Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/60c89335-41cc-407d-8ffe-34cda7e66bb7.roa
File: 60c89335-41cc-407d-8ffe-34cda7e66bb7.roa (raw, json)
Hash identifier: z8Er5wnd/kG0uVBrEm8PuE+KQFNLIxf/+3ytpzWFNmA=
Subject key identifier: A6:75:DC:9B:EF:F6:0D:8A:11:5F:4A:22:43:95:B4:CC:5F:F6:F1:08
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: B8EE5388EFF97A844FF42CAE14646D8562E56D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/60c89335-41cc-407d-8ffe-34cda7e66bb7.roa
Signing time: Mon 27 Apr 2026 00:40:32 +0000
ROA not before: Mon 27 Apr 2026 00:40:32 +0000
ROA not after: Sun 26 Jul 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.96.0.0/14 maxlen: 14
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 04 May 2026 05:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
b8:ee:53:88:ef:f9:7a:84:4f:f4:2c:ae:14:64:6d:85:62:e5:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 27 00:40:32 2026 GMT
Not After : Jul 26 23:59:59 2026 GMT
Subject: serialNumber=d6e85e838f6029f54e72e5900b29781a5734e94d12e23c13d6213cccc55453fb, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:e6:12:a1:04:ef:da:aa:fc:92:ab:7f:d4:a9:
13:ce:46:8c:37:4d:83:69:00:8c:c8:f0:07:39:8f:
6c:5b:fe:31:c1:dd:e4:db:d8:74:38:f5:69:50:86:
bc:ef:ef:cb:32:29:e5:21:b9:35:48:59:50:ca:fe:
a3:8a:d4:62:33:65:cf:a6:86:e4:1b:4d:14:6a:4f:
76:47:0c:20:cd:14:a6:f6:fb:a5:54:41:ae:f3:f3:
82:e9:a9:7e:1d:19:3d:1f:b8:c3:11:68:46:2a:d2:
78:b4:d2:71:88:7b:b9:a9:d0:a6:d3:51:f7:e6:32:
10:c4:f3:08:17:1d:77:4f:a1:3f:3d:c7:f8:68:f6:
e8:e3:1f:0b:26:c9:79:79:89:36:e0:9f:23:d4:c7:
b9:f2:47:60:97:ae:90:19:f2:c3:61:ac:80:db:9f:
45:b7:2b:b3:a2:c4:99:b3:24:c7:4f:c5:76:4d:df:
f5:6a:d1:78:8c:57:b7:6e:83:41:34:ff:7b:73:26:
bb:0e:58:c4:b1:f3:5e:4e:63:fc:44:88:95:04:85:
f4:d9:52:75:92:c5:fd:42:ac:23:20:78:78:a1:d6:
59:e7:be:a8:f5:7f:4a:7e:9f:b6:95:d8:c4:0d:09:
ed:a9:61:9b:49:73:b3:1c:25:3f:4a:4f:44:06:dd:
b2:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:75:DC:9B:EF:F6:0D:8A:11:5F:4A:22:43:95:B4:CC:5F:F6:F1:08
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/60c89335-41cc-407d-8ffe-34cda7e66bb7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.96.0.0/14
Signature Algorithm: sha256WithRSAEncryption
3f:e4:19:88:b0:fe:c4:54:bf:3c:ce:95:4e:2d:1f:66:45:93:
2d:f8:7d:03:02:43:9a:f8:87:37:ba:08:d7:e3:84:f2:ea:b2:
8a:05:70:87:d0:fc:88:d5:1e:45:c8:4c:5f:ad:48:7f:b1:d7:
40:2a:32:9b:95:f7:6d:ef:f6:e9:aa:f5:88:a9:ae:40:cf:cb:
50:70:2c:8b:18:a2:ae:46:2e:23:1c:95:d3:d6:91:c7:fe:a7:
fd:fd:eb:10:70:cb:05:43:42:d2:61:3a:36:a1:f5:92:a2:83:
51:af:9a:2e:07:22:31:f1:a0:de:0a:de:e5:58:b1:58:50:fe:
69:0b:34:5b:e6:7b:8b:b8:b4:cf:88:87:fe:4c:bf:7b:b6:49:
41:20:b8:d4:c0:a8:4e:db:0b:ac:ac:c2:dd:78:ce:74:0b:87:
af:6b:1d:0e:f9:91:b5:4a:e6:c5:6f:5b:a8:d5:a5:d0:51:d5:
25:fb:07:05:97:c5:69:b5:0a:62:70:34:b7:d0:fa:88:12:da:
84:6e:58:11:fc:f3:ca:c6:ed:98:35:af:dc:c4:8c:b9:53:f3:
df:8b:b7:14:60:01:b7:26:f6:c8:42:aa:15:94:7b:5b:93:fb:
e4:64:86:25:31:af:2b:25:cf:f4:a6:f9:46:20:65:e7:21:30:
dd:7b:cd:f6
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUALjuU4jv+XqET/QsrhRkbYVi5W0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA0MjcwMDQwMzJaFw0yNjA3MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ2ZTg1ZTgzOGY2MDI5ZjU0ZTcyZTU5MDBiMjk3ODFhNTczNGU5NGQxMmUy
M2MxM2Q2MjEzY2NjYzU1NDUzZmIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALTmEqEE79qq/JKrf9SpE85GjDdNg2kAjMjwBzmPbFv+McHd5NvYdDj1aVCG
vO/vyzIp5SG5NUhZUMr+o4rUYjNlz6aG5BtNFGpPdkcMIM0Upvb7pVRBrvPzgump
fh0ZPR+4wxFoRirSeLTScYh7uanQptNR9+YyEMTzCBcdd0+hPz3H+Gj26OMfCybJ
eXmJNuCfI9THufJHYJeukBnyw2GsgNufRbcrs6LEmbMkx0/Fdk3f9WrReIxXt26D
QTT/e3Mmuw5YxLHzXk5j/ESIlQSF9NlSdZLF/UKsIyB4eKHWWee+qPV/Sn6ftpXY
xA0J7alhm0lzsxwlP0pPRAbdsqsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSmddyb
7/YNihFfSiJDlbTMX/bxCDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NjBjODkzMzUtNDFjYy00MDdkLThmZmUtMzRjZGE3ZTY2YmI3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjNgMA0G
CSqGSIb3DQEBCwUAA4IBAQA/5BmIsP7EVL88zpVOLR9mRZMt+H0DAkOa+Ic3ugjX
44Ty6rKKBXCH0PyI1R5FyExfrUh/sddAKjKblfdt7/bpqvWIqa5Az8tQcCyLGKKu
Ri4jHJXT1pHH/qf9/esQcMsFQ0LSYTo2ofWSooNRr5ouByIx8aDeCt7lWLFYUP5p
CzRb5nuLuLTPiIf+TL97tklBILjUwKhO2wusrMLdeM50C4evax0O+ZG1SubFb1uo
1aXQUdUl+wcFl8VptQpicDS30PqIEtqEblgR/PPKxu2YNa/cxIy5U/Pfi7cUYAG3
JvbIQqoVlHtbk/vkZIYlMa8rJc/0pvlGIGXnITDde832
-----END CERTIFICATE-----
Generated at Sun May 3 15:23:25 2026 by rpki-client