Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/675bb2b8-b9b8-45ee-ad4d-7af481ebf99b.roa
File: 675bb2b8-b9b8-45ee-ad4d-7af481ebf99b.roa (raw, json)
Hash identifier: J60ELExuep2ahrNzP0GtkbMdFTSRavuXcOEM9mkVGdw=
Subject key identifier: 57:D7:10:D3:A0:14:4A:AE:52:71:49:94:D6:8F:35:F6:93:98:24:97
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3F09B8082F748978BFABD196030EC147D4936459
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/675bb2b8-b9b8-45ee-ad4d-7af481ebf99b.roa
Signing time: Wed 20 May 2026 21:47:14 +0000
ROA not before: Wed 20 May 2026 21:47:14 +0000
ROA not after: Tue 18 Aug 2026 23:59:59 +0000
asID: 14618
IP address blocks: 51.200.0.0/15 maxlen: 15
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 May 2026 08:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:09:b8:08:2f:74:89:78:bf:ab:d1:96:03:0e:c1:47:d4:93:64:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 21:47:14 2026 GMT
Not After : Aug 18 23:59:59 2026 GMT
Subject: serialNumber=35f7d4634ed6385c28e493399ab3fd48e19c4881665b2119dfb74daf42f04ff6, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:fb:0e:9f:88:f4:6c:7e:86:94:af:24:b9:bc:
20:d0:49:7a:c5:39:d3:3f:17:ed:cd:8d:4c:68:9a:
e3:59:35:1d:71:d2:0a:6d:24:e7:8d:fe:15:9e:97:
e4:aa:48:81:58:17:d4:39:4c:6b:34:17:0e:98:46:
a8:1d:c6:ae:d7:1f:18:51:c8:1c:61:f5:fa:05:93:
24:b3:f9:04:6b:a2:44:95:57:43:a3:0e:68:44:a4:
79:2d:ab:ad:0f:56:b9:95:98:0f:d9:3c:a1:b0:06:
93:29:29:40:91:80:63:e4:d7:82:6e:00:c8:fc:a1:
a1:55:04:6f:d8:2b:3a:aa:d7:a1:b1:e4:f9:61:ef:
95:49:21:2b:81:62:0e:f2:d1:dd:cf:c0:ff:e0:26:
0c:c6:96:71:af:00:3a:e5:90:c6:39:86:ad:bc:00:
49:f6:c5:8a:89:f7:bb:c8:6c:12:85:1c:55:c6:db:
f9:93:38:49:1f:56:a7:cf:7d:c0:2b:5b:6a:d6:50:
1e:74:2d:9e:91:26:5f:a2:6c:43:5d:b1:70:62:bf:
56:2a:84:73:05:a2:1a:7b:67:1a:90:81:8e:3d:31:
be:88:76:2a:ca:56:41:64:9d:be:0a:5d:33:dc:29:
a1:8a:db:bf:ef:93:ac:a1:40:88:b4:5e:7a:0d:48:
fa:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:D7:10:D3:A0:14:4A:AE:52:71:49:94:D6:8F:35:F6:93:98:24:97
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/675bb2b8-b9b8-45ee-ad4d-7af481ebf99b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.200.0.0/15
Signature Algorithm: sha256WithRSAEncryption
43:8e:8a:b9:34:72:df:e8:26:56:a2:f4:49:d7:1f:3e:5f:5a:
40:fb:fe:b5:38:3a:1c:0b:62:44:90:de:8d:d6:1d:d8:d2:74:
ef:c2:4a:7a:89:f9:17:4a:cd:c2:aa:ec:ff:ba:e2:d5:fe:36:
93:45:e8:fc:d9:5b:b9:3a:08:56:40:76:85:7f:83:bd:84:3e:
34:73:b4:de:d7:42:98:ac:cf:ad:97:d1:26:6b:a4:2a:2a:e0:
89:93:8a:ff:8a:a7:f7:6e:45:c3:97:19:2e:32:49:cf:3d:6e:
e4:b3:a5:08:e9:4d:aa:19:a4:48:d8:1a:d4:27:6c:cf:b1:48:
40:94:f0:26:a3:12:68:ce:c9:77:0c:53:af:e0:9c:e8:a3:14:
93:fc:14:04:d1:ca:04:60:d9:d4:2b:fc:c0:44:bd:7a:a5:58:
53:1c:ef:05:dc:c0:3f:83:88:8e:f2:9e:fa:c0:4f:a0:a2:79:
46:71:dc:aa:dc:b5:4a:c3:38:55:93:39:13:62:cb:cc:4a:f9:
79:a1:87:84:03:9a:94:eb:31:ea:75:45:a4:85:43:42:7a:df:
01:69:47:44:c0:3d:05:bc:e7:85:04:af:f6:f5:0a:4e:4d:c5:
9c:3b:1e:c3:63:49:6f:3f:2d:cc:6f:96:06:4b:1f:ba:68:0e:
83:26:1b:3b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUPwm4CC90iXi/q9GWAw7BR9STZFkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MjAyMTQ3MTRaFw0yNjA4MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDM1ZjdkNDYzNGVkNjM4NWMyOGU0OTMzOTlhYjNmZDQ4ZTE5YzQ4ODE2NjVi
MjExOWRmYjc0ZGFmNDJmMDRmZjYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANT7Dp+I9Gx+hpSvJLm8INBJesU50z8X7c2NTGia41k1HXHSCm0k543+FZ6X
5KpIgVgX1DlMazQXDphGqB3GrtcfGFHIHGH1+gWTJLP5BGuiRJVXQ6MOaESkeS2r
rQ9WuZWYD9k8obAGkykpQJGAY+TXgm4AyPyhoVUEb9grOqrXobHk+WHvlUkhK4Fi
DvLR3c/A/+AmDMaWca8AOuWQxjmGrbwASfbFion3u8hsEoUcVcbb+ZM4SR9Wp899
wCtbatZQHnQtnpEmX6JsQ12xcGK/ViqEcwWiGntnGpCBjj0xvoh2KspWQWSdvgpd
M9wpoYrbv++TrKFAiLReeg1I+gcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRX1xDT
oBRKrlJxSZTWjzX2k5gklzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Njc1YmIyYjgtYjliOC00NWVlLWFkNGQtN2FmNDgxZWJmOTliLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPIMA0G
CSqGSIb3DQEBCwUAA4IBAQBDjoq5NHLf6CZWovRJ1x8+X1pA+/61ODocC2JEkN6N
1h3Y0nTvwkp6ifkXSs3Cquz/uuLV/jaTRej82Vu5OghWQHaFf4O9hD40c7Te10KY
rM+tl9Ema6QqKuCJk4r/iqf3bkXDlxkuMknPPW7ks6UI6U2qGaRI2BrUJ2zPsUhA
lPAmoxJozsl3DFOv4JzooxST/BQE0coEYNnUK/zARL16pVhTHO8F3MA/g4iO8p76
wE+gonlGcdyq3LVKwzhVkzkTYsvMSvl5oYeEA5qU6zHqdUWkhUNCet8BaUdEwD0F
vOeFBK/29QpOTcWcOx7DY0lvPy3Mb5YGSx+6aA6DJhs7
-----END CERTIFICATE-----
Generated at Fri May 22 14:18:41 2026 by rpki-client