Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d7fdedfc-2bdc-42cd-a714-2abbc02deae9.roa
File: d7fdedfc-2bdc-42cd-a714-2abbc02deae9.roa (raw, json)
Hash identifier: juc9yO24QddP92trWWSVaHjTEmmquHcDec6/hRSw3ZI=
Subject key identifier: FC:5F:0F:98:63:BA:9D:7D:37:7E:4A:42:19:E4:E7:45:D6:FF:2C:12
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1FEF7E3ED1A9A041EA94E453145FFECDE4611BA9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d7fdedfc-2bdc-42cd-a714-2abbc02deae9.roa
Signing time: Tue 19 May 2026 06:00:30 +0000
ROA not before: Tue 19 May 2026 06:00:30 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.151.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 31 May 2026 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:ef:7e:3e:d1:a9:a0:41:ea:94:e4:53:14:5f:fe:cd:e4:61:1b:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 06:00:30 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=bc6170c69ab3a9bd58619a6d66dbe6ab6c31fc32b962e71a90848f60564acb15, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:fb:b5:1e:7d:84:dc:a5:90:17:bf:95:6b:2d:
0a:2c:86:be:05:33:19:64:da:c6:78:df:00:c0:d9:
26:24:5f:bf:f6:14:90:75:90:05:b1:05:6f:cc:34:
98:42:27:5f:18:18:49:30:af:c1:24:2d:ec:b4:23:
e3:51:67:14:bd:30:b0:0d:f4:89:59:d6:f8:f8:1a:
d6:d1:76:b0:04:15:5e:54:ca:e5:a5:c7:7e:03:b5:
a9:e2:cc:4c:07:8f:51:3a:be:0b:7b:d5:c9:a8:c5:
33:fa:20:70:ab:6b:e2:14:91:5c:4b:c2:cb:4c:0b:
8c:47:27:1c:c1:eb:b7:08:9e:b7:9f:31:f0:0f:b9:
95:dd:0b:16:cd:8c:da:b2:ea:cb:24:c6:5c:e9:18:
16:3d:f9:ba:77:1c:81:e3:16:e2:a0:72:5e:ac:08:
20:48:78:f1:48:6e:0a:1c:18:04:c9:d7:05:16:61:
09:f7:52:bc:42:23:69:8e:19:2d:c5:24:35:82:6e:
85:e7:98:f5:fd:4a:39:54:aa:29:85:41:a0:90:34:
c4:11:04:f8:72:da:27:fb:cf:4b:f6:3e:c5:34:ce:
7a:a2:76:41:28:e5:38:b8:18:01:ce:d1:01:98:84:
3b:24:2e:ed:2b:87:28:17:30:c6:2d:76:f0:f1:64:
dd:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:5F:0F:98:63:BA:9D:7D:37:7E:4A:42:19:E4:E7:45:D6:FF:2C:12
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d7fdedfc-2bdc-42cd-a714-2abbc02deae9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.151.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7f:26:44:c8:a4:c4:09:af:c8:9c:e7:5d:61:c6:fc:54:6e:3f:
f6:84:7a:84:a4:06:6e:e6:61:c3:0f:29:d7:12:f5:0c:93:24:
08:93:0c:51:8b:53:f6:ee:c4:f5:8e:64:8d:51:7a:df:62:3d:
d2:e3:ac:df:7c:f0:13:c2:92:06:32:27:41:82:35:e8:17:c0:
eb:1a:f1:49:3e:25:ea:49:89:7a:b0:69:51:dd:f8:8c:a3:b7:
2d:8e:f4:e4:9f:9c:03:04:58:ba:67:e4:28:0f:b9:25:10:e0:
be:f1:3a:d7:9c:fd:fd:1f:29:12:95:8a:af:f9:42:9c:2a:49:
05:0b:3d:a0:ae:3f:38:36:54:55:36:fe:33:12:2a:97:0a:bd:
38:9c:fa:28:10:71:74:bd:11:3e:e6:a2:4e:ea:10:bc:c6:6f:
50:50:08:2b:85:02:59:79:42:5f:63:73:07:48:02:b9:f5:d7:
6d:8e:be:f5:a0:20:66:97:ea:92:91:22:23:cf:ba:fe:aa:15:
5c:c0:c7:16:7b:f9:c1:5f:05:9c:87:72:77:58:d7:63:50:90:
37:98:70:b3:00:5a:04:80:e1:de:cf:31:80:05:b2:8d:db:cc:
bc:55:72:5d:a0:37:7c:1e:fd:76:bc:5e:38:ac:21:35:dd:31:
35:ae:a5:00
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUH+9+PtGpoEHqlORTFF/+zeRhG6kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNjAwMzBaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGJjNjE3MGM2OWFiM2E5YmQ1ODYxOWE2ZDY2ZGJlNmFiNmMzMWZjMzJiOTYy
ZTcxYTkwODQ4ZjYwNTY0YWNiMTUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKz7tR59hNylkBe/lWstCiyGvgUzGWTaxnjfAMDZJiRfv/YUkHWQBbEFb8w0
mEInXxgYSTCvwSQt7LQj41FnFL0wsA30iVnW+Pga1tF2sAQVXlTK5aXHfgO1qeLM
TAePUTq+C3vVyajFM/ogcKtr4hSRXEvCy0wLjEcnHMHrtwiet58x8A+5ld0LFs2M
2rLqyyTGXOkYFj35unccgeMW4qByXqwIIEh48UhuChwYBMnXBRZhCfdSvEIjaY4Z
LcUkNYJuheeY9f1KOVSqKYVBoJA0xBEE+HLaJ/vPS/Y+xTTOeqJ2QSjlOLgYAc7R
AZiEOyQu7SuHKBcwxi128PFk3SECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT8Xw+Y
Y7qdfTd+SkIZ5OdF1v8sEjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDdmZGVkZmMtMmJkYy00MmNkLWE3MTQtMmFiYmMwMmRlYWU5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOXMA0G
CSqGSIb3DQEBCwUAA4IBAQB/JkTIpMQJr8ic511hxvxUbj/2hHqEpAZu5mHDDynX
EvUMkyQIkwxRi1P27sT1jmSNUXrfYj3S46zffPATwpIGMidBgjXoF8DrGvFJPiXq
SYl6sGlR3fiMo7ctjvTkn5wDBFi6Z+QoD7klEOC+8TrXnP39HykSlYqv+UKcKkkF
Cz2grj84NlRVNv4zEiqXCr04nPooEHF0vRE+5qJO6hC8xm9QUAgrhQJZeUJfY3MH
SAK59ddtjr71oCBml+qSkSIjz7r+qhVcwMcWe/nBXwWch3J3WNdjUJA3mHCzAFoE
gOHezzGABbKN28y8VXJdoDd8Hv12vF44rCE13TE1rqUA
-----END CERTIFICATE-----
Generated at Sat May 30 16:15:57 2026 by rpki-client