Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/85056db0-2868-4547-8893-66ae7ad101d4.roa
File: 85056db0-2868-4547-8893-66ae7ad101d4.roa (raw, json)
Hash identifier: hj45v28As1sl3WAsJpoq9TpF08UoFzj3kAM3WYGWG2Y=
Subject key identifier: 0D:9D:F5:83:4C:F4:1B:C6:AA:FE:3F:EE:97:A9:F7:CF:4A:24:66:C7
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0AFEF4929211EACB4D3E0331D4948C3354D2311F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/85056db0-2868-4547-8893-66ae7ad101d4.roa
Signing time: Tue 19 May 2026 05:40:04 +0000
ROA not before: Tue 19 May 2026 05:40:04 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.90.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 01 Jun 2026 11:09:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:fe:f4:92:92:11:ea:cb:4d:3e:03:31:d4:94:8c:33:54:d2:31:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 05:40:04 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=e474484834c67c05d5885b1c41cfa93031445f4e886863250a69cf892ccdc94f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:df:68:8a:99:b1:18:b4:48:a7:ae:36:33:90:
fc:05:d8:09:67:69:2b:82:ae:46:29:79:50:62:34:
bb:1d:28:4c:e7:df:64:31:d1:be:55:a6:52:47:0d:
9b:02:db:f4:97:a7:92:16:2a:e0:96:75:d7:cd:da:
c1:d1:3d:84:ab:f4:99:04:f9:78:31:cd:0f:51:39:
a3:00:06:a3:12:b9:04:ef:2b:fa:0e:26:0a:77:06:
ba:0b:28:a5:0b:40:80:70:c6:57:7d:8d:13:b7:6c:
2b:76:1b:b7:d0:ca:1b:8b:ec:b2:75:95:25:67:80:
04:fa:5a:b7:84:4c:c1:a1:b1:dd:95:84:c1:74:13:
12:77:ab:4d:67:6e:46:e5:ec:42:10:64:7b:91:f4:
7b:07:08:6b:96:26:ae:62:44:a0:76:87:4e:5b:41:
b5:4b:16:4e:c4:0d:26:ac:1f:ea:9d:40:19:a1:2b:
0f:a1:ba:82:8d:99:49:7e:23:02:b1:e7:c9:47:87:
1a:82:94:6e:cd:67:22:6b:0a:a1:7a:9c:fe:7a:b8:
7c:b8:48:7b:50:d8:61:a5:f8:82:d4:9a:67:78:1c:
82:41:f9:a4:7d:6e:71:7f:8b:81:cf:8d:47:e6:42:
d9:99:df:f0:8f:b5:b7:1a:53:c9:c0:0d:b9:8b:b8:
a4:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:9D:F5:83:4C:F4:1B:C6:AA:FE:3F:EE:97:A9:F7:CF:4A:24:66:C7
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/85056db0-2868-4547-8893-66ae7ad101d4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.90.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a0:72:37:98:89:0d:55:b1:27:37:6b:23:22:1d:42:e2:4b:30:
c3:a1:36:31:74:bb:18:f2:fa:43:7a:97:a5:bd:83:e7:f3:72:
0a:d0:60:e5:69:1b:c2:07:ce:e5:8a:1a:72:e6:98:07:1a:88:
e5:dc:c0:0a:81:08:22:c7:06:5c:68:58:25:bb:e4:7d:97:9b:
ae:8e:eb:2f:3a:cd:7c:a7:0d:92:ed:95:e9:23:30:95:5a:57:
a0:b5:55:55:00:9c:fc:3f:7d:26:1e:26:fe:73:b2:ba:ec:94:
9a:d4:ad:88:1f:63:22:d8:c8:c5:98:bc:11:e1:dd:3f:73:f9:
ea:08:8b:bf:2f:67:f2:be:29:4c:ec:55:4d:02:75:95:e1:cf:
76:d2:5a:80:af:22:73:46:f8:9b:e6:e6:23:f2:6d:f5:7f:a4:
eb:5d:b4:56:70:78:26:1f:18:b0:49:e3:92:3e:c8:32:d2:54:
76:89:7f:3d:c5:06:02:6a:04:a6:08:f5:f4:fd:d7:78:50:57:
aa:05:2d:bf:91:33:54:e4:03:46:b8:2f:b4:4f:49:a1:37:ee:
b5:20:35:22:02:cf:f9:e3:04:07:43:57:e5:6c:61:3c:3d:5d:
3d:c1:1a:72:06:fa:3f:43:9a:fc:74:f5:d9:1e:ef:0c:a7:94:
4b:2e:89:dc
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUCv70kpIR6stNPgMx1JSMM1TSMR8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNTQwMDRaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGU0NzQ0ODQ4MzRjNjdjMDVkNTg4NWIxYzQxY2ZhOTMwMzE0NDVmNGU4ODY4
NjMyNTBhNjljZjg5MmNjZGM5NGYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK/faIqZsRi0SKeuNjOQ/AXYCWdpK4KuRil5UGI0ux0oTOffZDHRvlWmUkcN
mwLb9JenkhYq4JZ1183awdE9hKv0mQT5eDHND1E5owAGoxK5BO8r+g4mCncGugso
pQtAgHDGV32NE7dsK3Ybt9DKG4vssnWVJWeABPpat4RMwaGx3ZWEwXQTEnerTWdu
RuXsQhBke5H0ewcIa5YmrmJEoHaHTltBtUsWTsQNJqwf6p1AGaErD6G6go2ZSX4j
ArHnyUeHGoKUbs1nImsKoXqc/nq4fLhIe1DYYaX4gtSaZ3gcgkH5pH1ucX+Lgc+N
R+ZC2Znf8I+1txpTycANuYu4pBkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQNnfWD
TPQbxqr+P+6XqffPSiRmxzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODUwNTZkYjAtMjg2OC00NTQ3LTg4OTMtNjZhZTdhZDEwMWQ0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNaMA0G
CSqGSIb3DQEBCwUAA4IBAQCgcjeYiQ1VsSc3ayMiHULiSzDDoTYxdLsY8vpDepel
vYPn83IK0GDlaRvCB87lihpy5pgHGojl3MAKgQgixwZcaFglu+R9l5uujusvOs18
pw2S7ZXpIzCVWlegtVVVAJz8P30mHib+c7K67JSa1K2IH2Mi2MjFmLwR4d0/c/nq
CIu/L2fyvilM7FVNAnWV4c920lqAryJzRvib5uYj8m31f6TrXbRWcHgmHxiwSeOS
Psgy0lR2iX89xQYCagSmCPX0/dd4UFeqBS2/kTNU5ANGuC+0T0mhN+61IDUiAs/5
4wQHQ1flbGE8PV09wRpyBvo/Q5r8dPXZHu8Mp5RLLonc
-----END CERTIFICATE-----
Generated at Sun May 31 19:03:38 2026 by rpki-client