Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2d24b638-b951-4333-ac88-4886c7af230f.roa
File: 2d24b638-b951-4333-ac88-4886c7af230f.roa (raw, json)
Hash identifier: 6BSMhbbwm5kiAWCJaLzyT/T39tIceno6DwhGT5JsBtg=
Subject key identifier: D7:C2:FF:62:00:5E:2A:D0:18:B6:39:39:E1:14:9E:6E:ED:17:5B:64
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 65A50DF52E754C9D58DF7C23BF624828FE0B1427
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2d24b638-b951-4333-ac88-4886c7af230f.roa
Signing time: Tue 19 May 2026 05:50:25 +0000
ROA not before: Tue 19 May 2026 05:50:25 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.82.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jun 2026 01:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:a5:0d:f5:2e:75:4c:9d:58:df:7c:23:bf:62:48:28:fe:0b:14:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 05:50:25 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=3a4dede0b608dec9b58895f7ba333c5e151d7d30a25783910abf4ff400809f27, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:9d:b5:43:57:62:18:e1:e9:c3:b9:36:d5:81:
bf:b8:05:f0:56:0f:98:05:73:7c:ac:2b:ea:10:01:
9d:86:f8:2f:4c:85:b2:2f:94:84:27:09:f4:57:c2:
aa:b8:80:4c:0a:7f:c0:a8:fb:90:43:a4:8d:59:5a:
12:2a:4a:41:ff:dd:52:2d:65:20:da:88:72:78:ea:
a4:03:40:b3:c5:4e:fb:28:67:b9:70:d8:cd:dd:04:
c1:31:19:4a:52:ea:ed:e5:ad:0f:51:0a:92:71:c8:
4c:59:f0:77:ba:99:5e:bf:d7:9f:5c:a4:2f:10:11:
76:1a:86:ad:d0:4c:22:de:44:1b:9d:c7:d3:14:19:
33:25:34:1b:47:f1:b1:31:00:53:83:c9:62:08:c0:
33:76:55:c6:c9:ef:24:37:8d:11:98:99:84:49:dd:
27:7d:94:1a:a4:77:36:86:06:f4:76:b9:f1:eb:89:
b9:8a:29:27:3d:e9:ee:2f:2e:97:9a:3e:2c:cd:33:
89:53:ee:ed:d8:47:53:3b:72:a8:f9:e8:71:2d:1d:
6a:9b:10:10:c2:81:d3:53:20:19:af:ed:80:b6:ff:
b6:2f:86:02:90:b0:7c:0d:58:85:0d:a8:61:b3:a8:
7c:8f:8b:3f:b5:e4:08:04:32:9a:12:b8:84:be:4a:
b5:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:C2:FF:62:00:5E:2A:D0:18:B6:39:39:E1:14:9E:6E:ED:17:5B:64
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2d24b638-b951-4333-ac88-4886c7af230f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.82.0.0/16
Signature Algorithm: sha256WithRSAEncryption
82:22:eb:07:fb:6c:f9:cf:2f:2c:aa:4e:d9:82:64:e7:fc:06:
2f:0a:dc:3d:66:7a:9d:c1:0a:58:5f:52:6e:fa:96:98:be:a9:
6b:e8:d0:d5:81:53:ef:1c:23:f0:dd:25:a4:ca:a9:8b:45:15:
14:8c:11:27:3a:6b:58:09:bf:70:4c:0a:cd:8b:05:97:e1:1f:
f4:5b:b3:e9:2b:4a:9b:49:79:5e:a6:80:e3:e5:95:c4:07:64:
25:49:da:39:d4:ce:95:62:4e:e0:d5:d1:01:e4:05:95:9a:cd:
90:fc:b7:27:83:e9:9b:88:9d:8b:ce:4d:05:0d:30:91:c6:ba:
6b:ef:0a:b1:88:1b:eb:56:da:ac:f3:1a:3a:67:4c:5b:05:e7:
06:cc:1a:c2:f0:f4:c3:28:77:23:16:d4:b9:cd:f5:c3:ad:94:
43:15:15:b9:4c:b6:8b:4c:98:01:cb:d5:f9:53:bd:96:a1:ce:
d3:13:78:2d:c7:f7:7f:2f:48:51:3d:dd:d7:c5:3f:70:e4:3d:
ae:29:b8:d4:d2:eb:c7:e4:41:ba:1f:13:14:d2:00:17:b1:e8:
3f:11:b2:b2:e0:b0:e9:a0:41:60:13:63:aa:e3:d0:7c:c8:dd:
aa:72:03:37:cf:57:8a:d2:3f:ea:10:3e:27:13:f0:58:1c:e7:
19:09:43:de
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUZaUN9S51TJ1Y33wjv2JIKP4LFCcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNTUwMjVaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDNhNGRlZGUwYjYwOGRlYzliNTg4OTVmN2JhMzMzYzVlMTUxZDdkMzBhMjU3
ODM5MTBhYmY0ZmY0MDA4MDlmMjcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOidtUNXYhjh6cO5NtWBv7gF8FYPmAVzfKwr6hABnYb4L0yFsi+UhCcJ9FfC
qriATAp/wKj7kEOkjVlaEipKQf/dUi1lINqIcnjqpANAs8VO+yhnuXDYzd0EwTEZ
SlLq7eWtD1EKknHITFnwd7qZXr/Xn1ykLxARdhqGrdBMIt5EG53H0xQZMyU0G0fx
sTEAU4PJYgjAM3ZVxsnvJDeNEZiZhEndJ32UGqR3NoYG9Ha58euJuYopJz3p7i8u
l5o+LM0ziVPu7dhHUztyqPnocS0dapsQEMKB01MgGa/tgLb/ti+GApCwfA1YhQ2o
YbOofI+LP7XkCAQymhK4hL5KtcMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTXwv9i
AF4q0Bi2OTnhFJ5u7RdbZDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmQyNGI2MzgtYjk1MS00MzMzLWFjODgtNDg4NmM3YWYyMzBmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNSMA0G
CSqGSIb3DQEBCwUAA4IBAQCCIusH+2z5zy8sqk7ZgmTn/AYvCtw9ZnqdwQpYX1Ju
+paYvqlr6NDVgVPvHCPw3SWkyqmLRRUUjBEnOmtYCb9wTArNiwWX4R/0W7PpK0qb
SXlepoDj5ZXEB2QlSdo51M6VYk7g1dEB5AWVms2Q/Lcng+mbiJ2Lzk0FDTCRxrpr
7wqxiBvrVtqs8xo6Z0xbBecGzBrC8PTDKHcjFtS5zfXDrZRDFRW5TLaLTJgBy9X5
U72Woc7TE3gtx/d/L0hRPd3XxT9w5D2uKbjU0uvH5EG6HxMU0gAXseg/EbKy4LDp
oEFgE2Oq49B8yN2qcgM3z1eK0j/qED4nE/BYHOcZCUPe
-----END CERTIFICATE-----
Generated at Tue Jun 2 10:45:45 2026 by rpki-client