Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c50006d0-c65f-4259-ace3-46351e9d23c5.roa
File: c50006d0-c65f-4259-ace3-46351e9d23c5.roa (raw, json)
Hash identifier: Vv1bouZaK3mBRtPQKNBMoER5EkGMC7sqb1zPIcNPjI4=
Subject key identifier: 62:AB:4E:05:4B:7E:3A:C4:16:76:8C:87:FE:E4:1E:04:7E:EF:A5:A6
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0B884526AF940913F2C2FDF40A641ADB8C18ED40
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c50006d0-c65f-4259-ace3-46351e9d23c5.roa
Signing time: Mon 27 Apr 2026 00:40:35 +0000
ROA not before: Mon 27 Apr 2026 00:40:35 +0000
ROA not after: Sun 26 Jul 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.84.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 04 May 2026 05:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:88:45:26:af:94:09:13:f2:c2:fd:f4:0a:64:1a:db:8c:18:ed:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 27 00:40:35 2026 GMT
Not After : Jul 26 23:59:59 2026 GMT
Subject: serialNumber=551535f4fcb87e752f5a3f572daf9e0a067878dc62b6f592a9f09e841156381a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:16:58:4c:7f:ab:f6:4c:a4:b9:a9:06:47:c2:
af:3e:dc:16:3a:ff:5e:06:2a:dd:c9:20:5e:dc:b2:
2c:79:03:3b:d7:ba:d9:56:07:f5:d2:c1:80:2b:bd:
20:4a:bd:98:ee:18:cb:f2:f4:dd:46:1b:95:a4:dc:
eb:6d:ab:ae:70:4d:d0:1c:3b:a9:31:8c:f1:1e:ee:
0e:9d:0e:26:ef:ff:21:55:70:eb:32:83:5b:a7:2d:
c2:14:e6:2c:dc:8f:94:b8:27:4f:a9:c3:55:14:b9:
d5:44:3f:f7:db:17:4e:47:40:a5:b6:29:f3:44:2d:
8a:89:a3:d7:90:7e:b0:e5:6b:b5:b6:79:89:31:2d:
46:b7:40:3d:f1:82:e5:5e:11:9b:ce:d4:4d:13:5c:
6c:07:d5:33:95:c8:ea:49:b3:9c:a6:53:f3:91:18:
7c:e0:62:a0:bd:97:68:4e:a0:9e:e6:c8:cf:c5:c5:
cb:d0:b7:7e:69:e7:18:b1:96:be:3c:8e:00:18:5c:
88:45:98:0b:cf:cf:4f:55:2f:ef:65:34:c1:ab:28:
de:12:07:41:4e:9e:9c:8a:5c:8a:25:ac:7a:19:c7:
56:b3:f9:4b:50:f6:19:0b:5f:63:64:a1:26:3e:fd:
d6:98:6e:b9:6f:54:63:4e:43:96:ed:aa:f9:c9:51:
33:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:AB:4E:05:4B:7E:3A:C4:16:76:8C:87:FE:E4:1E:04:7E:EF:A5:A6
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c50006d0-c65f-4259-ace3-46351e9d23c5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.84.0.0/16
Signature Algorithm: sha256WithRSAEncryption
cb:b2:18:6a:83:18:bc:25:0f:88:31:1a:ad:78:91:d9:f9:ef:
47:23:f9:a7:4c:ea:4b:15:f5:17:36:ce:5c:92:9b:a2:a1:3e:
87:96:5a:eb:76:f3:5e:81:10:32:e2:71:19:14:49:eb:7d:eb:
ca:a4:6d:a2:11:e9:97:68:1c:e0:28:27:7d:86:b8:a7:e8:07:
32:bc:94:e2:25:3d:95:b1:01:61:02:f4:0d:85:55:ba:b0:90:
4b:21:99:57:02:02:c2:02:d7:4a:0b:ea:e7:f2:2f:81:f4:48:
b8:db:20:5e:b1:7f:b2:86:d1:d3:35:1f:b5:ab:0d:f2:81:9d:
cf:1a:3d:29:1f:5c:6a:25:13:bf:6a:46:d8:b2:0b:0e:96:8b:
bb:92:b9:13:3e:c3:4b:b9:fc:72:a6:12:9b:11:b8:03:55:7d:
41:2d:a8:51:a0:1b:e7:19:10:f4:36:89:5f:c4:ef:a5:aa:da:
1f:70:5f:dd:33:82:12:6b:9d:90:29:51:4f:d9:c9:c3:72:13:
65:4b:28:40:98:ce:06:4a:5d:44:e0:35:2c:06:8a:b6:32:8d:
78:c3:b3:8d:56:85:b1:7f:85:2b:d7:3a:f3:f9:ca:48:53:7f:
c5:cd:0d:1b:7b:60:36:0c:a4:11:1a:29:b0:c3:e4:84:48:b8:
14:12:c8:cc
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUC4hFJq+UCRPywv30CmQa24wY7UAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA0MjcwMDQwMzVaFw0yNjA3MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDU1MTUzNWY0ZmNiODdlNzUyZjVhM2Y1NzJkYWY5ZTBhMDY3ODc4ZGM2MmI2
ZjU5MmE5ZjA5ZTg0MTE1NjM4MWExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK0WWEx/q/ZMpLmpBkfCrz7cFjr/XgYq3ckgXtyyLHkDO9e62VYH9dLBgCu9
IEq9mO4Yy/L03UYblaTc622rrnBN0Bw7qTGM8R7uDp0OJu//IVVw6zKDW6ctwhTm
LNyPlLgnT6nDVRS51UQ/99sXTkdApbYp80Qtiomj15B+sOVrtbZ5iTEtRrdAPfGC
5V4Rm87UTRNcbAfVM5XI6kmznKZT85EYfOBioL2XaE6gnubIz8XFy9C3fmnnGLGW
vjyOABhciEWYC8/PT1Uv72U0waso3hIHQU6enIpciiWsehnHVrP5S1D2GQtfY2Sh
Jj791phuuW9UY05Dlu2q+clRM3ECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRiq04F
S346xBZ2jIf+5B4Efu+lpjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzUwMDA2ZDAtYzY1Zi00MjU5LWFjZTMtNDYzNTFlOWQyM2M1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNUMA0G
CSqGSIb3DQEBCwUAA4IBAQDLshhqgxi8JQ+IMRqteJHZ+e9HI/mnTOpLFfUXNs5c
kpuioT6HllrrdvNegRAy4nEZFEnrfevKpG2iEemXaBzgKCd9hrin6AcyvJTiJT2V
sQFhAvQNhVW6sJBLIZlXAgLCAtdKC+rn8i+B9Ei42yBesX+yhtHTNR+1qw3ygZ3P
Gj0pH1xqJRO/akbYsgsOlou7krkTPsNLufxyphKbEbgDVX1BLahRoBvnGRD0Nolf
xO+lqtofcF/dM4ISa52QKVFP2cnDchNlSyhAmM4GSl1E4DUsBoq2Mo14w7ONVoWx
f4Ur1zrz+cpIU3/FzQ0be2A2DKQRGimww+SESLgUEsjM
-----END CERTIFICATE-----
Generated at Sun May 3 15:23:22 2026 by rpki-client