Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/84c43b95-85d3-4c1d-a6be-cf17906f11c4.roa
File: 84c43b95-85d3-4c1d-a6be-cf17906f11c4.roa (raw, json)
Hash identifier: cJNLGWqGwKLHKNrjeV/7AQNaNoBgWTW/k38kHAFhMf0=
Subject key identifier: 46:A9:21:2E:0E:6C:EF:7C:EC:BE:90:25:C1:A6:BF:8F:46:03:5D:0E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7CA0A4B0363C64A308D2633ED529B508148CA50D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/84c43b95-85d3-4c1d-a6be-cf17906f11c4.roa
Signing time: Tue 19 May 2026 06:00:07 +0000
ROA not before: Tue 19 May 2026 06:00:07 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.236.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:a0:a4:b0:36:3c:64:a3:08:d2:63:3e:d5:29:b5:08:14:8c:a5:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 06:00:07 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=267964e8b43169fc0221ecfee426266e3b8d189abe3da70e5e97e40f20a7ea85, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:b1:ac:bc:0f:40:85:8a:cf:60:1c:cb:18:a4:
06:2a:60:f9:4c:88:1d:9c:04:30:92:d1:d2:51:89:
7c:2e:f7:66:3e:6a:7b:0e:0b:71:73:aa:60:f8:27:
98:2a:43:31:78:1d:29:02:da:31:05:6b:2a:bb:10:
db:1a:06:13:14:a0:c0:46:c1:11:2c:60:6f:4f:eb:
90:81:c1:05:52:75:e4:06:a3:af:61:5f:1b:27:cb:
1d:51:72:e7:89:85:25:d4:06:7c:03:5d:f5:f0:37:
34:f9:a8:13:61:d4:52:96:fc:01:cd:24:30:20:f1:
70:e7:da:49:89:4a:37:a9:e4:a6:83:e0:86:0b:bf:
c7:50:3d:0a:a4:32:dc:6f:cc:4e:ed:b7:aa:f7:77:
c6:cc:07:b8:81:a0:d0:fd:5a:86:17:45:d7:c5:88:
99:f4:cd:6f:c6:25:88:23:0a:08:41:a6:10:34:95:
8f:a7:31:d4:4a:bd:a0:b7:f7:47:fe:23:77:d0:b8:
68:c3:56:d7:db:9e:79:eb:8d:17:27:bd:bd:27:24:
d3:a5:f5:cf:de:00:00:ca:4e:b7:e8:0e:8e:8b:b1:
60:6f:1a:66:30:4a:9d:a2:00:0e:43:3c:6c:57:98:
c8:f6:65:ce:db:a9:70:f9:33:ef:a1:d9:21:fe:6e:
69:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:A9:21:2E:0E:6C:EF:7C:EC:BE:90:25:C1:A6:BF:8F:46:03:5D:0E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/84c43b95-85d3-4c1d-a6be-cf17906f11c4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.236.0.0/15
Signature Algorithm: sha256WithRSAEncryption
77:aa:6c:af:a5:2d:d0:20:08:59:b4:9e:37:97:93:f5:9f:73:
98:75:f7:e1:5d:bd:d5:a7:3c:dc:ed:20:6a:19:b0:4a:75:30:
c2:59:20:5f:62:41:e6:4c:c2:8d:ee:9b:28:53:dd:c0:9d:37:
97:a0:c8:60:c8:25:8e:2e:f1:d6:3e:b3:a2:24:a0:d9:4e:50:
b1:2b:ac:8d:f8:6b:a3:7d:d7:9f:54:e8:af:76:94:b6:94:fd:
dd:e7:d5:74:bd:49:e6:cf:95:d8:db:93:16:d3:d2:ed:69:3f:
3d:10:9c:aa:60:30:1d:d6:d9:67:47:21:10:c9:a0:33:68:2a:
8a:3a:d6:9c:d0:b1:f7:f1:32:95:5a:ab:8e:c7:60:ec:ef:34:
d0:86:36:8e:1d:8f:7a:f4:07:00:27:91:06:20:9a:ec:70:28:
f0:a1:7a:60:e7:98:ea:23:1a:aa:71:21:5e:15:f5:79:5a:fa:
33:3a:3a:6f:37:ce:4f:48:7f:5c:2e:5a:56:01:51:1c:50:fe:
85:45:82:de:69:d9:a3:f7:52:86:04:62:03:7d:37:50:ea:63:
ae:9e:59:12:ef:6b:e6:fd:00:20:13:98:f7:91:a9:2e:13:1a:
00:2e:33:d8:9b:b2:a5:83:75:61:b3:0f:b8:43:f1:ca:ff:fa:
a9:8d:cf:11
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUfKCksDY8ZKMI0mM+1Sm1CBSMpQ0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNjAwMDdaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDI2Nzk2NGU4YjQzMTY5ZmMwMjIxZWNmZWU0MjYyNjZlM2I4ZDE4OWFiZTNk
YTcwZTVlOTdlNDBmMjBhN2VhODUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ+xrLwPQIWKz2AcyxikBipg+UyIHZwEMJLR0lGJfC73Zj5qew4LcXOqYPgn
mCpDMXgdKQLaMQVrKrsQ2xoGExSgwEbBESxgb0/rkIHBBVJ15Aajr2FfGyfLHVFy
54mFJdQGfANd9fA3NPmoE2HUUpb8Ac0kMCDxcOfaSYlKN6nkpoPghgu/x1A9CqQy
3G/MTu23qvd3xswHuIGg0P1ahhdF18WImfTNb8YliCMKCEGmEDSVj6cx1Eq9oLf3
R/4jd9C4aMNW19ueeeuNFye9vSck06X1z94AAMpOt+gOjouxYG8aZjBKnaIADkM8
bFeYyPZlztupcPkz76HZIf5uaWUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRGqSEu
DmzvfOy+kCXBpr+PRgNdDjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODRjNDNiOTUtODVkMy00YzFkLWE2YmUtY2YxNzkwNmYxMWM0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPsMA0G
CSqGSIb3DQEBCwUAA4IBAQB3qmyvpS3QIAhZtJ43l5P1n3OYdffhXb3Vpzzc7SBq
GbBKdTDCWSBfYkHmTMKN7psoU93AnTeXoMhgyCWOLvHWPrOiJKDZTlCxK6yN+Guj
fdefVOivdpS2lP3d59V0vUnmz5XY25MW09LtaT89EJyqYDAd1tlnRyEQyaAzaCqK
Otac0LH38TKVWquOx2Ds7zTQhjaOHY969AcAJ5EGIJrscCjwoXpg55jqIxqqcSFe
FfV5WvozOjpvN85PSH9cLlpWAVEcUP6FRYLeadmj91KGBGIDfTdQ6mOunlkS72vm
/QAgE5j3kakuExoALjPYm7Klg3Vhsw+4Q/HK//qpjc8R
-----END CERTIFICATE-----
Generated at Thu Jun 4 04:58:36 2026 by rpki-client