6:8c:9a:7a:9f:89:a7:ec:0b:38:d2:10:b0:63:80:
42:85:f3:ca:1d:57:59:98:72:4f:2f:e1:ee:24:4e:
ae:d7:bd:6d:de:3d:ff:09:d4:62:c5:bb:21:0b:a8:
89:65:63:47:ca:d3:9a:90:8c:24:41:d3:8a:4b:c7:
40:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:46:1C:A5:F1:A2:EC:E0:9C:4A:8B:D0:EB:8D:59:FA:FC:EF:B4:C5
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/54f9687d-a273-4060-846b-ce640aca7c79.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.44.0.0/14
Signature Algorithm: sha256WithRSAEncryption
cd:6b:07:75:fc:05:91:4a:cf:e9:a9:cc:ee:d2:e2:90:a8:3f:
0f:27:55:65:3c:c7:c9:10:f8:ee:9c:14:20:cd:93:9c:7f:25:
37:b7:2a:e1:bd:0f:cb:8e:e7:4b:db:dd:cf:b0:f4:40:1a:8c:
ac:e7:64:d2:12:2e:13:e9:a5:bd:13:d6:f0:12:f8:54:b0:be:
4a:40:7a:aa:06:ed:3b:30:83:71:59:99:0f:49:3b:5a:c1:14:
61:a1:d1:07:d4:85:e2:51:61:ee:16:3f:87:54:5f:dc:23:8a:
b3:52:a6:c7:24:00:8a:5d:b4:b3:aa:4e:76:32:ef:0b:8c:22:
8a:fa:5d:6b:40:b0:1b:43:a7:bc:e3:26:9b:ae:e4:86:69:28:
2e:75:b6:5c:b4:e6:17:79:66:69:52:fc:8d:69:23:24:58:61:
4f:02:67:e6:b8:aa:03:35:12:9a:8b:e2:98:c3:69:55:fe:35:
04:52:38:9d:f0:0e:df:7f:d7:7e:87:77:e4:3d:58:d5:20:d0:
91:ff:a2:c5:85:89:4d:83:e5:f0:82:9a:31:18:f3:51:43:bc:
28:b2:c2:52:22:8a:fe:a7:92:46:a1:44:5d:d8:21:f8:73:26:
a9:8d:a0:81:eb:8f:7f:da:05:e5:2e:8c:88:42:39:2a:44:95:
f4:c8:e6:a2
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUXbcaFC46uWTfHFmLvTfhABfccigwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA0MjcwMDQwMzZaFw0yNjA3MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDZhZmQ2MWZlMTFkM2U2NmM0NjdjNTZhMDUxOWVmNjM4MTVhOWRhNmMxNGZi
YTlhYmNjZWZkYTY0N2ZjZTBhZmYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANvRMoxraMVCu215foDpGEpEdQDvA38nhaVa/jBZljdvMU/dpoT0jZLOxwnK
x5HMhRzU9gBT3pcD35EIfX41uphxQbl1r3H1VmHJgwrWJOua2IAwJZ1KF22Cz1Ys
k18pKsKGQJSWvAe619UoCWmRoBkWqwlIUGeLt2J6pRHHxcHa4L0F//CqnOxrZufz
wMKv8RGAqYDuMxjC39ZSQ/ow2GvwxLEoaXMAra7+Z1G0JdX0AVzq3h1x8KevE4cM
qBVP2WQjpoyaep+Jp+wLONIQsGOAQoXzyh1XWZhyTy/h7iROrte9bd49/wnUYsW7
IQuoiWVjR8rTmpCMJEHTikvHQN0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS9Rhyl
8aLs4JxKi9DrjVn6/O+0xTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTRmOTY4N2QtYTI3My00MDYwLTg0NmItY2U2NDBhY2E3Yzc5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjMsMA0G
CSqGSIb3DQEBCwUAA4IBAQDNawd1/AWRSs/pqczu0uKQqD8PJ1VlPMfJEPjunBQg
zZOcfyU3tyrhvQ/LjudL293PsPRAGoys52TSEi4T6aW9E9bwEvhUsL5KQHqqBu07
MINxWZkPSTtawRRhodEH1IXiUWHuFj+HVF/cI4qzUqbHJACKXbSzqk52Mu8LjCKK
+l1rQLAbQ6e84yabruSGaSgudbZctOYXeWZpUvyNaSMkWGFPAmfmuKoDNRKai+KY
w2lV/jUEUjid8A7ff9d+h3fkPVjVINCR/6LFhYlNg+XwgpoxGPNRQ7wossJSIor+
p5JGoURd2CH4cyapjaCB649/2gXlLoyIQjkqRJX0yOai
-----END CERTIFICATE-----
Generated at Sun May 3 15:23:42 2026 by rpki-client