Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/676cc479-c956-49aa-8372-560fd674c62c.roa
File: 676cc479-c956-49aa-8372-560fd674c62c.roa (raw, json)
Hash identifier: GxAOEVeHmP9sW58ujQwpk/opvesqNJtYzfFEscLs7Z8=
Subject key identifier: 19:09:51:39:35:3D:41:B0:66:B3:9F:04:FC:E7:29:AF:C5:B4:65:68
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 35AAC6108A1BC5AD3944B404DEB5FFF6A432C9A4
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/676cc479-c956-49aa-8372-560fd674c62c.roa
Signing time: Mon 27 Apr 2026 00:40:03 +0000
ROA not before: Mon 27 Apr 2026 00:40:03 +0000
ROA not after: Sun 26 Jul 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.20.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 04 May 2026 05:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:aa:c6:10:8a:1b:c5:ad:39:44:b4:04:de:b5:ff:f6:a4:32:c9:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 27 00:40:03 2026 GMT
Not After : Jul 26 23:59:59 2026 GMT
Subject: serialNumber=fddd9e3eb5cf61272ec7a5dd79f0ddd6ff5a6c3c519f6eec5fb9ae70d5f129ba, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:98:33:85:73:15:77:5d:2a:4f:0c:0d:96:6e:
6a:18:40:88:ff:a3:d7:a2:b3:d3:8d:4b:33:70:8c:
6e:7f:b0:b8:ae:f5:7d:61:17:6a:29:80:4e:b1:7b:
80:f5:a4:aa:e8:97:ed:3c:ed:d1:78:8c:81:5c:36:
22:39:6c:24:52:5e:ed:8f:96:6d:58:d6:70:69:81:
d1:ba:11:9e:45:a2:5e:79:18:47:1e:89:57:f6:3f:
92:43:c3:82:d3:c3:72:77:89:cb:e3:6a:e3:6b:50:
c6:fc:3f:9a:14:80:e6:24:fc:de:0c:0c:4c:3c:95:
87:1a:55:de:2c:e1:a7:80:ef:4c:81:6d:b5:06:c3:
92:37:96:2c:78:93:e8:29:ac:65:ab:29:fe:b6:27:
84:e5:00:1a:5a:6b:ac:8e:71:b1:94:2c:39:5c:e5:
7d:82:98:53:bd:0c:cf:60:3c:18:02:43:2a:d5:15:
cc:e1:52:2f:79:6a:b7:b1:66:e0:19:50:85:82:c6:
22:d2:93:cc:dc:8b:ef:b2:f6:2f:29:20:f3:76:b7:
36:7c:a2:73:3d:06:9b:92:12:8d:28:ef:4e:7c:12:
3f:80:dc:a8:1e:d6:b1:02:7d:91:eb:d3:27:17:85:
91:ad:d1:07:96:41:34:e7:db:8c:11:73:fa:b2:12:
4d:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:09:51:39:35:3D:41:B0:66:B3:9F:04:FC:E7:29:AF:C5:B4:65:68
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/676cc479-c956-49aa-8372-560fd674c62c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.20.0.0/16
Signature Algorithm: sha256WithRSAEncryption
d3:dd:86:c1:0a:ab:42:76:76:1e:bf:09:12:0f:ee:f0:89:1b:
01:e1:d2:68:d6:49:03:09:4e:2e:44:70:96:37:f1:f2:db:a0:
02:5c:db:18:2a:02:77:83:02:9c:d8:36:10:6e:f5:ce:af:7b:
ab:19:c0:c8:a4:42:00:7c:a7:68:21:2a:46:9f:6e:d1:b8:50:
4b:5a:18:38:e4:07:da:1c:44:8e:64:cf:c3:e7:39:7a:e5:0e:
92:ba:3a:23:9a:aa:c7:d2:72:1b:8a:f2:aa:ff:de:f1:f4:2d:
a5:33:1c:98:68:52:e1:76:f1:3d:c2:22:aa:d4:6b:b8:23:2b:
e4:85:e3:30:d7:20:bd:a0:b7:85:9b:70:3b:d3:c3:85:2c:50:
ba:36:0d:e0:e1:f9:8a:d6:fa:b3:47:f0:70:0d:ca:a0:e2:98:
64:46:91:5e:b6:c1:76:bc:72:27:d5:a4:14:8d:d3:48:e6:bd:
48:79:1c:9c:ca:2e:bd:7a:2e:5b:89:2f:cb:d9:12:53:37:d0:
ac:d8:96:94:df:a0:69:a6:42:5d:8f:06:50:c3:3c:5a:76:07:
e3:a5:87:c4:5f:e0:4f:49:ca:ee:d9:4a:81:c0:9f:6f:f6:90:
aa:3c:d3:4c:2d:8b:6e:ae:a3:6c:21:a9:77:72:c5:04:e6:08:
c7:81:de:6a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUNarGEIobxa05RLQE3rX/9qQyyaQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA0MjcwMDQwMDNaFw0yNjA3MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGZkZGQ5ZTNlYjVjZjYxMjcyZWM3YTVkZDc5ZjBkZGQ2ZmY1YTZjM2M1MTlm
NmVlYzVmYjlhZTcwZDVmMTI5YmExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANqYM4VzFXddKk8MDZZuahhAiP+j16Kz041LM3CMbn+wuK71fWEXaimATrF7
gPWkquiX7Tzt0XiMgVw2IjlsJFJe7Y+WbVjWcGmB0boRnkWiXnkYRx6JV/Y/kkPD
gtPDcneJy+Nq42tQxvw/mhSA5iT83gwMTDyVhxpV3izhp4DvTIFttQbDkjeWLHiT
6CmsZasp/rYnhOUAGlprrI5xsZQsOVzlfYKYU70Mz2A8GAJDKtUVzOFSL3lqt7Fm
4BlQhYLGItKTzNyL77L2Lykg83a3Nnyicz0Gm5ISjSjvTnwSP4DcqB7WsQJ9kevT
JxeFka3RB5ZBNOfbjBFz+rISTT8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQZCVE5
NT1BsGaznwT85ymvxbRlaDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Njc2Y2M0NzktYzk1Ni00OWFhLTgzNzItNTYwZmQ2NzRjNjJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMUMA0G
CSqGSIb3DQEBCwUAA4IBAQDT3YbBCqtCdnYevwkSD+7wiRsB4dJo1kkDCU4uRHCW
N/Hy26ACXNsYKgJ3gwKc2DYQbvXOr3urGcDIpEIAfKdoISpGn27RuFBLWhg45Afa
HESOZM/D5zl65Q6SujojmqrH0nIbivKq/97x9C2lMxyYaFLhdvE9wiKq1Gu4Iyvk
heMw1yC9oLeFm3A708OFLFC6Ng3g4fmK1vqzR/BwDcqg4phkRpFetsF2vHIn1aQU
jdNI5r1IeRycyi69ei5biS/L2RJTN9Cs2JaU36BppkJdjwZQwzxadgfjpYfEX+BP
Scru2UqBwJ9v9pCqPNNMLYturqNsIal3csUE5gjHgd5q
-----END CERTIFICATE-----
Generated at Sun May 3 15:24:49 2026 by rpki-client