Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a3eae5c-027e-4c38-ab8e-330b3e5bad97.roa
File: 9a3eae5c-027e-4c38-ab8e-330b3e5bad97.roa (raw, json)
Hash identifier: EUTAtdtzlLz9GUHFLJCjEU1O/RTpl1WpK5xiBvlkpc8=
Subject key identifier: FF:D6:3B:71:3C:53:F6:28:1B:0C:41:54:C3:37:09:5D:3B:9A:54:60
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3AD37103ADC5F5B6060E1F4F5B530319BB1976C2
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a3eae5c-027e-4c38-ab8e-330b3e5bad97.roa
Signing time: Tue 19 May 2026 05:40:07 +0000
ROA not before: Tue 19 May 2026 05:40:07 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.139.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 30 May 2026 16:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:d3:71:03:ad:c5:f5:b6:06:0e:1f:4f:5b:53:03:19:bb:19:76:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 05:40:07 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=8dcd9cbdb2264897cfd468b9c3979d3f9d7629269678e02d269f56215f2e3525, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:69:69:f7:f6:46:59:84:7a:89:7a:45:f5:32:
9f:53:7f:94:a9:66:7f:e1:ed:8c:4f:a0:ad:b5:ab:
4f:c2:b6:ee:3a:49:0f:ce:e7:c4:15:a3:c4:59:46:
57:9b:0d:3a:86:67:5c:81:0a:2b:b7:70:98:34:5e:
92:8f:a8:38:58:d9:d9:40:3e:14:6c:1e:ef:78:ac:
11:9c:9f:0f:c1:ec:a2:39:be:13:4e:9d:01:b7:99:
60:ea:c5:46:03:a8:54:f5:7f:17:31:c6:7f:41:18:
30:b3:eb:e2:b4:52:87:dd:62:88:14:9d:06:46:49:
bb:2a:47:20:7c:c2:c8:07:1c:5a:88:02:a2:8e:99:
1f:04:68:2c:95:0d:4a:6b:e6:b2:f3:ee:a9:6d:b5:
18:93:76:c9:54:c8:bf:cd:e5:7b:2e:80:1b:f3:a1:
84:bf:c7:b9:cc:a3:89:3f:d5:b2:5e:ae:b6:26:1c:
f1:89:cf:f7:3e:e8:88:66:40:a9:d7:64:4e:c1:46:
2c:9b:5a:f8:18:58:c5:30:35:b9:91:42:34:b9:f5:
4e:52:04:b3:6d:19:03:90:d1:e6:e8:79:1a:16:fb:
58:ab:54:a2:4b:47:08:d9:e4:7c:9e:6f:11:22:19:
ca:6f:99:1f:c5:dd:bf:dc:07:d4:21:70:fc:13:49:
f6:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:D6:3B:71:3C:53:F6:28:1B:0C:41:54:C3:37:09:5D:3B:9A:54:60
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a3eae5c-027e-4c38-ab8e-330b3e5bad97.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.139.0.0/16
Signature Algorithm: sha256WithRSAEncryption
33:4d:84:9c:b6:7d:29:6f:33:30:4d:3e:0f:d5:da:cf:63:28:
54:c7:02:ab:9f:d6:60:be:94:1e:0d:25:e8:56:f1:40:7c:b0:
6b:d9:26:83:15:9e:c8:ca:e5:98:13:c8:1d:56:0a:94:3a:ee:
59:01:17:fc:75:f0:f3:1d:f1:b5:8a:39:38:72:33:db:94:e4:
e8:a6:4e:ca:23:7b:b7:5d:4c:ed:bb:64:04:e9:9d:13:2b:2a:
6c:df:23:dc:3c:cd:39:2b:11:10:ec:f7:89:05:12:c5:74:11:
6b:51:93:fa:58:26:a3:7f:f8:75:28:99:58:5c:a1:69:9a:24:
89:f2:fa:77:a2:e1:21:74:6b:24:15:d4:8a:96:6a:31:41:91:
b0:bf:25:c5:2d:1b:c8:bc:b2:38:ab:ce:63:74:fc:f5:52:fa:
60:b9:2c:19:60:e5:7b:eb:25:b7:59:9a:c3:73:86:54:8b:a2:
f6:17:de:15:0e:7f:d2:47:9f:91:69:47:8b:65:48:ef:99:34:
e2:0c:95:f5:0d:b2:b5:ab:25:ca:94:6e:83:cf:d0:ed:92:81:
34:78:16:26:53:64:ec:08:0e:e7:47:c1:77:db:f5:c5:3b:66:
fd:0d:17:67:14:b6:d9:81:ad:3f:16:58:87:d1:26:25:0e:2c:
6a:60:eb:15
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUOtNxA63F9bYGDh9PW1MDGbsZdsIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNTQwMDdaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDhkY2Q5Y2JkYjIyNjQ4OTdjZmQ0NjhiOWMzOTc5ZDNmOWQ3NjI5MjY5Njc4
ZTAyZDI2OWY1NjIxNWYyZTM1MjUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK9paff2RlmEeol6RfUyn1N/lKlmf+HtjE+grbWrT8K27jpJD87nxBWjxFlG
V5sNOoZnXIEKK7dwmDReko+oOFjZ2UA+FGwe73isEZyfD8Hsojm+E06dAbeZYOrF
RgOoVPV/FzHGf0EYMLPr4rRSh91iiBSdBkZJuypHIHzCyAccWogCoo6ZHwRoLJUN
SmvmsvPuqW21GJN2yVTIv83ley6AG/OhhL/HucyjiT/Vsl6utiYc8YnP9z7oiGZA
qddkTsFGLJta+BhYxTA1uZFCNLn1TlIEs20ZA5DR5uh5Ghb7WKtUoktHCNnkfJ5v
ESIZym+ZH8Xdv9wH1CFw/BNJ9nECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT/1jtx
PFP2KBsMQVTDNwldO5pUYDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWEzZWFlNWMtMDI3ZS00YzM4LWFiOGUtMzMwYjNlNWJhZDk3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOLMA0G
CSqGSIb3DQEBCwUAA4IBAQAzTYSctn0pbzMwTT4P1drPYyhUxwKrn9ZgvpQeDSXo
VvFAfLBr2SaDFZ7IyuWYE8gdVgqUOu5ZARf8dfDzHfG1ijk4cjPblOTopk7KI3u3
XUztu2QE6Z0TKyps3yPcPM05KxEQ7PeJBRLFdBFrUZP6WCajf/h1KJlYXKFpmiSJ
8vp3ouEhdGskFdSKlmoxQZGwvyXFLRvIvLI4q85jdPz1UvpguSwZYOV76yW3WZrD
c4ZUi6L2F94VDn/SR5+RaUeLZUjvmTTiDJX1DbK1qyXKlG6Dz9DtkoE0eBYmU2Ts
CA7nR8F32/XFO2b9DRdnFLbZga0/FliH0SYlDixqYOsV
-----END CERTIFICATE-----
Generated at Sat May 30 01:25:16 2026 by rpki-client