Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ca9dc172-c5c5-48fd-a801-9f7f050aa67b.roa
File: ca9dc172-c5c5-48fd-a801-9f7f050aa67b.roa (raw, json)
Hash identifier: lOJlzyY91NNA8DR1han6NcIH2MMhbHlDsxOndlkyS5k=
Subject key identifier: 93:39:F5:3C:3F:35:27:EB:14:40:2D:01:82:70:0C:BF:54:63:27:12
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3DF969B0E65E40A935F1A3C28DA8A56416687825
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ca9dc172-c5c5-48fd-a801-9f7f050aa67b.roa
Signing time: Mon 27 Apr 2026 00:40:09 +0000
ROA not before: Mon 27 Apr 2026 00:40:09 +0000
ROA not after: Sun 26 Jul 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.24.0.0/13 maxlen: 13
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 04 May 2026 05:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:f9:69:b0:e6:5e:40:a9:35:f1:a3:c2:8d:a8:a5:64:16:68:78:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 27 00:40:09 2026 GMT
Not After : Jul 26 23:59:59 2026 GMT
Subject: serialNumber=1dbd4b71fa0f96c7aba79cd261623ca9ece94846a27d0e0efd69881ff358df71, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:7c:d5:23:d7:e1:b2:82:f9:f7:63:25:0f:a9:
07:5b:ee:cc:49:c1:1b:b0:cc:6c:89:a9:d9:11:1b:
13:52:2c:59:bf:5f:25:44:9b:4a:fb:d6:1c:d6:a7:
f3:97:03:92:a6:62:a8:5f:6c:9b:dd:02:f0:d8:4d:
dd:e3:d2:dc:b0:80:a5:00:20:32:12:a5:da:62:2d:
94:0e:3b:b9:a5:03:af:5a:c3:14:32:38:da:4a:88:
93:64:68:63:e1:1a:1d:9f:76:29:48:5d:b3:c9:66:
b1:e7:00:3c:4b:9f:db:5c:8f:0a:c2:b6:d2:65:61:
2f:0b:61:3e:ce:1a:66:23:91:cd:a1:1c:e3:da:95:
d5:7c:00:79:76:c8:af:14:78:30:e1:d6:5c:18:0a:
b8:86:2f:57:d5:e5:33:64:20:dc:8e:ee:67:8b:da:
73:66:60:9e:f3:e7:2b:ef:c6:96:ba:fb:6c:7b:6d:
e9:fc:a4:01:73:9b:60:9a:be:69:d1:a4:c5:7b:be:
9d:9b:22:e9:af:f8:8f:bb:13:4a:65:2b:79:80:58:
72:23:d6:e4:36:d7:72:2e:41:85:76:65:a2:ca:2e:
01:f8:38:62:f5:46:f6:52:26:ea:a2:12:c6:a0:5f:
d2:96:82:56:9e:42:98:b4:7d:1e:99:4d:9f:f4:fa:
ec:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:39:F5:3C:3F:35:27:EB:14:40:2D:01:82:70:0C:BF:54:63:27:12
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ca9dc172-c5c5-48fd-a801-9f7f050aa67b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.24.0.0/13
Signature Algorithm: sha256WithRSAEncryption
01:1a:bb:71:c1:28:27:17:d1:9c:cf:03:3e:59:49:49:e0:61:
0c:3f:57:6b:b0:59:47:c9:7d:c5:17:2b:0e:41:2e:7a:a5:28:
83:ae:63:f1:f0:05:a2:e3:03:33:37:9c:3f:42:11:c6:cd:b6:
35:a7:68:ef:2a:56:2d:5c:87:ee:70:67:c5:6b:46:ed:90:5e:
ea:48:12:a8:f0:87:6d:b7:96:f5:8a:1b:75:7c:91:37:2a:53:
77:85:cf:7c:1e:10:2f:28:29:92:08:a2:c3:52:53:8b:50:33:
32:30:d3:c3:76:e4:a7:32:4c:bd:1a:47:b2:0f:34:4c:80:d3:
96:39:79:13:d2:d7:d6:2c:b3:60:8f:47:2a:54:2c:c5:9f:3a:
af:da:96:63:f1:56:56:79:34:0d:c2:e6:01:ef:d2:64:c9:65:
24:53:a6:9d:17:8f:05:2b:e1:44:90:b9:52:0c:4a:df:f6:e8:
5d:70:b7:c3:f7:77:36:2b:e1:ef:09:4f:2c:e4:91:e9:ce:e5:
45:13:59:1e:2f:23:77:a8:da:34:18:af:00:ab:9f:8f:6b:eb:
14:f8:d6:24:97:fe:ea:22:fb:13:6c:d6:50:0a:d8:56:20:70:
e2:25:ce:d2:bf:d8:11:a1:75:1c:c0:b2:aa:3f:5e:ed:7a:26:
00:01:8f:75
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUPflpsOZeQKk18aPCjailZBZoeCUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA0MjcwMDQwMDlaFw0yNjA3MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDFkYmQ0YjcxZmEwZjk2YzdhYmE3OWNkMjYxNjIzY2E5ZWNlOTQ4NDZhMjdk
MGUwZWZkNjk4ODFmZjM1OGRmNzExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOl81SPX4bKC+fdjJQ+pB1vuzEnBG7DMbImp2REbE1IsWb9fJUSbSvvWHNan
85cDkqZiqF9sm90C8NhN3ePS3LCApQAgMhKl2mItlA47uaUDr1rDFDI42kqIk2Ro
Y+EaHZ92KUhds8lmsecAPEuf21yPCsK20mVhLwthPs4aZiORzaEc49qV1XwAeXbI
rxR4MOHWXBgKuIYvV9XlM2Qg3I7uZ4vac2ZgnvPnK+/Glrr7bHtt6fykAXObYJq+
adGkxXu+nZsi6a/4j7sTSmUreYBYciPW5DbXci5BhXZlosouAfg4YvVG9lIm6qIS
xqBf0paCVp5CmLR9HplNn/T67PsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSTOfU8
PzUn6xRALQGCcAy/VGMnEjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Y2E5ZGMxNzItYzVjNS00OGZkLWE4MDEtOWY3ZjA1MGFhNjdiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAzMYMA0G
CSqGSIb3DQEBCwUAA4IBAQABGrtxwSgnF9GczwM+WUlJ4GEMP1drsFlHyX3FFysO
QS56pSiDrmPx8AWi4wMzN5w/QhHGzbY1p2jvKlYtXIfucGfFa0btkF7qSBKo8Idt
t5b1iht1fJE3KlN3hc98HhAvKCmSCKLDUlOLUDMyMNPDduSnMky9GkeyDzRMgNOW
OXkT0tfWLLNgj0cqVCzFnzqv2pZj8VZWeTQNwuYB79JkyWUkU6adF48FK+FEkLlS
DErf9uhdcLfD93c2K+HvCU8s5JHpzuVFE1keLyN3qNo0GK8Aq5+Pa+sU+NYkl/7q
IvsTbNZQCthWIHDiJc7Sv9gRoXUcwLKqP17teiYAAY91
-----END CERTIFICATE-----
Generated at Sun May 3 15:23:00 2026 by rpki-client