Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83c9f9c4-39a2-4f5f-9188-1a9e0dccf209.roa
File: 83c9f9c4-39a2-4f5f-9188-1a9e0dccf209.roa (raw, json)
Hash identifier: F8Pp/gMm1tG5c/PslaHl9VjTxj745TT8vuVOs0tBxxY=
Subject key identifier: 82:84:11:A6:2B:70:13:53:52:81:D3:02:08:8E:59:FF:A1:EA:46:BA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6AA98D4BA82A887B5D9782401E3CAA0F94FB690C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83c9f9c4-39a2-4f5f-9188-1a9e0dccf209.roa
Signing time: Tue 19 May 2026 05:50:36 +0000
ROA not before: Tue 19 May 2026 05:50:36 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.150.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:a9:8d:4b:a8:2a:88:7b:5d:97:82:40:1e:3c:aa:0f:94:fb:69:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 05:50:36 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=cdbb5305461d6f653bd3e118c4f2219488d7366ffab634e7d6d72152be1cb98e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:14:ba:68:54:07:ec:a4:32:88:4a:95:f1:bd:
2e:f8:53:77:4e:7e:3f:23:48:e7:50:8b:92:18:7d:
7e:7b:33:6b:0e:1d:64:27:9b:e0:77:53:ea:eb:e2:
29:82:ed:c5:57:72:04:db:cc:71:c7:d3:8b:5e:07:
93:39:5d:77:a2:b3:33:55:9e:b4:ac:10:46:39:38:
e4:0f:e3:8a:4d:d3:49:c2:5d:17:3a:6b:89:70:61:
0b:9e:7c:ef:0f:be:66:2f:fb:09:6a:0c:93:2e:52:
3d:72:6f:fb:42:27:9a:26:30:8d:cc:87:32:36:a3:
23:a7:a8:5b:54:ce:99:bf:27:2d:d3:70:09:e5:fc:
8e:48:39:4f:8a:89:37:50:cc:0b:d2:32:2a:b9:a7:
6f:a7:65:98:db:1e:e3:51:b0:4d:c0:39:2b:05:6e:
67:41:26:8f:a1:4b:6c:27:54:13:dd:2c:39:c6:ba:
f8:9e:42:25:9a:50:9e:38:46:19:75:21:c3:73:62:
12:95:c1:80:3a:d1:d4:79:d3:94:f6:68:2e:d3:df:
b7:ee:0e:34:76:3f:35:52:5c:2a:a5:a2:31:f8:ae:
3e:77:aa:6f:5d:fc:e0:71:9c:26:07:45:63:7a:1e:
d3:d8:c3:29:42:0f:69:c4:39:f5:82:1a:6b:cd:b2:
e2:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:84:11:A6:2B:70:13:53:52:81:D3:02:08:8E:59:FF:A1:EA:46:BA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83c9f9c4-39a2-4f5f-9188-1a9e0dccf209.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.150.0.0/16
Signature Algorithm: sha256WithRSAEncryption
03:36:75:08:fa:be:dd:3b:16:bc:6b:48:f0:d6:d3:1e:ab:8d:
38:5b:03:0b:c1:5d:a6:06:75:fb:5b:ee:53:50:d6:0d:3f:00:
76:08:d0:6a:1b:b0:ff:e4:ad:cc:94:82:c3:ea:8f:0b:96:61:
6c:04:73:ff:63:b9:53:2e:db:40:4a:a4:02:f2:42:39:5b:37:
92:e8:15:dd:1a:1f:02:8e:81:2a:81:b4:0f:a2:1c:0e:0b:1b:
6e:ff:94:b1:d8:fa:20:ce:65:44:42:2a:72:8c:df:63:a2:2a:
45:23:01:95:51:5f:1c:bb:cb:fc:37:f7:47:00:f4:51:05:64:
62:c3:ae:b3:cf:9c:a3:09:a4:3b:db:30:ff:01:22:ed:7c:4c:
6a:71:2d:8f:db:a7:a4:7a:72:97:0b:d3:4c:99:88:fd:71:98:
a5:6b:e8:57:d1:5b:1f:39:a6:e6:67:e2:88:7a:fe:ca:55:91:
bd:a4:8d:f8:d0:5d:12:20:0a:96:83:b8:3e:b2:cf:0c:96:f5:
11:bc:b0:4a:c7:62:79:d4:53:63:59:73:cc:3e:44:c7:95:a4:
3b:0e:2c:52:ab:98:28:85:ef:34:e7:e2:3a:c6:76:fe:d2:86:
66:44:8c:9c:cf:a2:fa:8c:3c:0d:d4:68:2a:51:81:63:37:d2:
21:ed:89:71
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUaqmNS6gqiHtdl4JAHjyqD5T7aQwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNTUwMzZaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGNkYmI1MzA1NDYxZDZmNjUzYmQzZTExOGM0ZjIyMTk0ODhkNzM2NmZmYWI2
MzRlN2Q2ZDcyMTUyYmUxY2I5OGUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI0UumhUB+ykMohKlfG9LvhTd05+PyNI51CLkhh9fnszaw4dZCeb4HdT6uvi
KYLtxVdyBNvMccfTi14Hkzldd6KzM1WetKwQRjk45A/jik3TScJdFzpriXBhC558
7w++Zi/7CWoMky5SPXJv+0InmiYwjcyHMjajI6eoW1TOmb8nLdNwCeX8jkg5T4qJ
N1DMC9IyKrmnb6dlmNse41GwTcA5KwVuZ0Emj6FLbCdUE90sOca6+J5CJZpQnjhG
GXUhw3NiEpXBgDrR1HnTlPZoLtPft+4ONHY/NVJcKqWiMfiuPneqb1384HGcJgdF
Y3oe09jDKUIPacQ59YIaa82y4l0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSChBGm
K3ATU1KB0wIIjln/oepGujAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODNjOWY5YzQtMzlhMi00ZjVmLTkxODgtMWE5ZTBkY2NmMjA5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOWMA0G
CSqGSIb3DQEBCwUAA4IBAQADNnUI+r7dOxa8a0jw1tMeq404WwMLwV2mBnX7W+5T
UNYNPwB2CNBqG7D/5K3MlILD6o8LlmFsBHP/Y7lTLttASqQC8kI5WzeS6BXdGh8C
joEqgbQPohwOCxtu/5Sx2PogzmVEQipyjN9joipFIwGVUV8cu8v8N/dHAPRRBWRi
w66zz5yjCaQ72zD/ASLtfExqcS2P26ekenKXC9NMmYj9cZila+hX0VsfOabmZ+KI
ev7KVZG9pI340F0SIAqWg7g+ss8MlvURvLBKx2J51FNjWXPMPkTHlaQ7DixSq5go
he805+I6xnb+0oZmRIycz6L6jDwN1GgqUYFjN9Ih7Ylx
-----END CERTIFICATE-----
Generated at Thu Jun 4 03:15:12 2026 by rpki-client