Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc50f617-7597-4f4e-b8f6-87763b28caf0.roa
File: fc50f617-7597-4f4e-b8f6-87763b28caf0.roa (raw, json)
Hash identifier: 3rMN/2UKlLiLfo2RukK+dzn9oZFbbXCVzmMT7PQwEDo=
Subject key identifier: 1E:D6:3D:E2:38:D9:8F:E8:BB:55:69:27:24:61:86:2B:DC:3F:96:E4
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 62B263A449959E2171BAA938C9DEAC0295EE11AD
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc50f617-7597-4f4e-b8f6-87763b28caf0.roa
Signing time: Tue 19 May 2026 05:40:05 +0000
ROA not before: Tue 19 May 2026 05:40:05 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.121.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 31 May 2026 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:b2:63:a4:49:95:9e:21:71:ba:a9:38:c9:de:ac:02:95:ee:11:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 05:40:05 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=2b485b76a7bc463f1d715f6fdb1597984e418b0ef6bdc7d46c559612bff8be24, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:0e:e3:3d:9b:b5:c9:44:1e:77:2a:ec:68:19:
d4:48:9c:fc:51:65:16:6f:0d:99:4c:ab:ca:7e:ef:
eb:38:75:03:ca:d4:ed:7d:0e:89:0d:21:fe:b6:a7:
d9:70:ff:8f:e3:f1:8d:2a:96:73:c7:7f:cf:d1:f4:
e3:74:cd:fd:de:9a:a6:fa:4c:cf:7d:54:c7:9c:0f:
d4:6c:e3:c4:48:39:07:cd:63:36:ef:bc:40:ed:d8:
40:43:ae:eb:7c:15:af:a5:8f:78:c8:11:6d:b0:f9:
13:a8:a1:11:a6:27:5b:28:70:2b:76:38:02:3a:4f:
f0:fa:61:20:2f:93:b0:bb:4f:ff:9e:f6:15:b1:bb:
43:61:d1:e1:9a:92:bb:e6:c0:4f:e0:af:e6:bb:e8:
7c:aa:c7:43:48:44:81:16:bb:7f:e7:e5:0a:a8:8d:
8c:dd:e4:c4:bb:1f:13:58:11:46:73:42:98:00:16:
a4:0c:d1:9f:2f:e8:ee:19:be:9b:42:10:c4:29:ed:
c2:7c:d9:49:a1:ef:0a:ca:32:45:41:9c:58:60:60:
5a:5d:04:0d:2b:03:5b:b3:12:5e:be:35:00:9a:0f:
47:67:f2:dc:94:01:c7:b3:92:86:75:08:7b:f8:2f:
b0:42:42:19:12:4c:38:83:fe:ea:b4:1c:eb:5c:c0:
01:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:D6:3D:E2:38:D9:8F:E8:BB:55:69:27:24:61:86:2B:DC:3F:96:E4
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc50f617-7597-4f4e-b8f6-87763b28caf0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.121.0.0/16
Signature Algorithm: sha256WithRSAEncryption
62:15:1d:b4:08:bf:16:a0:d7:27:00:a7:1c:d9:43:18:e4:06:
f9:15:fc:48:e3:2c:83:a9:ad:b2:93:ad:3b:ad:81:0d:76:96:
06:ab:dd:36:b6:e3:e4:8b:5c:11:fa:85:93:ef:8a:9e:cd:97:
13:f0:a1:02:9d:1c:ce:f5:0e:10:c3:78:8a:e4:7b:49:61:29:
20:1a:7a:67:f9:91:72:21:a8:7f:65:79:69:06:2e:a9:8f:ba:
3f:be:50:c3:fc:c3:31:ea:fc:2f:e6:10:f5:ed:65:0a:35:52:
99:f1:8a:72:15:ee:ee:c3:ec:71:ae:c2:0a:dc:23:cd:97:01:
a8:b4:d5:ad:11:f5:3a:e1:79:29:44:02:07:40:e1:87:cf:7c:
d3:52:de:d4:b9:de:34:bb:dd:9b:32:87:df:10:e5:36:77:73:
e4:60:52:0e:0e:24:83:e9:c8:4f:65:bc:23:96:9d:b1:c0:09:
50:0a:47:c1:b5:f8:55:45:8b:1e:00:26:08:30:85:37:03:7b:
1e:c5:9d:dc:0f:e1:f8:3f:19:d9:52:35:8c:c4:ba:9e:49:76:
35:50:5b:ee:9b:fa:1b:2e:dc:6c:9f:f7:c0:22:a2:68:13:9a:
7e:91:63:52:d2:62:1c:b2:f9:28:f8:e5:fe:bd:e1:9e:bd:b7:
87:a6:ae:37
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUYrJjpEmVniFxuqk4yd6sApXuEa0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNTQwMDVaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDJiNDg1Yjc2YTdiYzQ2M2YxZDcxNWY2ZmRiMTU5Nzk4NGU0MThiMGVmNmJk
YzdkNDZjNTU5NjEyYmZmOGJlMjQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALgO4z2btclEHncq7GgZ1Eic/FFlFm8NmUyryn7v6zh1A8rU7X0OiQ0h/ran
2XD/j+PxjSqWc8d/z9H043TN/d6apvpMz31Ux5wP1GzjxEg5B81jNu+8QO3YQEOu
63wVr6WPeMgRbbD5E6ihEaYnWyhwK3Y4AjpP8PphIC+TsLtP/572FbG7Q2HR4ZqS
u+bAT+Cv5rvofKrHQ0hEgRa7f+flCqiNjN3kxLsfE1gRRnNCmAAWpAzRny/o7hm+
m0IQxCntwnzZSaHvCsoyRUGcWGBgWl0EDSsDW7MSXr41AJoPR2fy3JQBx7OShnUI
e/gvsEJCGRJMOIP+6rQc61zAAa0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQe1j3i
ONmP6LtVaSckYYYr3D+W5DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmM1MGY2MTctNzU5Ny00ZjRlLWI4ZjYtODc3NjNiMjhjYWYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN5MA0G
CSqGSIb3DQEBCwUAA4IBAQBiFR20CL8WoNcnAKcc2UMY5Ab5FfxI4yyDqa2yk607
rYENdpYGq902tuPki1wR+oWT74qezZcT8KECnRzO9Q4Qw3iK5HtJYSkgGnpn+ZFy
Iah/ZXlpBi6pj7o/vlDD/MMx6vwv5hD17WUKNVKZ8YpyFe7uw+xxrsIK3CPNlwGo
tNWtEfU64XkpRAIHQOGHz3zTUt7Uud40u92bMoffEOU2d3PkYFIODiSD6chPZbwj
lp2xwAlQCkfBtfhVRYseACYIMIU3A3sexZ3cD+H4PxnZUjWMxLqeSXY1UFvum/ob
Ltxsn/fAIqJoE5p+kWNS0mIcsvko+OX+veGevbeHpq43
-----END CERTIFICATE-----
Generated at Sat May 30 16:51:54 2026 by rpki-client