Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/09ec97ca-044e-4785-bdd4-fcf9e8d514ca.roa
File: 09ec97ca-044e-4785-bdd4-fcf9e8d514ca.roa (raw, json)
Hash identifier: BlnN+VButSzo0gyKDdfw2m2v3KCNwqk3OETfBLskTBE=
Subject key identifier: F1:63:E4:47:AD:9A:A5:09:EB:42:8A:7B:99:53:D3:AD:E3:D8:84:94
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0BDA0E086DE23A46BBBCE1D2C05C5EC895B2AEF9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/09ec97ca-044e-4785-bdd4-fcf9e8d514ca.roa
Signing time: Tue 19 May 2026 06:00:06 +0000
ROA not before: Tue 19 May 2026 06:00:06 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.122.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:da:0e:08:6d:e2:3a:46:bb:bc:e1:d2:c0:5c:5e:c8:95:b2:ae:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 06:00:06 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=9bcff66aa3e333a7943e37241750922db3783d97889861207654778d01e266a0, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:6f:92:5d:90:b7:dc:a1:a6:e7:93:f4:a3:09:
99:b9:4c:3d:d5:0b:27:5b:31:a2:3b:fa:51:aa:6d:
a0:3e:af:54:72:74:01:46:d1:1f:c6:ad:7b:77:4d:
1f:c9:8c:55:bf:27:5b:5d:e4:ee:10:4c:0e:5b:44:
52:b1:e8:52:ed:89:af:d9:46:93:19:cd:db:a4:c4:
c2:ec:f7:7f:fc:ba:8c:c7:f4:55:a6:ca:d7:98:85:
de:f6:f5:e9:c9:4d:5b:7a:48:a2:c7:74:c5:67:7e:
4b:a2:23:1f:54:c0:a5:5d:6a:83:bd:26:ab:61:f7:
92:f8:e2:61:ba:33:67:c7:13:58:d7:ed:27:18:5a:
b4:99:ce:8e:68:83:40:dd:2f:8b:91:da:dc:e8:72:
fd:a5:09:a1:99:e2:8e:78:d2:ad:57:7d:00:06:1f:
da:7f:59:1d:0f:4f:c4:57:51:74:7f:cb:af:50:0e:
f3:e3:d7:a8:71:d1:b0:48:eb:ff:c5:46:3d:bf:41:
fb:d3:88:c7:4d:a7:4d:1f:fd:c3:44:2f:9f:f7:70:
30:3c:67:43:6b:e9:12:88:7c:25:0d:f9:74:56:0d:
ec:ec:cf:b8:3a:a5:fb:35:a3:69:0d:3f:e4:c0:1c:
38:43:b0:99:cb:b1:da:93:5c:63:06:94:94:8f:2c:
ba:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:63:E4:47:AD:9A:A5:09:EB:42:8A:7B:99:53:D3:AD:E3:D8:84:94
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/09ec97ca-044e-4785-bdd4-fcf9e8d514ca.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.122.0.0/15
Signature Algorithm: sha256WithRSAEncryption
b1:59:50:ad:92:e8:74:b1:bb:ef:65:1a:57:89:aa:87:10:56:
5a:66:13:77:8b:fc:a4:6a:56:9d:c2:2d:74:b2:24:45:7a:19:
ad:65:52:58:f4:fe:da:76:38:a0:99:15:03:d9:a9:4e:9a:25:
4a:36:3e:a6:53:9c:99:67:71:c7:e0:8b:d3:ca:57:5f:60:14:
f8:e8:90:8f:0a:56:4e:83:a4:5c:27:e7:c6:69:e4:4f:7f:44:
20:6c:2a:8c:a5:2a:15:47:b0:40:95:2a:af:20:28:35:83:96:
83:ec:96:e9:66:c4:da:0d:b4:c6:83:bf:08:8b:ba:4f:07:60:
48:f0:b7:89:b6:7c:2f:cc:9a:1d:84:4c:66:05:53:69:c7:70:
ad:56:5c:1c:28:fa:90:4c:7b:8a:16:f2:95:3b:75:12:76:50:
a6:39:c2:8d:f7:9d:fb:06:62:fe:3d:c3:fd:b3:90:3c:ee:69:
0b:19:b1:3c:a5:58:d5:b5:ed:c1:69:50:f4:09:e1:63:73:3e:
9e:47:1c:60:f6:cb:be:b1:6d:d7:37:20:d6:ac:d2:1c:65:f9:
25:5d:d4:d7:92:f8:54:dd:e0:a0:36:68:c1:a0:6a:8b:82:c4:
61:4d:b8:f0:4e:e3:ff:7f:28:64:9d:a7:9e:92:4b:79:bf:72:
3a:3c:b7:99
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUC9oOCG3iOka7vOHSwFxeyJWyrvkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNjAwMDZaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDliY2ZmNjZhYTNlMzMzYTc5NDNlMzcyNDE3NTA5MjJkYjM3ODNkOTc4ODk4
NjEyMDc2NTQ3NzhkMDFlMjY2YTAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJlvkl2Qt9yhpueT9KMJmblMPdULJ1sxojv6UaptoD6vVHJ0AUbRH8ate3dN
H8mMVb8nW13k7hBMDltEUrHoUu2Jr9lGkxnN26TEwuz3f/y6jMf0VabK15iF3vb1
6clNW3pIosd0xWd+S6IjH1TApV1qg70mq2H3kvjiYbozZ8cTWNftJxhatJnOjmiD
QN0vi5Ha3Ohy/aUJoZnijnjSrVd9AAYf2n9ZHQ9PxFdRdH/Lr1AO8+PXqHHRsEjr
/8VGPb9B+9OIx02nTR/9w0Qvn/dwMDxnQ2vpEoh8JQ35dFYN7OzPuDql+zWjaQ0/
5MAcOEOwmcux2pNcYwaUlI8sujcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTxY+RH
rZqlCetCinuZU9Ot49iElDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDllYzk3Y2EtMDQ0ZS00Nzg1LWJkZDQtZmNmOWU4ZDUxNGNhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATN6MA0G
CSqGSIb3DQEBCwUAA4IBAQCxWVCtkuh0sbvvZRpXiaqHEFZaZhN3i/ykaladwi10
siRFehmtZVJY9P7adjigmRUD2alOmiVKNj6mU5yZZ3HH4IvTyldfYBT46JCPClZO
g6RcJ+fGaeRPf0QgbCqMpSoVR7BAlSqvICg1g5aD7JbpZsTaDbTGg78Ii7pPB2BI
8LeJtnwvzJodhExmBVNpx3CtVlwcKPqQTHuKFvKVO3USdlCmOcKN9537BmL+PcP9
s5A87mkLGbE8pVjVte3BaVD0CeFjcz6eRxxg9su+sW3XNyDWrNIcZfklXdTXkvhU
3eCgNmjBoGqLgsRhTbjwTuP/fyhknaeekkt5v3I6PLeZ
-----END CERTIFICATE-----
Generated at Wed Jun 3 04:56:57 2026 by rpki-client