Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2fc6a253-dc60-4611-8bc0-f4b11851ccf1.roa
File: 2fc6a253-dc60-4611-8bc0-f4b11851ccf1.roa (raw, json)
Hash identifier: FxTy5/OyA/Vg7IcUgTxQhQRQmO5/U9CWyQvemCvbjUM=
Subject key identifier: 9E:8A:69:99:5D:DC:60:1C:E6:D0:5E:4E:79:A5:E1:F3:2F:80:14:EC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 09F2FE7D27E2BB64DF1074D4B3A552EF47A48663
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2fc6a253-dc60-4611-8bc0-f4b11851ccf1.roa
Signing time: Sat 28 Feb 2026 06:30:55 +0000
ROA not before: Sat 28 Feb 2026 06:30:55 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.127.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 15:05:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:f2:fe:7d:27:e2:bb:64:df:10:74:d4:b3:a5:52:ef:47:a4:86:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 28 06:30:55 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=585876cb46c28f8cecea9cca36eb1364fd52968f864196f34f5ceac2e1abbc53, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:fa:ee:a1:4c:31:1c:96:b7:ea:6d:31:25:23:
e1:04:9e:66:dc:f3:cb:40:17:5e:4b:c6:46:46:ab:
8a:17:0f:2d:53:32:b1:cb:90:bc:7b:c3:2a:e7:2b:
d4:00:e8:f8:1c:b2:ee:d4:4e:c7:61:e3:03:ba:a6:
c4:d2:5a:0d:a8:8f:bd:61:f9:69:25:8c:ea:c5:96:
84:83:1b:4b:1a:93:b2:70:5b:2f:3d:bf:5e:e0:9c:
7b:10:04:f2:f1:59:37:37:47:e0:4a:41:13:21:56:
c7:a8:39:c3:db:a4:c2:1d:45:d1:c3:a9:8c:c4:58:
cf:e2:f1:ae:c0:a0:4c:d6:2d:e4:96:a4:ce:82:1b:
8e:0b:e8:a8:32:05:35:40:ae:1e:55:3c:49:76:da:
53:1c:a1:2d:73:1e:c9:41:32:ce:d5:3e:8e:c3:15:
5d:f8:21:4d:f4:31:ec:33:a8:be:bc:28:e3:90:fd:
71:51:c0:9f:8d:ed:cb:9c:c7:ff:0e:95:1f:74:94:
99:9c:7d:d6:3f:4a:8c:6e:cb:ac:77:18:dc:3d:3a:
25:e9:f6:59:a7:bd:f8:43:71:fc:e2:54:23:99:58:
84:e4:da:37:2c:bd:85:ea:f4:10:c6:0d:79:79:dc:
52:8d:77:ff:18:72:b5:33:27:c2:c7:8e:ad:7d:52:
de:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:8A:69:99:5D:DC:60:1C:E6:D0:5E:4E:79:A5:E1:F3:2F:80:14:EC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2fc6a253-dc60-4611-8bc0-f4b11851ccf1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.127.0.0/16
Signature Algorithm: sha256WithRSAEncryption
18:8a:da:4e:fd:4e:90:e7:ec:9d:1a:c7:1a:d9:35:79:1e:dc:
c8:22:a8:e2:23:c9:4b:a9:4c:49:9f:c0:b3:6e:37:ec:c9:66:
1d:c6:e5:2d:db:dc:33:31:3d:e1:22:ed:5f:49:ee:c8:89:a9:
9e:ad:cb:12:1c:9e:e4:4f:bc:c3:31:a2:76:b2:2b:5e:7c:a4:
10:45:a1:ec:28:24:7d:c5:58:7e:c1:25:23:d9:96:40:2c:13:
0a:4a:ec:1a:79:19:03:ce:6f:37:53:96:11:f7:3f:b3:ee:2b:
8a:3f:ab:51:ad:98:f8:4d:be:20:97:ab:22:7f:67:79:3c:00:
dc:6d:70:07:ac:ab:0b:72:04:f5:9c:c8:81:3e:54:74:5e:29:
d2:a3:de:2c:3c:23:3d:b6:29:54:7f:54:76:6b:3d:3c:3e:a1:
54:5e:30:91:b7:d4:64:6c:32:e0:7c:b7:45:23:78:ca:80:25:
55:23:05:2c:d4:00:b6:91:f4:e3:92:c7:b4:50:c4:ef:7b:3f:
55:25:6c:75:f7:6a:10:33:01:92:9e:e0:23:92:28:aa:c3:d3:
f9:ad:48:4a:74:94:eb:18:c9:32:1e:76:d6:da:af:ae:8e:b9:
36:7a:77:9e:41:b2:4d:12:1a:e1:e4:67:bc:59:b3:0f:4c:d2:
15:19:bb:b6
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUCfL+fSfiu2TfEHTUs6VS70ekhmMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMjgwNjMwNTVaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDU4NTg3NmNiNDZjMjhmOGNlY2VhOWNjYTM2ZWIxMzY0ZmQ1Mjk2OGY4NjQx
OTZmMzRmNWNlYWMyZTFhYmJjNTMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJT67qFMMRyWt+ptMSUj4QSeZtzzy0AXXkvGRkarihcPLVMyscuQvHvDKucr
1ADo+Byy7tROx2HjA7qmxNJaDaiPvWH5aSWM6sWWhIMbSxqTsnBbLz2/XuCcexAE
8vFZNzdH4EpBEyFWx6g5w9ukwh1F0cOpjMRYz+LxrsCgTNYt5JakzoIbjgvoqDIF
NUCuHlU8SXbaUxyhLXMeyUEyztU+jsMVXfghTfQx7DOovrwo45D9cVHAn43ty5zH
/w6VH3SUmZx91j9KjG7LrHcY3D06Jen2Wae9+ENx/OJUI5lYhOTaNyy9her0EMYN
eXncUo13/xhytTMnwseOrX1S3l8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSeimmZ
XdxgHObQXk55peHzL4AU7DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmZjNmEyNTMtZGM2MC00NjExLThiYzAtZjRiMTE4NTFjY2YxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN/MA0G
CSqGSIb3DQEBCwUAA4IBAQAYitpO/U6Q5+ydGsca2TV5HtzIIqjiI8lLqUxJn8Cz
bjfsyWYdxuUt29wzMT3hIu1fSe7IiamercsSHJ7kT7zDMaJ2sitefKQQRaHsKCR9
xVh+wSUj2ZZALBMKSuwaeRkDzm83U5YR9z+z7iuKP6tRrZj4Tb4gl6sif2d5PADc
bXAHrKsLcgT1nMiBPlR0XinSo94sPCM9tilUf1R2az08PqFUXjCRt9RkbDLgfLdF
I3jKgCVVIwUs1AC2kfTjkse0UMTvez9VJWx192oQMwGSnuAjkiiqw9P5rUhKdJTr
GMkyHnbW2q+ujrk2eneeQbJNEhrh5Ge8WbMPTNIVGbu2
-----END CERTIFICATE-----
Generated at Mon Mar 2 19:40:51 2026 by rpki-client