Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/01305f95-02db-46f4-a135-5ff585346b72.roa
File: 01305f95-02db-46f4-a135-5ff585346b72.roa (raw, json)
Hash identifier: Xnwlmk9qN/uiiFWDd1deNmmB6zRY2N3jTPSPXnzdM/A=
Subject key identifier: 57:0C:5D:90:83:F7:62:65:07:35:06:06:25:CF:BA:17:09:AD:C3:3B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7691022E8D219E3A9B4929BD8062427827B92586
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/01305f95-02db-46f4-a135-5ff585346b72.roa
Signing time: Sat 28 Feb 2026 06:30:40 +0000
ROA not before: Sat 28 Feb 2026 06:30:40 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.204.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:91:02:2e:8d:21:9e:3a:9b:49:29:bd:80:62:42:78:27:b9:25:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 28 06:30:40 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=017dc61860eedd81cf3a13ee3a4d6b9e2943851a80d2805244c72339c64c7c94, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ac:62:f4:13:1b:bd:24:f4:c8:6b:bf:21:0d:
ff:a6:39:57:df:6b:75:68:f0:6c:d9:72:92:35:3d:
84:52:68:88:e5:3d:c9:91:31:c0:f6:0a:d5:90:a8:
87:a3:b8:10:71:e2:25:db:d9:eb:e8:08:66:c9:b8:
b3:22:a2:49:66:29:dc:69:3c:05:6c:8b:77:94:d5:
2c:4a:ca:ac:a5:a7:b6:6d:a7:b0:94:d6:6a:82:af:
50:24:2d:84:f2:79:b0:3f:6e:85:07:d9:b0:b0:7b:
98:1e:5f:6c:77:40:e6:29:9d:5c:d7:0b:1d:d9:cb:
a6:dd:90:f6:4b:83:65:77:39:25:2a:2c:5f:27:89:
fe:0a:38:e6:8a:01:b9:6e:34:ec:f7:46:cb:8d:97:
ad:d5:2d:e9:4b:3c:21:5d:1d:84:a3:5b:11:8f:9d:
56:ea:ee:8d:f7:a1:92:b4:57:f7:3d:7f:9a:79:91:
41:e9:9d:16:0a:c9:86:da:61:10:08:4b:0d:35:61:
ee:46:cd:7e:32:82:c4:d3:d0:b7:72:b4:34:a3:f6:
24:1d:f1:d3:d3:ec:ed:2e:72:50:d4:e1:48:ae:a1:
6f:26:ce:d5:74:83:72:b4:fb:dc:89:e8:c9:df:ca:
a3:91:b0:ce:dd:c0:f2:05:80:40:68:0d:1c:6a:65:
25:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:0C:5D:90:83:F7:62:65:07:35:06:06:25:CF:BA:17:09:AD:C3:3B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/01305f95-02db-46f4-a135-5ff585346b72.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.204.0.0/15
Signature Algorithm: sha256WithRSAEncryption
1f:0d:5f:e8:b2:b7:9f:f7:0a:41:c5:96:4a:c7:14:dd:0c:4b:
8e:4b:5b:b0:d1:6c:24:9d:15:04:d8:ba:33:ff:db:9e:e4:ea:
70:81:6b:7b:6b:20:b8:e6:54:07:cf:1a:b0:a0:b1:b3:1a:0c:
25:12:2d:5f:55:30:80:20:d3:df:54:04:ee:c2:c6:fc:63:a7:
d0:b0:e7:a8:1f:1d:f6:6e:07:cb:ba:b5:be:94:b1:d6:32:a9:
e8:81:88:a8:96:8e:61:bb:0a:77:33:b6:a1:b4:96:39:3f:27:
1e:d7:23:74:b1:c3:fb:55:46:19:d0:78:2d:7f:54:72:56:69:
f6:c3:72:a4:e3:d2:de:f5:34:84:ea:5b:84:cc:28:3f:33:13:
3b:da:e6:1b:4b:5f:aa:8a:7f:7f:cf:1c:59:ea:5a:3e:c3:a3:
72:27:8f:f1:7c:89:6f:24:dd:ad:cc:00:af:29:fe:5e:11:77:
6b:89:2d:51:5f:12:98:9d:94:4e:43:10:f5:70:6d:e5:4b:f1:
2a:dd:39:f6:c0:67:0e:94:dd:14:f9:6c:94:a8:a6:d4:d4:2e:
3c:0b:dd:de:c0:8c:be:87:48:7f:b3:a7:d1:33:3f:94:ae:a5:
3f:d9:4c:77:57:3e:80:83:13:29:2c:29:56:6a:1e:9b:69:9a:
8c:5c:c9:a3
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUdpECLo0hnjqbSSm9gGJCeCe5JYYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMjgwNjMwNDBaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDAxN2RjNjE4NjBlZWRkODFjZjNhMTNlZTNhNGQ2YjllMjk0Mzg1MWE4MGQy
ODA1MjQ0YzcyMzM5YzY0YzdjOTQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKasYvQTG70k9MhrvyEN/6Y5V99rdWjwbNlykjU9hFJoiOU9yZExwPYK1ZCo
h6O4EHHiJdvZ6+gIZsm4syKiSWYp3Gk8BWyLd5TVLErKrKWntm2nsJTWaoKvUCQt
hPJ5sD9uhQfZsLB7mB5fbHdA5imdXNcLHdnLpt2Q9kuDZXc5JSosXyeJ/go45ooB
uW407PdGy42XrdUt6Us8IV0dhKNbEY+dVurujfehkrRX9z1/mnmRQemdFgrJhtph
EAhLDTVh7kbNfjKCxNPQt3K0NKP2JB3x09Ps7S5yUNThSK6hbybO1XSDcrT73Ino
yd/Ko5Gwzt3A8gWAQGgNHGplJVMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRXDF2Q
g/diZQc1BgYlz7oXCa3DOzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDEzMDVmOTUtMDJkYi00NmY0LWExMzUtNWZmNTg1MzQ2YjcyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPMMA0G
CSqGSIb3DQEBCwUAA4IBAQAfDV/osref9wpBxZZKxxTdDEuOS1uw0WwknRUE2Loz
/9ue5OpwgWt7ayC45lQHzxqwoLGzGgwlEi1fVTCAINPfVATuwsb8Y6fQsOeoHx32
bgfLurW+lLHWMqnogYiolo5huwp3M7ahtJY5Pyce1yN0scP7VUYZ0Hgtf1RyVmn2
w3Kk49Le9TSE6luEzCg/MxM72uYbS1+qin9/zxxZ6lo+w6NyJ4/xfIlvJN2tzACv
Kf5eEXdriS1RXxKYnZROQxD1cG3lS/Eq3Tn2wGcOlN0U+WyUqKbU1C48C93ewIy+
h0h/s6fRMz+UrqU/2Ux3Vz6AgxMpLClWah6baZqMXMmj
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:49:08 2026 by rpki-client