Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b2cac574-b448-47b5-a751-22dfd7293698.roa
File: b2cac574-b448-47b5-a751-22dfd7293698.roa (raw, json)
Hash identifier: w+lJ7QN4vFbFq2zBPpgUQfUbhxdb1IfQV718uZa4mEc=
Subject key identifier: AC:66:00:D3:07:C3:6B:5B:4E:01:F4:9C:04:B0:4C:25:EA:25:AF:C8
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 09A712A063B53E7DCFBF5DAD5A1D42DFB6FE5531
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b2cac574-b448-47b5-a751-22dfd7293698.roa
Signing time: Wed 18 Feb 2026 21:21:54 +0000
ROA not before: Wed 18 Feb 2026 21:21:54 +0000
ROA not after: Tue 19 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.102.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 20 Feb 2026 00:00:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:a7:12:a0:63:b5:3e:7d:cf:bf:5d:ad:5a:1d:42:df:b6:fe:55:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 18 21:21:54 2026 GMT
Not After : May 19 23:59:59 2026 GMT
Subject: serialNumber=802be9a34fcc8ebb513cecc03b894ec00a26379274b6485dff8d2eb0bc98a2b5, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:ad:73:43:ea:2c:37:88:0b:d0:28:07:36:3d:
54:cc:e1:38:59:ec:b2:5c:83:ec:6e:c8:4f:34:7c:
18:7b:8c:92:4c:ae:c1:0c:b1:91:ca:05:49:b6:cc:
e5:43:77:ae:ea:29:ef:46:f0:6e:9a:05:90:da:0f:
6d:b8:af:0d:32:88:19:50:b2:3a:8c:06:d9:5c:4b:
2b:05:ae:9d:65:a5:2f:d3:0a:76:3b:0a:85:ed:7c:
78:6d:42:12:ac:d5:78:33:91:f9:ce:a4:35:1c:5a:
31:99:95:76:7d:d7:6f:e9:87:ba:d8:44:48:09:38:
00:7a:a7:74:6f:cd:5e:ee:f6:1a:5d:67:e7:c6:b4:
92:0a:b2:d4:47:03:69:c4:40:af:35:cd:c8:a4:41:
5e:e1:01:85:de:6f:56:29:cc:e3:e5:73:80:40:6c:
fe:d7:a1:58:74:09:87:5e:70:3d:3f:4b:7f:17:08:
c9:32:1c:1a:c0:e3:c3:62:b4:3d:52:21:52:3b:fa:
7d:b4:55:19:5c:26:d1:32:c5:83:c1:15:dc:a3:7d:
ee:68:75:88:a5:bf:a5:77:22:06:59:6b:b5:d8:00:
af:b5:33:5d:b0:d7:5f:d5:54:7d:72:cd:5b:5d:6b:
08:aa:84:c6:41:a4:8c:1e:6e:b9:56:0d:35:b0:f5:
b9:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:66:00:D3:07:C3:6B:5B:4E:01:F4:9C:04:B0:4C:25:EA:25:AF:C8
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b2cac574-b448-47b5-a751-22dfd7293698.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.102.0.0/16
Signature Algorithm: sha256WithRSAEncryption
48:40:09:cc:0e:64:b7:2a:37:43:e1:71:93:d8:7a:fa:03:bf:
0d:fb:e6:d2:57:1c:48:5c:75:22:b5:1a:bc:26:cf:df:9f:37:
7d:57:ce:c6:e7:08:1d:8f:0f:cb:41:91:e1:4c:3a:03:19:cf:
85:ec:c1:f4:ed:f7:25:59:e3:fd:7e:87:64:0f:dd:1e:09:ab:
f9:ef:04:e5:f2:23:2b:62:95:25:e9:2d:03:3d:11:b0:78:0d:
3a:b3:d4:12:f0:1b:a9:a9:79:3b:a9:2b:41:0e:c0:4c:23:a7:
0d:fa:ff:c7:46:e0:4f:a5:a9:2e:1c:df:7f:69:c3:ac:5c:31:
d6:84:0d:33:7d:52:a5:4a:81:ec:18:ad:7c:d7:5c:70:57:cb:
f0:fb:b2:d0:62:e0:8a:46:05:ab:81:4f:1b:f7:9b:f1:0d:e4:
fe:a5:8c:cc:df:b0:51:5d:39:47:5f:f3:3b:44:c3:63:7e:dd:
25:27:fb:20:55:1e:85:4f:65:4b:80:87:19:a0:5e:c6:b3:47:
f0:aa:2c:bf:b8:a8:5a:e9:af:48:5c:14:bb:d9:06:71:b5:fe:
b2:88:d5:c6:04:c5:ee:a2:04:b2:6c:71:c5:9e:cd:c4:33:b8:
17:86:aa:d8:e7:00:cf:5a:7d:9b:d4:78:44:38:f8:0e:be:4e:
d0:9b:ba:46
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUCacSoGO1Pn3Pv12tWh1C37b+VTEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMTgyMTIxNTRaFw0yNjA1MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDgwMmJlOWEzNGZjYzhlYmI1MTNjZWNjMDNiODk0ZWMwMGEyNjM3OTI3NGI2
NDg1ZGZmOGQyZWIwYmM5OGEyYjUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMGtc0PqLDeIC9AoBzY9VMzhOFnsslyD7G7ITzR8GHuMkkyuwQyxkcoFSbbM
5UN3ruop70bwbpoFkNoPbbivDTKIGVCyOowG2VxLKwWunWWlL9MKdjsKhe18eG1C
EqzVeDOR+c6kNRxaMZmVdn3Xb+mHuthESAk4AHqndG/NXu72Gl1n58a0kgqy1EcD
acRArzXNyKRBXuEBhd5vVinM4+VzgEBs/tehWHQJh15wPT9LfxcIyTIcGsDjw2K0
PVIhUjv6fbRVGVwm0TLFg8EV3KN97mh1iKW/pXciBllrtdgAr7UzXbDXX9VUfXLN
W11rCKqExkGkjB5uuVYNNbD1uSkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSsZgDT
B8NrW04B9JwEsEwl6iWvyDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjJjYWM1NzQtYjQ0OC00N2I1LWE3NTEtMjJkZmQ3MjkzNjk4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNmMA0G
CSqGSIb3DQEBCwUAA4IBAQBIQAnMDmS3KjdD4XGT2Hr6A78N++bSVxxIXHUitRq8
Js/fnzd9V87G5wgdjw/LQZHhTDoDGc+F7MH07fclWeP9fodkD90eCav57wTl8iMr
YpUl6S0DPRGweA06s9QS8BupqXk7qStBDsBMI6cN+v/HRuBPpakuHN9/acOsXDHW
hA0zfVKlSoHsGK1811xwV8vw+7LQYuCKRgWrgU8b95vxDeT+pYzM37BRXTlHX/M7
RMNjft0lJ/sgVR6FT2VLgIcZoF7Gs0fwqiy/uKha6a9IXBS72QZxtf6yiNXGBMXu
ogSybHHFns3EM7gXhqrY5wDPWn2b1HhEOPgOvk7Qm7pG
-----END CERTIFICATE-----
Generated at Thu Feb 19 09:03:53 2026 by rpki-client