Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc50f617-7597-4f4e-b8f6-87763b28caf0.roa
File: fc50f617-7597-4f4e-b8f6-87763b28caf0.roa (raw, json)
Hash identifier: nniXCV6rZStiSLsrnbu9UOMkf72xSUNiXf0oKKzMbPE=
Subject key identifier: C0:47:24:6B:1E:A5:87:D7:EC:C2:EA:E3:74:6B:DD:BC:9E:F8:09:C7
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 63A7BE10DA6FBF19CE96F1B57752CDC4E0CCC0AF
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc50f617-7597-4f4e-b8f6-87763b28caf0.roa
Signing time: Sat 28 Feb 2026 06:30:57 +0000
ROA not before: Sat 28 Feb 2026 06:30:57 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.121.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 06:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:a7:be:10:da:6f:bf:19:ce:96:f1:b5:77:52:cd:c4:e0:cc:c0:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 28 06:30:57 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=17ff29eb15f4978b0abf56deff846638aefa1e1dbda0893566b11a3ae38686a9, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:15:cc:b8:68:e0:08:5e:e2:c5:20:a9:7b:f1:
07:14:9e:96:8d:4c:75:a0:bb:78:17:3c:b4:9b:58:
ab:4b:c5:20:e0:cc:d5:55:07:3d:2e:34:b1:89:11:
67:72:d9:79:96:88:41:a0:59:cb:e8:8e:f9:4e:90:
bc:47:86:75:20:46:1e:af:49:20:b3:92:7a:fe:c1:
1f:58:7e:a9:0a:91:be:5c:85:5c:9e:42:15:2c:06:
3b:28:91:5f:7d:b6:06:65:08:e1:f2:72:26:e7:f2:
ff:a6:f3:cb:16:2c:d3:4f:53:d6:74:95:f9:51:0e:
ce:3b:b8:7f:31:d8:ba:42:bf:fb:51:d0:d8:01:68:
31:0f:7e:f5:58:84:7b:29:71:ec:bf:77:2b:b4:80:
1f:28:33:46:b5:6b:af:bc:bc:ae:99:53:e5:94:d8:
c8:0b:83:a0:20:ff:e5:41:23:0c:62:3e:f3:8f:d1:
de:01:9e:fc:92:1d:0b:82:2f:75:96:86:3a:cd:57:
e8:6e:74:39:ee:7e:4d:b6:c6:23:80:68:d3:10:5f:
02:5c:25:f7:06:be:4d:ce:28:b6:00:06:76:2c:4b:
3e:91:64:22:7b:7c:21:2f:6f:d5:54:8e:a8:43:cd:
48:5d:06:48:f3:b5:49:9a:05:d7:04:21:64:b3:52:
69:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:47:24:6B:1E:A5:87:D7:EC:C2:EA:E3:74:6B:DD:BC:9E:F8:09:C7
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc50f617-7597-4f4e-b8f6-87763b28caf0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.121.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4b:0a:86:dd:36:e1:75:be:2f:0b:73:97:7b:56:1c:b9:6e:3f:
c1:e2:39:a5:61:2f:e4:05:d3:0c:04:0f:26:28:9e:fd:b0:99:
f8:75:d5:28:ba:d3:06:4e:c6:c1:ee:85:b6:9a:fb:2f:08:97:
a8:f3:f3:84:4c:81:6e:77:ad:67:6c:bd:ec:48:7d:24:c2:f9:
bc:0f:6b:30:97:b7:86:39:13:5e:02:8c:ae:82:39:7a:da:af:
9a:eb:f6:33:e0:dd:d4:bf:c5:15:6b:e4:9a:82:84:5a:7b:6e:
fe:93:84:7a:c4:92:49:01:ee:c9:15:8a:56:6b:06:de:24:d0:
51:12:6d:04:8e:6e:6f:7a:ce:60:5c:5e:7f:a7:94:5b:1e:7f:
ec:81:38:6c:3e:3f:35:cb:3e:d6:fd:bb:df:35:0f:2a:bb:5b:
ca:cf:07:b0:26:95:90:5b:8d:4a:3c:c9:b4:72:06:fa:f6:25:
50:c2:f0:6d:c7:d0:9e:2c:73:b9:0b:ed:4d:55:46:5d:b8:be:
aa:e8:f9:c8:e4:c7:13:72:94:8c:a8:42:bd:80:6c:ce:d2:3f:
19:f8:5f:d2:d6:53:5e:5f:89:44:f2:20:83:cf:6f:eb:6d:1b:
af:f6:a7:71:99:1a:ea:31:97:06:a6:7c:36:14:7f:6e:4d:36:
66:13:9c:91
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUY6e+ENpvvxnOlvG1d1LNxODMwK8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMjgwNjMwNTdaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDE3ZmYyOWViMTVmNDk3OGIwYWJmNTZkZWZmODQ2NjM4YWVmYTFlMWRiZGEw
ODkzNTY2YjExYTNhZTM4Njg2YTkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMEVzLho4Ahe4sUgqXvxBxSelo1MdaC7eBc8tJtYq0vFIODM1VUHPS40sYkR
Z3LZeZaIQaBZy+iO+U6QvEeGdSBGHq9JILOSev7BH1h+qQqRvlyFXJ5CFSwGOyiR
X322BmUI4fJyJufy/6bzyxYs009T1nSV+VEOzju4fzHYukK/+1HQ2AFoMQ9+9ViE
eylx7L93K7SAHygzRrVrr7y8rplT5ZTYyAuDoCD/5UEjDGI+84/R3gGe/JIdC4Iv
dZaGOs1X6G50Oe5+TbbGI4Bo0xBfAlwl9wa+Tc4otgAGdixLPpFkInt8IS9v1VSO
qEPNSF0GSPO1SZoF1wQhZLNSaTsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTARyRr
HqWH1+zC6uN0a928nvgJxzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmM1MGY2MTctNzU5Ny00ZjRlLWI4ZjYtODc3NjNiMjhjYWYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN5MA0G
CSqGSIb3DQEBCwUAA4IBAQBLCobdNuF1vi8Lc5d7Vhy5bj/B4jmlYS/kBdMMBA8m
KJ79sJn4ddUoutMGTsbB7oW2mvsvCJeo8/OETIFud61nbL3sSH0kwvm8D2swl7eG
ORNeAoyugjl62q+a6/Yz4N3Uv8UVa+SagoRae27+k4R6xJJJAe7JFYpWawbeJNBR
Em0Ejm5ves5gXF5/p5RbHn/sgThsPj81yz7W/bvfNQ8qu1vKzwewJpWQW41KPMm0
cgb69iVQwvBtx9CeLHO5C+1NVUZduL6q6PnI5McTcpSMqEK9gGzO0j8Z+F/S1lNe
X4lE8iCDz2/rbRuv9qdxmRrqMZcGpnw2FH9uTTZmE5yR
-----END CERTIFICATE-----
Generated at Sun Mar 1 14:25:24 2026 by rpki-client