Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f5576ca6-a1ae-4a46-b6ed-04a48efc19c7.roa
File: f5576ca6-a1ae-4a46-b6ed-04a48efc19c7.roa (raw, json)
Hash identifier: Ujb8mlQpET0TzGsHcLrH15hxbgK0nr1eQrgJPxcsCuI=
Subject key identifier: E1:0A:7F:C0:A7:C1:37:08:0A:12:17:0F:C4:8F:EA:28:EF:C7:BB:27
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 61798E2E0DA20F2540606254BEBCEFA0F14A125B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f5576ca6-a1ae-4a46-b6ed-04a48efc19c7.roa
Signing time: Mon 27 Apr 2026 00:40:35 +0000
ROA not before: Mon 27 Apr 2026 00:40:35 +0000
ROA not after: Sun 26 Jul 2026 23:59:59 +0000
asID: 14618
IP address blocks: 51.46.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 07 May 2026 07:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:79:8e:2e:0d:a2:0f:25:40:60:62:54:be:bc:ef:a0:f1:4a:12:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 27 00:40:35 2026 GMT
Not After : Jul 26 23:59:59 2026 GMT
Subject: serialNumber=94753d2de39e4b7ce8ed218420c6f451601b2280ba43d457f1cb6bd6bc4e3e34, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:b5:e8:4e:0a:46:ad:f8:92:ee:b2:7d:2e:c9:
55:34:af:98:3d:5e:ac:b7:18:32:0c:42:bb:a8:e0:
2d:97:87:c9:be:e3:9a:51:86:ac:85:95:4f:ec:8e:
21:a2:a4:90:5f:37:b1:51:dc:c3:39:2d:62:91:f9:
28:98:2c:e7:0a:37:a5:27:e1:3f:c0:1c:2b:00:38:
7b:ee:18:c5:b4:f8:cc:63:9f:e5:9a:b6:f7:78:f4:
0a:fe:66:ad:d2:8c:c9:62:8b:16:de:3d:c9:be:58:
6f:ff:f6:6b:ea:2c:16:a2:0e:f4:14:16:f7:fb:bd:
60:59:fa:e7:a0:70:a4:1e:95:a6:9b:f4:7b:2d:ae:
d2:61:6b:aa:58:3c:d3:79:51:93:a2:00:76:04:a8:
db:9f:6d:47:17:bd:91:c1:5b:71:75:ec:6d:51:5c:
a7:43:91:c2:43:e6:b4:e7:d7:b1:5b:f0:2f:32:47:
e5:17:59:b3:b7:d6:cb:76:4f:af:b7:71:55:bb:cd:
fc:bf:3a:60:4d:ed:68:98:7b:21:cd:99:cc:c1:ec:
e3:80:cb:34:ff:73:9b:be:e7:f0:5a:c5:0e:f1:03:
cb:16:70:69:56:91:95:0d:b4:70:55:e1:a0:4a:1c:
97:c1:4d:5d:e0:9b:72:d9:54:c4:14:38:00:ae:cd:
62:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:0A:7F:C0:A7:C1:37:08:0A:12:17:0F:C4:8F:EA:28:EF:C7:BB:27
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f5576ca6-a1ae-4a46-b6ed-04a48efc19c7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.46.0.0/15
Signature Algorithm: sha256WithRSAEncryption
c3:b4:cc:f8:39:d7:40:3e:98:81:34:23:56:fd:78:1d:f9:ca:
c8:f1:08:fa:a8:12:45:dc:56:e6:ff:0e:a3:6e:c4:a5:69:25:
ee:e1:4d:61:6f:c2:5e:52:52:61:e8:ea:19:a4:79:33:4b:f1:
d4:f9:48:7c:ec:21:5d:97:49:b1:33:c8:48:b7:e0:fe:2a:08:
0a:f1:aa:31:5a:e1:d3:9c:ed:95:ed:f0:e2:fd:44:51:81:48:
2e:32:fd:29:6d:42:97:c7:90:f8:32:2e:81:af:6d:de:35:4d:
93:8c:ba:3f:2d:5c:af:71:23:dd:b1:2c:a2:2c:da:af:0e:8f:
63:21:1a:6e:e6:dd:84:35:02:03:ac:69:63:4c:a0:a0:f6:73:
c2:20:70:db:8f:05:9a:49:6c:1c:84:44:10:d3:dc:f6:5b:18:
8a:89:a3:c3:7e:59:0b:64:d4:4c:49:8e:14:ea:c2:83:dc:b5:
dd:48:0d:84:8c:2a:17:0a:e6:fd:b1:40:fe:4b:b8:4f:b3:b5:
78:4e:80:e5:63:50:d5:a4:42:c9:ad:88:cc:2b:11:4d:5a:96:
99:6f:3a:a8:27:92:ac:c1:b1:8d:ef:04:cf:6e:17:bb:9d:bb:
9e:55:9c:d4:4c:19:21:d1:fa:a5:f8:a8:2b:18:38:c6:92:8c:
24:99:c0:cb
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUYXmOLg2iDyVAYGJUvrzvoPFKElswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA0MjcwMDQwMzVaFw0yNjA3MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDk0NzUzZDJkZTM5ZTRiN2NlOGVkMjE4NDIwYzZmNDUxNjAxYjIyODBiYTQz
ZDQ1N2YxY2I2YmQ2YmM0ZTNlMzQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKK16E4KRq34ku6yfS7JVTSvmD1erLcYMgxCu6jgLZeHyb7jmlGGrIWVT+yO
IaKkkF83sVHcwzktYpH5KJgs5wo3pSfhP8AcKwA4e+4YxbT4zGOf5Zq293j0Cv5m
rdKMyWKLFt49yb5Yb//2a+osFqIO9BQW9/u9YFn656BwpB6Vppv0ey2u0mFrqlg8
03lRk6IAdgSo259tRxe9kcFbcXXsbVFcp0ORwkPmtOfXsVvwLzJH5RdZs7fWy3ZP
r7dxVbvN/L86YE3taJh7Ic2ZzMHs44DLNP9zm77n8FrFDvEDyxZwaVaRlQ20cFXh
oEocl8FNXeCbctlUxBQ4AK7NYlUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBThCn/A
p8E3CAoSFw/Ej+oo78e7JzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjU1NzZjYTYtYTFhZS00YTQ2LWI2ZWQtMDRhNDhlZmMxOWM3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATMuMA0G
CSqGSIb3DQEBCwUAA4IBAQDDtMz4OddAPpiBNCNW/Xgd+crI8Qj6qBJF3Fbm/w6j
bsSlaSXu4U1hb8JeUlJh6OoZpHkzS/HU+Uh87CFdl0mxM8hIt+D+KggK8aoxWuHT
nO2V7fDi/URRgUguMv0pbUKXx5D4Mi6Br23eNU2TjLo/LVyvcSPdsSyiLNqvDo9j
IRpu5t2ENQIDrGljTKCg9nPCIHDbjwWaSWwchEQQ09z2WxiKiaPDflkLZNRMSY4U
6sKD3LXdSA2EjCoXCub9sUD+S7hPs7V4ToDlY1DVpELJrYjMKxFNWpaZbzqoJ5Ks
wbGN7wTPbhe7nbueVZzUTBkh0fql+KgrGDjGkowkmcDL
-----END CERTIFICATE-----
Generated at Wed May 6 10:17:43 2026 by rpki-client