Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4e6b1e-120a-454b-8ea2-2504e0f34b7e.roa
File: fe4e6b1e-120a-454b-8ea2-2504e0f34b7e.roa (raw, json)
Hash identifier: MXLmVduyhcVynghhV3WrHh0YZw6QYHyzAOSmd0Paww0=
Subject key identifier: 42:40:CC:8A:89:EB:DB:6F:0A:94:91:D4:7E:A7:E8:21:C0:01:91:EA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 43E3CFBB8624BFB871FB54A8738C45E162A59773
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4e6b1e-120a-454b-8ea2-2504e0f34b7e.roa
Signing time: Mon 27 Apr 2026 00:40:31 +0000
ROA not before: Mon 27 Apr 2026 00:40:31 +0000
ROA not after: Sun 26 Jul 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.85.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 04 May 2026 11:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:e3:cf:bb:86:24:bf:b8:71:fb:54:a8:73:8c:45:e1:62:a5:97:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 27 00:40:31 2026 GMT
Not After : Jul 26 23:59:59 2026 GMT
Subject: serialNumber=e4b284edf1a669ff9b614b90bdc086c1dccff32f92ef6b3a9bebadf55fb94286, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:0c:c7:2c:cc:d2:26:3c:29:c2:1e:0c:1e:ee:
20:dc:59:c0:8f:62:1c:d0:30:c8:c8:54:7f:a5:e2:
1a:ce:76:2b:ad:e3:af:c4:01:6a:e4:b1:a2:84:56:
48:c4:3d:73:2b:65:27:b0:60:cf:a8:c3:0b:eb:3a:
51:2b:4c:2c:e3:a5:5f:11:52:7a:cf:f4:2e:5d:63:
67:3e:06:30:80:f0:4a:8e:27:38:47:92:35:77:2a:
60:d0:13:dc:66:81:75:28:c5:be:44:0a:0b:a1:17:
24:ab:56:a8:da:a0:da:6f:f3:fe:ef:34:c7:38:df:
ae:70:a1:70:41:03:a2:84:82:b4:db:6c:6f:73:a5:
0c:97:4d:c4:37:6f:de:61:e4:2c:2b:d3:dc:8e:4e:
63:58:b7:61:7d:5d:12:57:3a:c1:2f:87:18:f8:1a:
a9:5e:a9:21:90:dd:93:a8:4a:9e:6a:1e:02:85:d8:
05:8a:99:b5:af:a0:22:df:14:59:59:92:7f:da:6c:
76:66:d6:8f:60:48:88:3d:14:f4:a5:8d:c1:e5:1a:
e1:a7:e6:80:a4:d9:1b:74:5f:1a:09:1c:a1:7d:e6:
16:82:12:b2:26:59:cc:a7:aa:c0:bc:93:5e:95:18:
84:75:e6:cc:b0:7f:42:6f:24:6d:9b:33:28:a8:dc:
f8:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:40:CC:8A:89:EB:DB:6F:0A:94:91:D4:7E:A7:E8:21:C0:01:91:EA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4e6b1e-120a-454b-8ea2-2504e0f34b7e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.85.0.0/16
Signature Algorithm: sha256WithRSAEncryption
42:a8:75:e9:23:3f:f3:ad:0b:ce:e7:ff:37:b9:ab:8b:28:f7:
42:36:a8:49:b1:c3:cc:09:e2:b6:1d:89:86:a8:8a:d9:47:fe:
8a:45:af:b4:65:72:b6:38:74:f6:74:83:65:ce:58:53:dc:ea:
3f:9b:ae:c8:26:9a:a7:0a:46:f1:63:de:dd:20:26:9c:16:7c:
aa:b4:99:86:e3:21:15:3d:1b:44:85:64:58:e4:9a:c0:0b:5a:
39:b5:a1:c8:c8:ae:21:18:fb:ad:5e:b4:0e:97:aa:d5:55:63:
49:05:da:38:e6:e8:d1:66:93:ef:41:35:1b:ae:7a:ec:8a:0d:
b1:b8:97:0e:0a:0e:d2:c3:e7:36:bd:bc:39:fd:a8:e0:78:dd:
7e:de:81:b4:43:b2:b5:44:af:51:df:73:1d:b7:69:98:cc:9a:
e5:c6:10:7b:86:02:e2:a3:e2:f6:3c:75:bb:e2:55:3b:74:90:
a4:53:cf:df:e4:4f:24:e7:6e:0c:93:50:dd:ec:08:ed:5d:4d:
5b:ac:f5:29:17:cd:ba:7d:7f:ed:0d:5e:3f:4d:59:f4:33:e1:
7f:84:03:5e:17:5e:71:5f:07:4f:d3:e8:ff:91:a9:b4:33:4a:
17:5a:0a:9a:88:8c:0b:18:73:1e:16:72:43:fd:18:d3:da:f1:
af:36:fb:9e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUQ+PPu4Ykv7hx+1Soc4xF4WKll3MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA0MjcwMDQwMzFaFw0yNjA3MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGU0YjI4NGVkZjFhNjY5ZmY5YjYxNGI5MGJkYzA4NmMxZGNjZmYzMmY5MmVm
NmIzYTliZWJhZGY1NWZiOTQyODYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMEMxyzM0iY8KcIeDB7uINxZwI9iHNAwyMhUf6XiGs52K63jr8QBauSxooRW
SMQ9cytlJ7Bgz6jDC+s6UStMLOOlXxFSes/0Ll1jZz4GMIDwSo4nOEeSNXcqYNAT
3GaBdSjFvkQKC6EXJKtWqNqg2m/z/u80xzjfrnChcEEDooSCtNtsb3OlDJdNxDdv
3mHkLCvT3I5OY1i3YX1dElc6wS+HGPgaqV6pIZDdk6hKnmoeAoXYBYqZta+gIt8U
WVmSf9psdmbWj2BIiD0U9KWNweUa4afmgKTZG3RfGgkcoX3mFoISsiZZzKeqwLyT
XpUYhHXmzLB/Qm8kbZszKKjc+CcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRCQMyK
ievbbwqUkdR+p+ghwAGR6jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmU0ZTZiMWUtMTIwYS00NTRiLThlYTItMjUwNGUwZjM0YjdlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNVMA0G
CSqGSIb3DQEBCwUAA4IBAQBCqHXpIz/zrQvO5/83uauLKPdCNqhJscPMCeK2HYmG
qIrZR/6KRa+0ZXK2OHT2dINlzlhT3Oo/m67IJpqnCkbxY97dICacFnyqtJmG4yEV
PRtEhWRY5JrAC1o5taHIyK4hGPutXrQOl6rVVWNJBdo45ujRZpPvQTUbrnrsig2x
uJcOCg7Sw+c2vbw5/ajgeN1+3oG0Q7K1RK9R33Mdt2mYzJrlxhB7hgLio+L2PHW7
4lU7dJCkU8/f5E8k524Mk1Dd7AjtXU1brPUpF826fX/tDV4/TVn0M+F/hANeF15x
XwdP0+j/kam0M0oXWgqaiIwLGHMeFnJD/RjT2vGvNvue
-----END CERTIFICATE-----
Generated at Sun May 3 16:11:21 2026 by rpki-client