Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0a36b38b-9bd1-4014-823d-9204a303350e.roa
File: 0a36b38b-9bd1-4014-823d-9204a303350e.roa (raw, json)
Hash identifier: UuVO5SgJreb6YfNVE+5dKqgO9WZ376Gd/dxr1Ds+C0U=
Subject key identifier: 41:28:B0:77:E3:97:6C:36:D9:9B:69:A7:F9:0F:A2:48:DB:5A:22:FE
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 63D0520E7D215811D4EFADA7F2E2B6F2B10529CB
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0a36b38b-9bd1-4014-823d-9204a303350e.roa
Signing time: Mon 27 Apr 2026 00:40:08 +0000
ROA not before: Mon 27 Apr 2026 00:40:08 +0000
ROA not after: Sun 26 Jul 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.21.183.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 04 May 2026 05:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:d0:52:0e:7d:21:58:11:d4:ef:ad:a7:f2:e2:b6:f2:b1:05:29:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 27 00:40:08 2026 GMT
Not After : Jul 26 23:59:59 2026 GMT
Subject: serialNumber=1b0462bd7026af511db6ee83bfaf5a0e0697559f2274a9ca6d2fe018b89c8bfa, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:62:1f:47:97:ee:7d:ba:b7:ae:14:de:1f:02:
85:f5:37:5f:56:6b:2d:44:e8:ca:3b:77:fb:1c:39:
73:bf:fa:36:ba:91:d2:53:ae:17:ab:ad:75:84:0d:
d6:5e:0b:b7:2f:c1:32:ef:15:8e:84:f3:15:65:1f:
67:ea:7c:b7:f0:b2:b2:75:97:97:ac:e3:1c:e4:1d:
b0:e0:9b:37:d6:2b:c4:58:2c:df:7d:8d:e4:b0:5d:
ae:7f:27:d8:30:6b:eb:91:76:fe:bc:60:82:7a:41:
34:e1:21:79:ac:a1:d9:d4:88:12:9d:31:8c:25:e5:
e6:32:f0:b8:b5:72:5b:1f:82:19:d2:d4:bc:0c:82:
59:8a:1e:04:35:23:1a:36:e6:52:ed:3b:41:d2:7a:
86:87:73:bf:af:f9:f5:36:e6:13:1f:82:30:de:ff:
1f:7a:4c:17:09:e6:76:0b:8b:95:1a:a9:08:95:58:
9a:eb:fc:ef:12:80:63:6d:4b:74:24:0a:80:e7:50:
c4:77:f3:63:69:0e:33:2a:71:84:83:10:a5:a2:7f:
4e:e8:3a:7e:c2:cd:5a:52:59:3a:45:41:83:af:48:
e0:2e:84:88:91:30:f2:0a:2f:ab:82:52:9b:20:63:
52:0b:0b:b2:24:2d:6d:f0:94:d6:b8:4f:4d:07:26:
f1:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:28:B0:77:E3:97:6C:36:D9:9B:69:A7:F9:0F:A2:48:DB:5A:22:FE
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0a36b38b-9bd1-4014-823d-9204a303350e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.21.183.0/24
Signature Algorithm: sha256WithRSAEncryption
40:70:0d:0a:c0:b7:e1:2c:82:67:67:33:8d:63:42:57:5d:0c:
98:73:ca:4b:af:6f:c2:32:a9:d2:fd:2f:79:91:5c:ae:c5:85:
1e:85:e9:7c:fa:c4:ca:22:3a:cd:80:82:c6:0d:5c:bc:e4:b6:
98:33:e0:13:e0:3d:ae:f4:f5:9d:c6:d1:0d:0a:f4:22:b8:1c:
23:9d:b1:28:5c:29:c7:d1:a5:0d:51:c9:ad:c7:1f:b2:bf:a3:
97:3e:a6:ad:b7:ef:ea:b5:39:2c:44:15:01:ca:2c:66:5b:26:
14:83:9e:fa:ac:35:8f:c4:17:fb:95:e4:ca:6b:77:6c:12:3c:
86:1d:f7:5e:5d:3b:d1:cb:7b:9f:d9:43:ca:6a:3c:9a:38:85:
0f:97:4b:76:00:45:c0:28:87:36:75:c3:d8:c5:c4:f7:db:9a:
ad:77:4b:f6:b8:87:81:3b:35:68:8b:01:a1:72:9f:d3:3a:f6:
63:f3:4e:84:bd:54:fa:44:4c:cb:67:18:f1:00:42:50:99:6a:
f8:a6:f7:e3:ab:9f:80:d7:01:f9:b4:10:6b:b5:43:0d:28:07:
3a:6b:03:7d:9b:78:27:72:d1:b1:c1:a5:27:7b:31:a8:d4:63:
1f:66:95:8d:cc:41:97:a2:5a:ef:c4:5f:c5:83:cf:ac:fc:3c:
9a:9f:91:2f
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUY9BSDn0hWBHU762n8uK28rEFKcswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA0MjcwMDQwMDhaFw0yNjA3MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDFiMDQ2MmJkNzAyNmFmNTExZGI2ZWU4M2JmYWY1YTBlMDY5NzU1OWYyMjc0
YTljYTZkMmZlMDE4Yjg5YzhiZmExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM5iH0eX7n26t64U3h8ChfU3X1ZrLUToyjt3+xw5c7/6NrqR0lOuF6utdYQN
1l4Lty/BMu8VjoTzFWUfZ+p8t/CysnWXl6zjHOQdsOCbN9YrxFgs332N5LBdrn8n
2DBr65F2/rxggnpBNOEheayh2dSIEp0xjCXl5jLwuLVyWx+CGdLUvAyCWYoeBDUj
GjbmUu07QdJ6hodzv6/59TbmEx+CMN7/H3pMFwnmdguLlRqpCJVYmuv87xKAY21L
dCQKgOdQxHfzY2kOMypxhIMQpaJ/Tug6fsLNWlJZOkVBg69I4C6EiJEw8govq4JS
myBjUgsLsiQtbfCU1rhPTQcm8X8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRBKLB3
45dsNtmbaaf5D6JI21oi/jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MGEzNmIzOGItOWJkMS00MDE0LTgyM2QtOTIwNGEzMDMzNTBlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADMVtzAN
BgkqhkiG9w0BAQsFAAOCAQEAQHANCsC34SyCZ2czjWNCV10MmHPKS69vwjKp0v0v
eZFcrsWFHoXpfPrEyiI6zYCCxg1cvOS2mDPgE+A9rvT1ncbRDQr0IrgcI52xKFwp
x9GlDVHJrccfsr+jlz6mrbfv6rU5LEQVAcosZlsmFIOe+qw1j8QX+5Xkymt3bBI8
hh33Xl070ct7n9lDymo8mjiFD5dLdgBFwCiHNnXD2MXE99uarXdL9riHgTs1aIsB
oXKf0zr2Y/NOhL1U+kRMy2cY8QBCUJlq+Kb346ufgNcB+bQQa7VDDSgHOmsDfZt4
J3LRscGlJ3sxqNRjH2aVjcxBl6Ja78RfxYPPrPw8mp+RLw==
-----END CERTIFICATE-----
Generated at Sun May 3 14:48:13 2026 by rpki-client