Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecf71776-ef54-415b-8543-7ec55f9b1d9d.roa
File: ecf71776-ef54-415b-8543-7ec55f9b1d9d.roa (raw, json)
Hash identifier: Tky9P/UkL7rXjK5kl1CduGQ6n/T+gG50Bw0UZ1RMMCE=
Subject key identifier: 68:05:C6:33:84:90:36:3F:64:FF:D6:B3:0A:63:C9:B2:05:4F:8B:69
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7D4DAA1C05016D8C55657D3639214BB1B6FA400C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecf71776-ef54-415b-8543-7ec55f9b1d9d.roa
Signing time: Mon 27 Apr 2026 00:40:04 +0000
ROA not before: Mon 27 Apr 2026 00:40:04 +0000
ROA not after: Sun 26 Jul 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.44.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 04 May 2026 05:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:4d:aa:1c:05:01:6d:8c:55:65:7d:36:39:21:4b:b1:b6:fa:40:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 27 00:40:04 2026 GMT
Not After : Jul 26 23:59:59 2026 GMT
Subject: serialNumber=8b241bcf4c24b6bc998be2337d8b29fe54f5053a4ea3ef9e90d755ec218db496, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:60:ee:67:ca:29:30:8e:70:0f:b7:08:59:43:
45:f2:f8:4c:45:05:4b:9a:d9:93:8c:bd:da:43:84:
b0:f4:6b:44:af:8b:67:74:c9:15:0f:2c:06:c3:fb:
92:d8:a7:ad:b0:48:b0:b4:1e:0b:f8:23:d7:5d:5a:
fa:6a:18:38:ab:8e:1f:04:35:e7:d8:2e:f8:98:3a:
88:78:d3:29:94:99:0e:58:5d:f1:bb:a3:b6:e1:84:
8f:ab:2a:fb:8f:9d:92:3c:4a:15:cd:0c:21:9a:9a:
09:71:a3:1f:97:cb:1f:18:ed:99:fe:c1:6c:46:f7:
46:c5:a6:1b:04:ab:19:81:03:d8:6b:67:5a:ab:bf:
86:dd:fd:a1:1e:c4:38:e4:44:0a:67:26:fa:fb:12:
78:3d:a1:2a:39:e7:f4:0b:ca:8f:18:a7:fd:e2:19:
0d:02:bc:98:ff:c9:51:3f:ea:d0:57:3f:35:04:da:
db:ff:fe:4a:d4:08:09:35:51:41:b8:06:bc:bc:41:
68:f6:33:82:47:95:74:cd:01:23:a1:50:19:b8:79:
f2:80:22:7d:bb:bd:5b:28:03:8c:17:dd:06:f5:bf:
0f:9b:cd:60:9d:b1:87:9e:5d:bc:fb:72:17:ee:78:
09:f1:76:e1:9c:1d:55:84:59:da:3d:52:c9:43:3c:
f8:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:05:C6:33:84:90:36:3F:64:FF:D6:B3:0A:63:C9:B2:05:4F:8B:69
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecf71776-ef54-415b-8543-7ec55f9b1d9d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.44.0.0/16
Signature Algorithm: sha256WithRSAEncryption
88:81:9e:fb:8a:c6:47:51:3c:d6:3b:fc:28:97:cd:4c:ce:53:
fb:83:64:96:a6:81:e9:56:13:26:18:25:f4:7f:d0:eb:ef:d5:
04:f4:ae:d4:3f:57:32:0d:13:79:39:49:85:c3:71:c5:fd:7f:
d6:43:d0:5f:80:a3:b5:38:ec:96:ec:e2:f2:9f:6f:8c:11:71:
ac:9b:c3:af:e4:b0:ac:0d:a1:50:0e:8e:90:a7:6c:d5:d3:74:
1f:d1:26:24:34:59:c8:67:5b:2a:95:2d:54:9b:f7:9d:18:fe:
7e:52:59:d8:71:d5:fc:fd:7a:fe:5f:10:b3:71:74:18:ee:69:
86:cc:b0:b8:ac:a2:b4:ca:32:7e:7f:3e:48:77:71:a1:1b:da:
a3:2a:ba:04:a9:50:7f:44:88:5b:92:a0:23:f9:59:62:42:50:
1e:2f:ba:b0:ae:cb:32:cb:49:e3:e1:43:c3:c4:43:c1:ab:cc:
bd:12:45:9c:b8:b4:27:09:95:44:98:61:74:cc:53:e4:a6:5e:
07:55:72:5c:8f:ac:87:86:7b:38:68:32:1e:57:72:ae:02:01:
aa:14:f3:f1:e3:ba:ab:cc:28:3b:74:e0:11:84:8f:84:2f:e8:
c0:c7:9d:cf:53:26:2f:22:83:ff:c3:88:1c:5c:52:ed:fa:8a:
4b:30:3e:9b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUfU2qHAUBbYxVZX02OSFLsbb6QAwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA0MjcwMDQwMDRaFw0yNjA3MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDhiMjQxYmNmNGMyNGI2YmM5OThiZTIzMzdkOGIyOWZlNTRmNTA1M2E0ZWEz
ZWY5ZTkwZDc1NWVjMjE4ZGI0OTYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANpg7mfKKTCOcA+3CFlDRfL4TEUFS5rZk4y92kOEsPRrRK+LZ3TJFQ8sBsP7
ktinrbBIsLQeC/gj111a+moYOKuOHwQ159gu+Jg6iHjTKZSZDlhd8bujtuGEj6sq
+4+dkjxKFc0MIZqaCXGjH5fLHxjtmf7BbEb3RsWmGwSrGYED2GtnWqu/ht39oR7E
OORECmcm+vsSeD2hKjnn9AvKjxin/eIZDQK8mP/JUT/q0Fc/NQTa2//+StQICTVR
QbgGvLxBaPYzgkeVdM0BI6FQGbh58oAifbu9WygDjBfdBvW/D5vNYJ2xh55dvPty
F+54CfF24ZwdVYRZ2j1SyUM8+AMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRoBcYz
hJA2P2T/1rMKY8myBU+LaTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZWNmNzE3NzYtZWY1NC00MTViLTg1NDMtN2VjNTVmOWIxZDlkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMsMA0G
CSqGSIb3DQEBCwUAA4IBAQCIgZ77isZHUTzWO/wol81MzlP7g2SWpoHpVhMmGCX0
f9Dr79UE9K7UP1cyDRN5OUmFw3HF/X/WQ9BfgKO1OOyW7OLyn2+MEXGsm8Ov5LCs
DaFQDo6Qp2zV03Qf0SYkNFnIZ1sqlS1Um/edGP5+UlnYcdX8/Xr+XxCzcXQY7mmG
zLC4rKK0yjJ+fz5Id3GhG9qjKroEqVB/RIhbkqAj+VliQlAeL7qwrssyy0nj4UPD
xEPBq8y9EkWcuLQnCZVEmGF0zFPkpl4HVXJcj6yHhns4aDIeV3KuAgGqFPPx47qr
zCg7dOARhI+EL+jAx53PUyYvIoP/w4gcXFLt+opLMD6b
-----END CERTIFICATE-----
Generated at Sun May 3 15:22:47 2026 by rpki-client