Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/80a19bac-b522-4340-8501-74870117a3ce.roa
File: 80a19bac-b522-4340-8501-74870117a3ce.roa (raw, json)
Hash identifier: GBRiabk8IfGn/Ch/SXjJvUkqcJ/il5HYhZdGAX3kfys=
Subject key identifier: CE:95:7C:B5:B3:B8:36:56:D1:1A:5B:23:C7:38:06:C2:F4:EB:0D:E9
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4F96EAF49CC6AF4B6CFA6D92E58B6F21CBBD4F39
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/80a19bac-b522-4340-8501-74870117a3ce.roa
Signing time: Tue 19 May 2026 05:50:06 +0000
ROA not before: Tue 19 May 2026 05:50:06 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.80.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 02 Jun 2026 16:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:96:ea:f4:9c:c6:af:4b:6c:fa:6d:92:e5:8b:6f:21:cb:bd:4f:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 05:50:06 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=b90385f7f3679913b30d8f948a6b0b95c3364dea8e4279a3c21da005a3597e0a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:fb:80:54:77:17:b9:48:d3:2a:68:7d:2a:2b:
47:f1:a8:8c:a4:c9:72:97:c1:b0:90:16:7a:26:4d:
16:09:82:76:6d:6b:02:d4:3b:65:ce:ee:d2:ac:a5:
06:8a:e4:3f:59:f5:29:6d:ef:55:50:ba:76:e5:05:
5b:b4:96:53:e4:b8:39:6b:fe:ea:f4:bb:f9:78:90:
89:bc:b2:11:c8:20:d6:de:d8:e4:7c:f9:4a:b1:ac:
c9:a0:b8:24:4d:36:ad:2f:c9:83:80:c3:a8:af:b6:
6e:f7:a0:92:04:da:10:39:91:c6:ec:2a:7e:4c:99:
a1:30:9d:8c:77:65:08:6c:37:b6:17:86:5b:82:c8:
43:e1:88:15:a3:7b:1a:99:35:8e:a3:1f:07:a1:2d:
5f:23:bc:9b:99:18:9e:7d:ba:d1:ad:89:73:3f:01:
0e:07:80:4a:47:eb:7b:65:9b:39:45:f8:53:c9:70:
26:86:b9:ad:2e:76:91:82:ea:b5:5c:c5:8c:1c:00:
11:9a:98:80:96:13:bc:88:ee:4e:36:2d:2c:88:42:
2c:96:67:d8:cf:3d:82:2a:7a:93:68:7b:f8:92:5b:
17:91:4f:82:cf:a9:9e:78:05:56:5a:c1:d9:c9:f5:
ee:ed:a7:af:5b:49:6c:5c:b9:87:8d:73:df:38:28:
9d:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:95:7C:B5:B3:B8:36:56:D1:1A:5B:23:C7:38:06:C2:F4:EB:0D:E9
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/80a19bac-b522-4340-8501-74870117a3ce.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.80.0.0/16
Signature Algorithm: sha256WithRSAEncryption
37:5d:e5:fe:d0:0c:3a:6c:9b:57:b8:c4:68:f1:84:99:ab:3c:
ec:d9:8a:2f:47:14:4e:8f:09:02:49:07:d9:b0:2f:6e:41:24:
99:18:3e:61:71:be:0e:2f:6b:09:a5:78:2a:5d:1a:0e:62:e9:
8e:30:a7:50:a2:d3:e0:65:8b:20:2d:70:55:92:61:66:7e:f8:
9a:50:df:38:8c:52:8d:1c:fb:b2:ab:5d:72:22:44:d8:bc:c1:
dc:e3:5c:e2:d7:22:1a:ac:31:59:53:1f:10:8d:ef:06:88:bd:
9a:a2:95:4c:bd:20:ab:d3:75:90:73:4b:e3:7e:29:79:5c:f5:
11:b8:99:7e:6d:e2:24:02:7a:40:b8:1c:c7:0f:0a:e5:77:ff:
55:56:eb:b3:9f:94:e6:50:1e:07:e7:a3:5d:fe:77:3e:7f:85:
ab:0b:68:57:39:54:3a:d1:e1:4d:ca:84:a7:50:b7:12:eb:bc:
8c:22:a2:6a:8e:0f:fa:bb:af:d2:73:30:52:a1:c3:67:e1:de:
ac:ef:55:6a:35:9e:6f:63:29:49:f4:af:13:cb:23:d3:0d:4c:
ba:db:36:bc:0d:84:9b:8c:27:e5:8b:93:b1:f0:e5:63:e2:0a:
d6:59:90:01:74:1b:98:a3:91:d5:6f:5b:d8:93:85:e1:2c:4f:
2a:da:d6:ab
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUT5bq9JzGr0ts+m2S5YtvIcu9TzkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNTUwMDZaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGI5MDM4NWY3ZjM2Nzk5MTNiMzBkOGY5NDhhNmIwYjk1YzMzNjRkZWE4ZTQy
NzlhM2MyMWRhMDA1YTM1OTdlMGExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMn7gFR3F7lI0ypofSorR/GojKTJcpfBsJAWeiZNFgmCdm1rAtQ7Zc7u0qyl
BorkP1n1KW3vVVC6duUFW7SWU+S4OWv+6vS7+XiQibyyEcgg1t7Y5Hz5SrGsyaC4
JE02rS/Jg4DDqK+2bvegkgTaEDmRxuwqfkyZoTCdjHdlCGw3theGW4LIQ+GIFaN7
Gpk1jqMfB6EtXyO8m5kYnn260a2Jcz8BDgeASkfre2WbOUX4U8lwJoa5rS52kYLq
tVzFjBwAEZqYgJYTvIjuTjYtLIhCLJZn2M89gip6k2h7+JJbF5FPgs+pnngFVlrB
2cn17u2nr1tJbFy5h41z3zgonZ8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTOlXy1
s7g2VtEaWyPHOAbC9OsN6TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODBhMTliYWMtYjUyMi00MzQwLTg1MDEtNzQ4NzAxMTdhM2NlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNQMA0G
CSqGSIb3DQEBCwUAA4IBAQA3XeX+0Aw6bJtXuMRo8YSZqzzs2YovRxROjwkCSQfZ
sC9uQSSZGD5hcb4OL2sJpXgqXRoOYumOMKdQotPgZYsgLXBVkmFmfviaUN84jFKN
HPuyq11yIkTYvMHc41zi1yIarDFZUx8Qje8GiL2aopVMvSCr03WQc0vjfil5XPUR
uJl+beIkAnpAuBzHDwrld/9VVuuzn5TmUB4H56Nd/nc+f4WrC2hXOVQ60eFNyoSn
ULcS67yMIqJqjg/6u6/SczBSocNn4d6s71VqNZ5vYylJ9K8TyyPTDUy62za8DYSb
jCfli5Ox8OVj4grWWZABdBuYo5HVb1vYk4XhLE8q2tar
-----END CERTIFICATE-----
Generated at Mon Jun 1 20:36:02 2026 by rpki-client