Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8551266c-ef98-4dd7-801f-d816ee2eeade.roa
File: 8551266c-ef98-4dd7-801f-d816ee2eeade.roa (raw, json)
Hash identifier: rA1k/5xINDvvvzTdIOdzt1gXZ0rvQCaySfSUwSzoZ4g=
Subject key identifier: 30:2B:18:36:FF:19:25:2C:B0:15:07:DA:34:E8:D6:DE:8F:0F:21:D3
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6EAFF5770B7236AABCAD40D7D24F5A66F4616CF3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8551266c-ef98-4dd7-801f-d816ee2eeade.roa
Signing time: Tue 19 May 2026 06:00:31 +0000
ROA not before: Tue 19 May 2026 06:00:31 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.176.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 13:19:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:af:f5:77:0b:72:36:aa:bc:ad:40:d7:d2:4f:5a:66:f4:61:6c:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 06:00:31 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=3b3bf3aa05d059b67fe78ebeef653d13c4c6b8742b64af28cca212ffef69ddd3, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:65:2c:f4:d2:65:a8:46:65:e9:f3:a3:31:3b:
9a:c6:43:49:63:5a:5a:c1:0b:69:4b:74:5e:79:5f:
2f:f5:60:eb:46:d4:01:fd:53:cd:ed:ca:ae:36:7b:
4e:9c:5d:4c:80:5d:84:0f:43:b5:5d:18:01:0e:80:
e5:fd:20:71:ba:12:84:2b:3c:f0:9e:17:8d:15:a8:
92:f5:4a:84:fa:c7:5e:73:dc:c0:13:d3:bd:19:fc:
d0:76:92:b7:f9:40:81:99:7d:b9:73:e5:45:6d:95:
d0:2c:82:2f:d7:64:c7:d9:63:f7:27:17:84:d3:18:
c1:66:eb:93:ac:51:0b:c1:d3:fe:ed:73:19:e6:c5:
d5:b2:92:52:73:70:c0:5e:36:18:f2:e4:eb:41:75:
23:6b:d9:ea:a3:ba:31:71:eb:ea:40:29:64:85:21:
d9:be:02:ae:b2:34:0a:67:93:69:ca:57:ee:dc:31:
22:ea:52:a2:27:d8:3b:e1:4a:01:f8:1d:04:60:77:
ac:01:3c:55:72:7e:68:66:49:85:09:c9:85:0d:f6:
08:5d:ef:c8:a7:96:af:a4:e9:32:a5:b4:80:53:f1:
1d:d9:5b:82:a3:47:44:ab:d7:26:f4:ba:17:b1:c8:
af:d7:f9:17:a1:3f:25:90:08:cc:6a:44:d0:0f:e6:
b6:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:2B:18:36:FF:19:25:2C:B0:15:07:DA:34:E8:D6:DE:8F:0F:21:D3
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8551266c-ef98-4dd7-801f-d816ee2eeade.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.176.0.0/15
Signature Algorithm: sha256WithRSAEncryption
64:70:ad:e1:af:8e:24:72:6f:11:e3:1c:05:55:c0:ae:d7:81:
b1:25:07:c9:9e:9e:f9:e8:1d:c7:d8:b8:e3:a1:aa:c5:33:ff:
f9:b2:9d:44:ca:c5:5e:06:49:b5:9a:d8:30:37:ab:2b:cb:c0:
6d:c4:46:85:bc:f7:a8:ae:9c:47:ff:69:a1:1f:78:77:e6:a8:
7c:99:c9:92:09:e2:f2:c1:be:04:ce:52:76:93:fe:c7:ca:6e:
74:0b:fd:cf:da:46:96:dc:c0:37:11:7d:dc:6d:13:87:23:3b:
c6:3d:8d:d1:0c:e7:f6:e9:1b:d1:74:b6:a2:69:53:34:ae:7c:
bb:7f:f6:2c:40:be:48:cb:f8:96:9b:ba:b9:f2:9c:07:7d:35:
21:1b:40:bd:3b:fe:e8:8c:22:1f:4c:f0:db:0a:72:80:61:42:
ae:eb:c0:58:f3:68:17:1c:f1:da:c0:5b:65:48:b2:32:c9:d0:
53:4e:eb:33:63:6f:9e:a1:fc:33:80:38:68:7b:fc:53:ef:f6:
b1:f4:21:11:80:7d:a9:c6:1f:87:f3:aa:6d:65:3e:d9:7d:10:
2b:bd:6f:ad:18:3d:3e:66:e7:1e:d0:ad:29:0a:c3:ed:61:4a:
2b:da:f1:23:6f:c1:bd:d7:75:64:47:f4:2f:99:8a:71:8d:bf:
ad:80:70:2f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUbq/1dwtyNqq8rUDX0k9aZvRhbPMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNjAwMzFaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDNiM2JmM2FhMDVkMDU5YjY3ZmU3OGViZWVmNjUzZDEzYzRjNmI4NzQyYjY0
YWYyOGNjYTIxMmZmZWY2OWRkZDMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKRlLPTSZahGZenzozE7msZDSWNaWsELaUt0XnlfL/Vg60bUAf1Tze3KrjZ7
TpxdTIBdhA9DtV0YAQ6A5f0gcboShCs88J4XjRWokvVKhPrHXnPcwBPTvRn80HaS
t/lAgZl9uXPlRW2V0CyCL9dkx9lj9ycXhNMYwWbrk6xRC8HT/u1zGebF1bKSUnNw
wF42GPLk60F1I2vZ6qO6MXHr6kApZIUh2b4CrrI0CmeTacpX7twxIupSoifYO+FK
AfgdBGB3rAE8VXJ+aGZJhQnJhQ32CF3vyKeWr6TpMqW0gFPxHdlbgqNHRKvXJvS6
F7HIr9f5F6E/JZAIzGpE0A/mtoECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQwKxg2
/xklLLAVB9o06Nbejw8h0zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODU1MTI2NmMtZWY5OC00ZGQ3LTgwMWYtZDgxNmVlMmVlYWRlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOwMA0G
CSqGSIb3DQEBCwUAA4IBAQBkcK3hr44kcm8R4xwFVcCu14GxJQfJnp756B3H2Ljj
oarFM//5sp1EysVeBkm1mtgwN6sry8BtxEaFvPeorpxH/2mhH3h35qh8mcmSCeLy
wb4EzlJ2k/7Hym50C/3P2kaW3MA3EX3cbROHIzvGPY3RDOf26RvRdLaiaVM0rny7
f/YsQL5Iy/iWm7q58pwHfTUhG0C9O/7ojCIfTPDbCnKAYUKu68BY82gXHPHawFtl
SLIyydBTTuszY2+eofwzgDhoe/xT7/ax9CERgH2pxh+H86ptZT7ZfRArvW+tGD0+
Zuce0K0pCsPtYUor2vEjb8G913VkR/QvmYpxjb+tgHAv
-----END CERTIFICATE-----
Generated at Wed Jun 3 20:03:11 2026 by rpki-client