Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a1fa391-4377-44ba-a6c7-c785fc9a7733.roa
File: 9a1fa391-4377-44ba-a6c7-c785fc9a7733.roa (raw, json)
Hash identifier: fyhtstK8btMFV/8QJIDxUI9k2Pfs72SjptkRWs8bmrA=
Subject key identifier: 1C:27:0A:AA:15:CB:AB:C9:97:C4:B7:54:9F:C6:8B:E2:4D:30:7E:67
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 20EFA7040B16FE14D874D3ABDBA107DB237E81BE
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a1fa391-4377-44ba-a6c7-c785fc9a7733.roa
Signing time: Mon 27 Apr 2026 00:40:29 +0000
ROA not before: Mon 27 Apr 2026 00:40:29 +0000
ROA not after: Sun 26 Jul 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.84.0.0/14 maxlen: 14
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 04 May 2026 05:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:ef:a7:04:0b:16:fe:14:d8:74:d3:ab:db:a1:07:db:23:7e:81:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 27 00:40:29 2026 GMT
Not After : Jul 26 23:59:59 2026 GMT
Subject: serialNumber=ffe4310f884efb23754826cb6c3b499737d41c9a8812ab8cb4445b77e0dbb4b2, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:26:d3:8b:9f:51:eb:06:1a:65:07:47:59:29:
be:49:a5:9c:6a:69:6a:49:42:b7:31:e8:44:5f:fc:
bd:a4:69:19:85:c4:b4:0e:29:60:81:84:5d:f6:ba:
d7:11:37:22:9a:1e:6b:49:5e:d8:fa:7d:85:fc:2b:
3d:ff:f2:5c:5e:ed:65:58:6f:95:23:86:8a:e3:3b:
3a:42:5b:43:34:c5:89:a6:e1:3f:2f:8d:cb:56:32:
ac:b5:91:1d:73:0c:11:ed:f8:c6:4c:9f:95:a0:9e:
0c:29:d7:47:a8:66:51:05:fd:68:df:25:d2:a4:c7:
a4:09:7a:97:1a:45:ba:c5:8f:7f:ef:86:d9:de:03:
65:b8:b7:c6:d8:38:e6:4c:c1:16:da:1a:2a:c1:a7:
75:7e:a1:7e:fe:21:27:e9:ed:7e:98:df:5c:74:ae:
77:c8:9c:77:20:79:9b:da:28:09:86:f5:2e:2f:2f:
e2:f5:07:16:bb:8b:a2:9d:6c:89:f3:34:64:86:6f:
df:0b:ac:c9:34:60:44:d2:4e:2d:d5:e7:ec:20:75:
a4:dd:8b:f6:5c:a3:6f:a1:f8:50:1d:2c:dc:e4:ec:
17:54:9d:14:55:48:8a:e1:91:14:d4:3b:12:7a:81:
3f:d4:a8:8c:e6:9f:f7:fa:b2:39:09:9f:87:6a:67:
b6:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:27:0A:AA:15:CB:AB:C9:97:C4:B7:54:9F:C6:8B:E2:4D:30:7E:67
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a1fa391-4377-44ba-a6c7-c785fc9a7733.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.84.0.0/14
Signature Algorithm: sha256WithRSAEncryption
9f:f3:dc:40:55:3c:cd:ee:7b:7b:32:46:20:ff:d9:77:8f:87:
f2:06:b9:23:bc:c9:db:33:8d:47:15:35:6d:01:07:c9:0e:89:
2c:00:d0:3c:94:4b:db:d2:3d:19:dd:7b:35:80:6c:83:67:52:
9e:29:b5:36:b2:94:bf:65:ac:8f:7a:c2:89:8f:05:9d:9c:83:
46:99:3b:50:3d:87:ac:57:d1:1e:98:ea:c4:78:6c:ad:f9:70:
d8:73:c3:f1:bc:81:1b:eb:84:83:53:db:7d:5b:ad:dd:b2:23:
31:24:31:09:0d:36:1f:83:19:95:9c:c2:a4:de:47:88:4d:bf:
5c:1b:f4:e3:30:5c:59:c7:74:ec:7c:60:02:ae:ca:7c:f7:6f:
b5:17:1b:89:82:85:e7:f2:93:50:f2:2a:71:80:45:39:80:26:
12:f0:68:25:3c:d8:b4:fb:f5:05:97:9a:61:b0:fa:d0:00:e6:
30:c3:7f:84:74:9e:08:dc:e1:96:06:b6:29:b0:c2:58:34:46:
8a:35:b2:57:6e:fa:68:09:50:67:6a:a9:c9:32:01:dc:8f:8e:
04:6a:4d:57:06:a6:60:54:f5:94:4d:61:5b:6a:86:6e:87:01:
95:e0:65:88:f5:e5:b6:d9:38:0b:69:2f:0f:16:30:db:d7:ea:
a0:6e:c6:19
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUIO+nBAsW/hTYdNOr26EH2yN+gb4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA0MjcwMDQwMjlaFw0yNjA3MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGZmZTQzMTBmODg0ZWZiMjM3NTQ4MjZjYjZjM2I0OTk3MzdkNDFjOWE4ODEy
YWI4Y2I0NDQ1Yjc3ZTBkYmI0YjIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM4m04ufUesGGmUHR1kpvkmlnGppaklCtzHoRF/8vaRpGYXEtA4pYIGEXfa6
1xE3Ipoea0le2Pp9hfwrPf/yXF7tZVhvlSOGiuM7OkJbQzTFiabhPy+Ny1YyrLWR
HXMMEe34xkyflaCeDCnXR6hmUQX9aN8l0qTHpAl6lxpFusWPf++G2d4DZbi3xtg4
5kzBFtoaKsGndX6hfv4hJ+ntfpjfXHSud8icdyB5m9ooCYb1Li8v4vUHFruLop1s
ifM0ZIZv3wusyTRgRNJOLdXn7CB1pN2L9lyjb6H4UB0s3OTsF1SdFFVIiuGRFNQ7
EnqBP9SojOaf9/qyOQmfh2pntsUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQcJwqq
FcuryZfEt1SfxoviTTB+ZzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWExZmEzOTEtNDM3Ny00NGJhLWE2YzctYzc4NWZjOWE3NzMzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjNUMA0G
CSqGSIb3DQEBCwUAA4IBAQCf89xAVTzN7nt7MkYg/9l3j4fyBrkjvMnbM41HFTVt
AQfJDoksANA8lEvb0j0Z3Xs1gGyDZ1KeKbU2spS/ZayPesKJjwWdnINGmTtQPYes
V9EemOrEeGyt+XDYc8PxvIEb64SDU9t9W63dsiMxJDEJDTYfgxmVnMKk3keITb9c
G/TjMFxZx3TsfGACrsp892+1FxuJgoXn8pNQ8ipxgEU5gCYS8GglPNi0+/UFl5ph
sPrQAOYww3+EdJ4I3OGWBrYpsMJYNEaKNbJXbvpoCVBnaqnJMgHcj44Eak1XBqZg
VPWUTWFbaoZuhwGV4GWI9eW22TgLaS8PFjDb1+qgbsYZ
-----END CERTIFICATE-----
Generated at Sun May 3 14:48:11 2026 by rpki-client