Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fa9f76b3-644f-4e7b-96b8-a50117fd4d67.roa
File: fa9f76b3-644f-4e7b-96b8-a50117fd4d67.roa (raw, json)
Hash identifier: XapGQtkRLi88h/XvRhb5nmTidcYM5Nl2wmBF0K4lUUA=
Subject key identifier: 6B:AD:13:3B:B0:27:A2:48:FF:E0:17:38:09:16:EA:D8:D6:B1:D5:B5
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3AEDDB29CCF34974BAC4D6204A4274BBAFC597A0
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fa9f76b3-644f-4e7b-96b8-a50117fd4d67.roa
Signing time: Tue 19 May 2026 05:50:20 +0000
ROA not before: Tue 19 May 2026 05:50:20 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.76.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jun 2026 01:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:ed:db:29:cc:f3:49:74:ba:c4:d6:20:4a:42:74:bb:af:c5:97:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 05:50:20 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=1518d5adc0594225bde1b71973ce24e500aaa415bbcfe7764d299d0a39e72d70, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:71:2d:a6:3a:1c:ac:a1:5a:5d:30:5e:b1:23:
72:5e:47:b4:ad:6b:08:4b:f4:65:d4:93:e6:d9:44:
c8:b7:58:83:3e:97:08:0c:d8:8b:fa:2c:6f:e7:6b:
1c:85:89:b5:67:51:c0:2d:97:eb:5f:14:81:0e:56:
de:2e:dc:e3:6e:02:dc:fe:b4:8e:12:89:cc:f1:9c:
a4:ab:94:c7:1f:8c:49:a1:03:bc:6f:81:56:7e:60:
5c:b8:e9:e7:d7:09:00:20:d1:08:a0:a4:dd:b6:b0:
4c:d2:30:56:e1:b7:84:dd:b5:bb:49:21:4c:a8:22:
f6:71:f7:69:55:49:85:73:a8:99:bc:d3:ac:e7:bd:
61:82:74:89:cd:57:5d:e6:8d:31:a9:70:d4:0a:3d:
b9:3d:36:ee:aa:8f:6d:e6:b8:8d:10:5c:ee:ed:07:
f4:d0:28:3d:69:95:8b:29:b3:26:13:70:bd:19:ef:
60:29:62:4f:1a:55:7f:f0:b5:f5:0e:fb:7a:ec:25:
c2:0d:0f:62:84:48:ac:22:5f:62:12:27:49:91:7b:
6a:f2:55:4e:b4:9d:19:d3:e4:52:5f:0a:34:f5:45:
2c:d3:1d:c0:ff:a8:82:3e:15:38:b7:dd:5a:96:92:
83:8e:e5:3e:b9:50:1b:a1:0a:a2:d2:34:32:81:f2:
37:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:AD:13:3B:B0:27:A2:48:FF:E0:17:38:09:16:EA:D8:D6:B1:D5:B5
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fa9f76b3-644f-4e7b-96b8-a50117fd4d67.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.76.0.0/16
Signature Algorithm: sha256WithRSAEncryption
28:43:e9:e3:f7:5a:f4:1c:63:fe:f7:d7:7e:83:c8:5a:4a:e4:
3e:26:7c:4d:6c:27:2e:1f:a3:ba:b7:60:7b:f3:43:e1:53:0c:
ab:f3:88:2d:5e:ec:d4:48:69:3d:8a:f9:30:3b:95:00:63:d1:
45:fd:1d:2b:dd:14:00:4b:4e:09:c4:e9:53:27:84:e9:75:02:
c2:95:d1:de:ff:01:dc:b5:f5:72:b8:3a:1c:e9:40:8f:d4:51:
04:59:c5:f4:b8:a4:f9:9f:33:b3:2b:d9:da:e6:a2:3b:0d:1b:
c9:72:62:f4:9f:78:b2:39:93:7b:7a:79:8c:02:a9:eb:00:6d:
71:00:8c:f8:6d:a8:ef:dc:18:5e:9b:39:4f:f3:75:25:70:0a:
e4:7b:e2:ee:07:c5:a6:1b:44:7f:7e:33:a8:7d:ee:04:04:38:
44:00:8f:fc:73:61:32:ec:4d:de:da:d6:0e:15:3e:1e:e4:f4:
fd:93:5c:11:71:56:b2:54:22:cf:e0:d1:1b:90:ce:41:5e:78:
d8:de:c5:6a:69:23:d2:8b:03:fa:40:c0:52:8b:a4:01:01:67:
d2:70:45:9b:d8:02:f1:41:47:fc:5e:76:83:56:b2:e8:2a:ff:
54:56:48:cb:b7:84:c3:c9:59:0f:df:f6:a0:cf:3c:d6:a8:83:
b2:ff:1a:96
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUOu3bKczzSXS6xNYgSkJ0u6/Fl6AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNTUwMjBaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDE1MThkNWFkYzA1OTQyMjViZGUxYjcxOTczY2UyNGU1MDBhYWE0MTViYmNm
ZTc3NjRkMjk5ZDBhMzllNzJkNzAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM1xLaY6HKyhWl0wXrEjcl5HtK1rCEv0ZdST5tlEyLdYgz6XCAzYi/osb+dr
HIWJtWdRwC2X618UgQ5W3i7c424C3P60jhKJzPGcpKuUxx+MSaEDvG+BVn5gXLjp
59cJACDRCKCk3bawTNIwVuG3hN21u0khTKgi9nH3aVVJhXOombzTrOe9YYJ0ic1X
XeaNMalw1Ao9uT027qqPbea4jRBc7u0H9NAoPWmViymzJhNwvRnvYCliTxpVf/C1
9Q77euwlwg0PYoRIrCJfYhInSZF7avJVTrSdGdPkUl8KNPVFLNMdwP+ogj4VOLfd
WpaSg47lPrlQG6EKotI0MoHyN90CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRrrRM7
sCeiSP/gFzgJFurY1rHVtTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmE5Zjc2YjMtNjQ0Zi00ZTdiLTk2YjgtYTUwMTE3ZmQ0ZDY3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNMMA0G
CSqGSIb3DQEBCwUAA4IBAQAoQ+nj91r0HGP+99d+g8haSuQ+JnxNbCcuH6O6t2B7
80PhUwyr84gtXuzUSGk9ivkwO5UAY9FF/R0r3RQAS04JxOlTJ4TpdQLCldHe/wHc
tfVyuDoc6UCP1FEEWcX0uKT5nzOzK9na5qI7DRvJcmL0n3iyOZN7enmMAqnrAG1x
AIz4bajv3BhemzlP83UlcArke+LuB8WmG0R/fjOofe4EBDhEAI/8c2Ey7E3e2tYO
FT4e5PT9k1wRcVayVCLP4NEbkM5BXnjY3sVqaSPSiwP6QMBSi6QBAWfScEWb2ALx
QUf8XnaDVrLoKv9UVkjLt4TDyVkP3/agzzzWqIOy/xqW
-----END CERTIFICATE-----
Generated at Tue Jun 2 02:40:14 2026 by rpki-client