Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d7fdedfc-2bdc-42cd-a714-2abbc02deae9.roa
File: d7fdedfc-2bdc-42cd-a714-2abbc02deae9.roa (raw, json)
Hash identifier: T0l54kP4ARBRX9j26zuDGidFzjTMUJVlRcfEwo/dg0k=
Subject key identifier: 5D:6A:76:80:74:D2:CD:3B:00:EA:FE:A4:E1:92:99:8B:4F:B2:9F:AA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 110D33C042EFC43472A090739DAB5D42529BF06E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d7fdedfc-2bdc-42cd-a714-2abbc02deae9.roa
Signing time: Sat 28 Feb 2026 06:40:35 +0000
ROA not before: Sat 28 Feb 2026 06:40:35 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.151.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 06:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:0d:33:c0:42:ef:c4:34:72:a0:90:73:9d:ab:5d:42:52:9b:f0:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 28 06:40:35 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=1c65c13df45090e3cbd7767ddab9776161a812680b3d93e725b965f338310e8b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:f6:e6:46:20:ee:24:11:b9:22:ed:07:7d:20:
4a:fd:b4:36:c1:b5:9e:53:0e:cc:6c:65:ef:68:70:
94:61:9e:34:ae:21:81:ad:f8:df:a9:32:0b:9a:b9:
44:f2:85:f1:6e:e6:52:1c:96:78:61:7a:61:5f:8c:
cc:cd:7a:36:36:70:2c:e8:f6:89:f1:ec:f2:b2:1d:
8a:3b:fc:01:c7:23:84:a2:87:51:3d:1a:5e:00:e6:
b2:e0:96:f7:dd:80:74:a7:68:cc:2e:a5:52:01:54:
05:af:9d:65:ea:65:7c:95:de:85:cc:78:d6:54:60:
cf:91:9e:44:b6:66:0c:de:c6:d0:f2:5b:2d:2f:19:
e3:9d:89:5b:a2:52:86:c7:4e:29:de:87:52:89:3b:
55:da:84:85:e0:3b:a0:dd:4b:7d:73:4a:2d:fd:91:
15:24:cb:4e:af:d1:ad:4e:39:6b:7a:6b:b1:47:20:
fb:f0:a9:38:1a:a5:49:ca:ad:5f:6a:49:b5:d7:e1:
50:d0:b1:06:4d:09:27:7a:aa:4d:f4:d6:fd:08:fb:
56:2c:8d:1d:9f:69:15:3b:21:10:fa:b7:0c:ea:a8:
43:52:aa:9f:f3:22:41:26:3a:24:96:b5:53:56:19:
57:06:4b:1e:5d:69:a3:1b:49:13:4a:78:e2:10:9f:
3b:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:6A:76:80:74:D2:CD:3B:00:EA:FE:A4:E1:92:99:8B:4F:B2:9F:AA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d7fdedfc-2bdc-42cd-a714-2abbc02deae9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.151.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1d:8b:22:34:08:1e:9e:00:13:32:e4:51:99:ae:d3:62:b1:2b:
ce:fa:5b:fc:62:5c:d5:c5:55:4b:cc:0f:65:b6:23:8f:18:c1:
1c:ba:b5:17:fe:c2:b0:9d:b6:a8:57:74:2f:10:34:77:1a:d5:
d8:07:b9:23:c5:e3:43:dc:74:c2:52:3f:39:f0:0d:2b:5c:69:
c4:e6:0f:d9:5e:69:a2:97:53:29:07:fa:f9:6c:5e:1a:ce:eb:
36:18:65:f3:13:4d:98:fc:4e:05:c0:4a:fc:05:45:58:66:6f:
01:e3:95:1b:75:e0:55:be:6d:93:ea:14:12:11:98:52:45:cf:
7b:80:e3:4c:74:c6:02:2d:7f:93:40:ff:cd:a5:be:69:0d:d2:
78:26:1c:59:80:45:30:75:9e:e1:b7:2c:3e:36:ee:8c:25:15:
bc:b6:eb:bc:89:7b:47:5f:1d:82:91:a2:37:fd:af:ef:55:a3:
fc:f3:92:46:5a:de:a9:9d:1a:be:9a:88:78:ea:4c:d4:b0:12:
04:cf:90:f9:5c:b2:25:f0:2e:3c:85:9d:4a:c2:87:fc:1d:53:
ab:4d:3f:d5:71:95:85:c5:97:05:31:cf:94:14:11:56:15:b7:
ea:4b:32:87:39:2a:f0:13:65:82:76:04:ec:83:b1:68:5d:5d:
7d:79:7d:fe
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUEQ0zwELvxDRyoJBznatdQlKb8G4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMjgwNjQwMzVaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDFjNjVjMTNkZjQ1MDkwZTNjYmQ3NzY3ZGRhYjk3NzYxNjFhODEyNjgwYjNk
OTNlNzI1Yjk2NWYzMzgzMTBlOGIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALH25kYg7iQRuSLtB30gSv20NsG1nlMOzGxl72hwlGGeNK4hga3436kyC5q5
RPKF8W7mUhyWeGF6YV+MzM16NjZwLOj2ifHs8rIdijv8AccjhKKHUT0aXgDmsuCW
992AdKdozC6lUgFUBa+dZeplfJXehcx41lRgz5GeRLZmDN7G0PJbLS8Z452JW6JS
hsdOKd6HUok7VdqEheA7oN1LfXNKLf2RFSTLTq/RrU45a3prsUcg+/CpOBqlScqt
X2pJtdfhUNCxBk0JJ3qqTfTW/Qj7ViyNHZ9pFTshEPq3DOqoQ1Kqn/MiQSY6JJa1
U1YZVwZLHl1poxtJE0p44hCfO0sCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRdanaA
dNLNOwDq/qThkpmLT7KfqjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDdmZGVkZmMtMmJkYy00MmNkLWE3MTQtMmFiYmMwMmRlYWU5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOXMA0G
CSqGSIb3DQEBCwUAA4IBAQAdiyI0CB6eABMy5FGZrtNisSvO+lv8YlzVxVVLzA9l
tiOPGMEcurUX/sKwnbaoV3QvEDR3GtXYB7kjxeND3HTCUj858A0rXGnE5g/ZXmmi
l1MpB/r5bF4azus2GGXzE02Y/E4FwEr8BUVYZm8B45UbdeBVvm2T6hQSEZhSRc97
gONMdMYCLX+TQP/Npb5pDdJ4JhxZgEUwdZ7htyw+Nu6MJRW8tuu8iXtHXx2CkaI3
/a/vVaP885JGWt6pnRq+moh46kzUsBIEz5D5XLIl8C48hZ1Kwof8HVOrTT/VcZWF
xZcFMc+UFBFWFbfqSzKHOSrwE2WCdgTsg7FoXV19eX3+
-----END CERTIFICATE-----
Generated at Sun Mar 1 15:40:12 2026 by rpki-client