Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/16466217-dced-4a5a-a70d-36ae6ab6acbe.roa
File: 16466217-dced-4a5a-a70d-36ae6ab6acbe.roa (raw, json)
Hash identifier: JHQYnn7dvBuGV4Ev8NbFYaUFDEBY74IGupLAY857tOs=
Subject key identifier: FA:6D:3A:A8:E8:77:D1:3E:99:24:6D:34:14:32:35:24:26:0D:66:AF
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0970EFC84DCD3A31280967B585722D7ED8672983
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/16466217-dced-4a5a-a70d-36ae6ab6acbe.roa
Signing time: Mon 27 Apr 2026 00:40:30 +0000
ROA not before: Mon 27 Apr 2026 00:40:30 +0000
ROA not after: Sun 26 Jul 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.92.0.0/14 maxlen: 14
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 04 May 2026 05:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:70:ef:c8:4d:cd:3a:31:28:09:67:b5:85:72:2d:7e:d8:67:29:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 27 00:40:30 2026 GMT
Not After : Jul 26 23:59:59 2026 GMT
Subject: serialNumber=ef949285f51b5f40041ecbfa8b32febbc3cc836d8e6f1bc40980136238565566, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:85:f8:82:17:f5:d9:22:75:67:f6:40:93:ee:
84:49:4c:40:87:93:9f:d6:34:61:4b:1d:08:34:07:
0b:7b:e2:be:bf:89:ed:4a:3e:8e:6d:65:f8:fc:5d:
75:19:ef:65:4c:7e:a2:c3:c1:fc:00:d6:7d:3f:db:
a5:87:5a:f9:be:07:f2:9f:44:a8:87:6f:b4:c9:37:
0f:17:0d:63:3b:ba:28:96:c4:aa:6b:8f:25:cb:fc:
d9:3c:ef:33:88:57:62:cd:64:6c:55:5e:d5:4f:83:
57:ff:f9:33:5f:8e:3d:e4:8a:55:d3:10:f0:5e:db:
27:ae:1e:93:4e:2e:1f:cb:17:2a:e8:a4:73:a5:14:
e3:66:ab:06:04:95:b2:41:85:24:23:a5:15:e9:71:
e1:77:df:0b:bf:78:d9:91:4b:96:7b:1c:d1:36:0c:
5f:39:d1:38:dc:74:38:08:26:5a:8d:a6:f2:39:27:
e3:86:37:90:b2:19:5b:0b:a7:92:87:8a:a7:28:6c:
07:b7:75:dc:c2:23:b4:33:a9:a1:ee:02:48:82:72:
8a:8c:1c:2e:92:89:61:c0:d9:ec:5b:b0:41:17:28:
90:85:c8:a6:a6:59:ee:c7:27:a4:90:b2:48:c9:ec:
19:8e:58:25:cb:0e:fd:c6:58:32:d0:35:70:12:6a:
67:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:6D:3A:A8:E8:77:D1:3E:99:24:6D:34:14:32:35:24:26:0D:66:AF
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/16466217-dced-4a5a-a70d-36ae6ab6acbe.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.92.0.0/14
Signature Algorithm: sha256WithRSAEncryption
88:c8:34:2d:6a:62:44:a8:ee:56:96:11:1e:10:10:70:7b:ba:
e0:c6:c2:98:ba:10:10:46:2c:b4:5e:81:9a:b1:de:c5:e8:f5:
c8:5f:75:44:91:1f:51:2c:3f:38:86:3c:64:e5:52:7e:b9:22:
7f:5b:f4:9e:cb:2b:74:b2:22:33:ff:48:58:bb:b7:ca:bd:ba:
3e:c2:78:53:61:8e:ed:6c:1b:9e:50:5d:4a:a1:10:ee:8b:e8:
40:e7:fd:53:9b:d7:a7:ed:97:b3:ea:07:c7:77:bc:51:d1:07:
26:8a:e0:cf:30:02:11:fc:c3:75:af:06:01:57:bb:8f:bc:ee:
fa:cb:4c:9a:af:45:7f:d8:ef:66:70:1d:93:7b:55:68:fb:6f:
32:7a:d6:95:ba:10:0c:b1:c6:5b:28:5c:fa:18:9e:aa:f0:3f:
39:5a:af:0c:b1:25:05:ce:67:a0:62:ad:4f:74:35:e4:2f:48:
d0:9a:f3:04:62:55:46:f5:5f:99:98:e7:c5:fa:35:e0:5e:65:
47:4b:0d:01:42:c2:e3:67:ca:e2:64:11:73:28:b9:dd:bb:a9:
37:d8:bf:e6:f5:b2:bc:9f:67:da:0e:ed:d2:04:d8:31:bd:34:
e5:5c:88:85:d6:18:af:b0:eb:e1:87:44:f1:03:55:ce:dc:fc:
6b:10:f6:d7
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUCXDvyE3NOjEoCWe1hXItfthnKYMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA0MjcwMDQwMzBaFw0yNjA3MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGVmOTQ5Mjg1ZjUxYjVmNDAwNDFlY2JmYThiMzJmZWJiYzNjYzgzNmQ4ZTZm
MWJjNDA5ODAxMzYyMzg1NjU1NjYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ6F+IIX9dkidWf2QJPuhElMQIeTn9Y0YUsdCDQHC3vivr+J7Uo+jm1l+Pxd
dRnvZUx+osPB/ADWfT/bpYda+b4H8p9EqIdvtMk3DxcNYzu6KJbEqmuPJcv82Tzv
M4hXYs1kbFVe1U+DV//5M1+OPeSKVdMQ8F7bJ64ek04uH8sXKuikc6UU42arBgSV
skGFJCOlFelx4XffC7942ZFLlnsc0TYMXznRONx0OAgmWo2m8jkn44Y3kLIZWwun
koeKpyhsB7d13MIjtDOpoe4CSIJyiowcLpKJYcDZ7FuwQRcokIXIpqZZ7scnpJCy
SMnsGY5YJcsO/cZYMtA1cBJqZ1ECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT6bTqo
6HfRPpkkbTQUMjUkJg1mrzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTY0NjYyMTctZGNlZC00YTVhLWE3MGQtMzZhZTZhYjZhY2JlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjNcMA0G
CSqGSIb3DQEBCwUAA4IBAQCIyDQtamJEqO5WlhEeEBBwe7rgxsKYuhAQRiy0XoGa
sd7F6PXIX3VEkR9RLD84hjxk5VJ+uSJ/W/Seyyt0siIz/0hYu7fKvbo+wnhTYY7t
bBueUF1KoRDui+hA5/1Tm9en7Zez6gfHd7xR0QcmiuDPMAIR/MN1rwYBV7uPvO76
y0yar0V/2O9mcB2Te1Vo+28yetaVuhAMscZbKFz6GJ6q8D85Wq8MsSUFzmegYq1P
dDXkL0jQmvMEYlVG9V+ZmOfF+jXgXmVHSw0BQsLjZ8riZBFzKLndu6k32L/m9bK8
n2faDu3SBNgxvTTlXIiF1hivsOvhh0TxA1XO3PxrEPbX
-----END CERTIFICATE-----
Generated at Sun May 3 15:23:18 2026 by rpki-client