Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2229ee03-08c0-4c87-acab-bbf5abf49264.roa
File: 2229ee03-08c0-4c87-acab-bbf5abf49264.roa (raw, json)
Hash identifier: nCfqW5Ql1MFxnaIfS0hJnfFCAh9MyKdE6pBlc4r+fhU=
Subject key identifier: 90:EA:A8:34:9B:E1:12:0A:68:E5:FE:E4:81:2F:E2:BD:56:B7:CA:0C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5B9C76AF91CA3828F77C9DF2F6E4C619F95EE9C9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2229ee03-08c0-4c87-acab-bbf5abf49264.roa
Signing time: Fri 06 Feb 2026 00:40:07 +0000
ROA not before: Fri 06 Feb 2026 00:40:07 +0000
ROA not after: Thu 07 May 2026 23:59:59 +0000
asID: 14618
IP address blocks: 51.86.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Feb 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:9c:76:af:91:ca:38:28:f7:7c:9d:f2:f6:e4:c6:19:f9:5e:e9:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 6 00:40:07 2026 GMT
Not After : May 7 23:59:59 2026 GMT
Subject: serialNumber=139d6d8c2c7cf0e396a0b6f76859ee339ed2a82803a0127942f100c572b70aae, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:71:4a:fd:77:18:41:b5:1f:4a:38:82:e8:93:
c1:65:05:c5:6d:b7:54:14:d4:b9:e0:3e:fb:c4:0e:
b7:b9:a8:cf:95:4a:be:b2:36:23:87:ca:c4:59:a9:
6f:e6:11:f9:ee:83:56:43:18:fe:03:e7:d8:37:32:
cf:2a:c0:e5:a4:e9:ce:c1:ec:94:62:96:9e:56:44:
ed:3e:44:35:65:5d:32:a6:14:23:88:6a:70:ee:62:
4f:0f:74:51:fa:86:f7:59:89:29:1e:38:8f:e7:47:
1c:81:d7:c8:75:06:a8:cd:55:19:31:01:bf:96:a7:
84:16:40:80:a5:3b:49:ef:b0:d7:8b:5b:75:73:96:
b1:0f:fd:12:47:a2:8e:32:81:53:1d:d2:60:7e:14:
47:22:3a:81:e7:18:95:f8:00:73:07:a1:48:98:93:
43:01:89:4d:c3:ed:36:75:88:47:35:16:c3:92:b3:
de:49:98:f5:ac:5c:f4:2a:f9:c8:07:36:7e:38:f4:
66:42:89:99:3b:ec:10:2c:0a:6f:e4:fe:19:2e:81:
7e:d4:95:12:d8:de:f8:db:dd:bb:a1:f8:9e:32:2f:
22:6e:96:fc:f5:f0:4c:49:58:d1:2f:a4:a5:5f:d5:
88:a6:47:87:ce:a5:c3:90:7e:97:60:f3:37:e5:11:
c3:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:EA:A8:34:9B:E1:12:0A:68:E5:FE:E4:81:2F:E2:BD:56:B7:CA:0C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2229ee03-08c0-4c87-acab-bbf5abf49264.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.86.0.0/15
Signature Algorithm: sha256WithRSAEncryption
d2:a9:a1:04:5a:45:8f:1f:41:6d:ed:10:85:12:1f:03:c2:22:
d2:85:01:a2:cc:2d:c0:1e:c7:81:c7:02:ea:a1:4d:b4:1e:8e:
b1:19:22:92:96:8b:b0:f0:ca:b5:e7:c2:8c:c0:83:23:9c:6d:
3a:09:34:ff:cd:78:e9:d5:00:26:5c:ed:3b:0c:85:98:08:cd:
2c:09:b4:73:93:a0:cc:38:2e:11:4c:0d:dc:96:7a:62:be:9b:
5a:27:05:98:02:bd:2d:f9:c2:21:39:5f:c8:1a:30:9a:7c:0b:
d4:94:be:ff:fd:92:b4:b2:cc:94:ae:b2:b9:4b:af:2a:47:26:
74:c7:fc:48:71:ff:c7:a4:1d:f6:08:43:2b:c6:5e:7d:a1:85:
c1:ed:cf:0e:e9:94:4f:5a:2e:df:72:e5:8e:ea:1e:0d:2b:cb:
34:f3:dc:56:da:55:e3:19:11:e9:b8:ec:eb:05:11:14:e3:74:
be:bf:d0:52:54:fd:6b:c5:d9:c2:c5:59:08:65:8b:f9:58:f4:
0a:ed:46:ff:79:bc:36:58:eb:d5:0b:7a:6e:1a:41:e0:50:11:
14:7b:90:41:6e:4c:60:d2:c3:55:26:0c:1e:75:06:31:78:86:
f4:b8:05:dc:9f:c9:cd:e9:bd:c8:3f:fb:d3:e1:1c:49:24:87:
83:4f:fb:b8
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUW5x2r5HKOCj3fJ3y9uTGGfle6ckwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMDYwMDQwMDdaFw0yNjA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDEzOWQ2ZDhjMmM3Y2YwZTM5NmEwYjZmNzY4NTllZTMzOWVkMmE4MjgwM2Ew
MTI3OTQyZjEwMGM1NzJiNzBhYWUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAINxSv13GEG1H0o4guiTwWUFxW23VBTUueA++8QOt7moz5VKvrI2I4fKxFmp
b+YR+e6DVkMY/gPn2DcyzyrA5aTpzsHslGKWnlZE7T5ENWVdMqYUI4hqcO5iTw90
UfqG91mJKR44j+dHHIHXyHUGqM1VGTEBv5anhBZAgKU7Se+w14tbdXOWsQ/9Ekei
jjKBUx3SYH4URyI6gecYlfgAcwehSJiTQwGJTcPtNnWIRzUWw5Kz3kmY9axc9Cr5
yAc2fjj0ZkKJmTvsECwKb+T+GS6BftSVEtje+Nvdu6H4njIvIm6W/PXwTElY0S+k
pV/ViKZHh86lw5B+l2DzN+URw60CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSQ6qg0
m+ESCmjl/uSBL+K9VrfKDDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjIyOWVlMDMtMDhjMC00Yzg3LWFjYWItYmJmNWFiZjQ5MjY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATNWMA0G
CSqGSIb3DQEBCwUAA4IBAQDSqaEEWkWPH0Ft7RCFEh8DwiLShQGizC3AHseBxwLq
oU20Ho6xGSKSlouw8Mq158KMwIMjnG06CTT/zXjp1QAmXO07DIWYCM0sCbRzk6DM
OC4RTA3clnpivptaJwWYAr0t+cIhOV/IGjCafAvUlL7//ZK0ssyUrrK5S68qRyZ0
x/xIcf/HpB32CEMrxl59oYXB7c8O6ZRPWi7fcuWO6h4NK8s089xW2lXjGRHpuOzr
BREU43S+v9BSVP1rxdnCxVkIZYv5WPQK7Ub/ebw2WOvVC3puGkHgUBEUe5BBbkxg
0sNVJgwedQYxeIb0uAXcn8nN6b3IP/vT4RxJJIeDT/u4
-----END CERTIFICATE-----
Generated at Thu Feb 26 09:45:40 2026 by rpki-client