Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/01305f95-02db-46f4-a135-5ff585346b72.roa
File: 01305f95-02db-46f4-a135-5ff585346b72.roa (raw, json)
Hash identifier: nB5fBJ4/WxtTrO/HbXxrGwJRBajuvqNcZ7RiI6Cum2s=
Subject key identifier: 54:19:74:68:40:0F:3A:24:53:EA:81:91:25:2B:51:84:D1:1D:07:0C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 20425A69428EF9004B319E3982AC578DCCF43AAD
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/01305f95-02db-46f4-a135-5ff585346b72.roa
Signing time: Tue 19 May 2026 05:50:33 +0000
ROA not before: Tue 19 May 2026 05:50:33 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.204.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:42:5a:69:42:8e:f9:00:4b:31:9e:39:82:ac:57:8d:cc:f4:3a:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 05:50:33 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=048a09b94052cde970b91abffc1e3df52f4a3a26bb4424ea19d99824accdd554, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:83:42:95:6d:ad:91:de:0b:f6:14:7f:56:14:
a2:01:11:00:6e:7c:8a:ef:64:e3:54:07:3d:a1:d2:
34:1b:18:87:d0:d1:9f:71:39:4e:04:32:12:43:03:
36:f1:3c:14:3f:ba:73:09:7a:89:25:90:46:49:09:
ca:94:22:bc:f0:ea:7b:23:54:20:50:1b:b4:71:e6:
bb:bd:5b:15:2a:ac:a7:7e:fc:0d:71:3d:4b:9c:49:
15:3f:15:68:c1:a0:df:29:a3:0b:22:7e:25:1b:9c:
b0:3e:69:4e:5c:e4:f6:0b:39:5d:a1:c2:1b:3e:e6:
0a:32:67:c8:66:3f:87:6a:d0:6d:c9:ca:fb:33:0b:
02:95:0e:27:ea:45:88:98:dd:70:a6:ba:a9:38:da:
a0:b1:99:ab:24:62:5b:53:58:9d:f8:13:2b:1c:be:
b2:44:39:5e:70:6a:10:88:6c:75:a5:b7:53:e5:b6:
ea:88:f3:54:7a:9a:7f:11:4c:cd:b3:22:a9:6b:9a:
8e:3d:91:dc:e4:e5:7a:88:71:da:87:3f:f6:d6:a5:
04:9b:a3:c5:d9:ae:f4:45:2f:a9:41:93:a5:4e:14:
fc:45:1d:7b:36:e1:9d:0d:96:83:68:1f:82:06:5a:
ad:ff:e9:22:01:89:80:7c:3a:03:eb:d6:f2:22:24:
b7:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:19:74:68:40:0F:3A:24:53:EA:81:91:25:2B:51:84:D1:1D:07:0C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/01305f95-02db-46f4-a135-5ff585346b72.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.204.0.0/15
Signature Algorithm: sha256WithRSAEncryption
46:13:5b:1d:d9:21:c3:fe:8d:ef:92:fa:35:e3:b5:22:78:4a:
1b:7a:58:33:27:12:22:66:80:27:dc:22:d9:36:d4:e1:a8:79:
06:90:5b:6c:63:3a:5f:77:69:22:93:81:34:cc:c7:ba:07:b1:
22:da:69:93:3d:43:d7:bb:2c:81:1a:34:98:17:15:70:d5:69:
d1:74:86:33:04:a6:d2:e3:5c:db:7b:dc:94:a8:90:1b:9c:d2:
12:61:e6:1b:99:62:82:92:b7:2a:e5:18:f6:ed:b7:b4:23:83:
dc:17:76:16:e1:48:81:29:e1:ce:1f:6b:c2:fd:6a:1d:69:ea:
98:e9:b9:a0:50:97:9d:97:0b:2f:ed:a2:92:9a:3f:b2:a5:9e:
62:0d:4c:73:c2:1a:25:4d:99:27:4a:19:65:cd:71:bf:79:9c:
3f:00:55:44:50:22:2f:62:e6:a1:5c:8b:6f:41:99:6e:33:9b:
a3:1b:49:b4:41:17:1e:25:4b:24:74:b8:3c:f1:39:60:4b:94:
6f:ff:16:91:99:3e:36:84:68:5e:ed:25:8f:db:f2:4d:1b:eb:
b0:e5:8c:01:e7:32:54:f5:e2:06:df:bc:3a:00:6d:8c:81:c4:
4c:c1:99:31:c2:f8:23:ea:dd:23:4c:d2:63:09:94:29:77:f5:
a0:83:e1:fc
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUIEJaaUKO+QBLMZ45gqxXjcz0Oq0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNTUwMzNaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDA0OGEwOWI5NDA1MmNkZTk3MGI5MWFiZmZjMWUzZGY1MmY0YTNhMjZiYjQ0
MjRlYTE5ZDk5ODI0YWNjZGQ1NTQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPCDQpVtrZHeC/YUf1YUogERAG58iu9k41QHPaHSNBsYh9DRn3E5TgQyEkMD
NvE8FD+6cwl6iSWQRkkJypQivPDqeyNUIFAbtHHmu71bFSqsp378DXE9S5xJFT8V
aMGg3ymjCyJ+JRucsD5pTlzk9gs5XaHCGz7mCjJnyGY/h2rQbcnK+zMLApUOJ+pF
iJjdcKa6qTjaoLGZqyRiW1NYnfgTKxy+skQ5XnBqEIhsdaW3U+W26ojzVHqafxFM
zbMiqWuajj2R3OTleohx2oc/9talBJujxdmu9EUvqUGTpU4U/EUdezbhnQ2Wg2gf
ggZarf/pIgGJgHw6A+vW8iIkt9ECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRUGXRo
QA86JFPqgZElK1GE0R0HDDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDEzMDVmOTUtMDJkYi00NmY0LWExMzUtNWZmNTg1MzQ2YjcyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPMMA0G
CSqGSIb3DQEBCwUAA4IBAQBGE1sd2SHD/o3vkvo147UieEobelgzJxIiZoAn3CLZ
NtThqHkGkFtsYzpfd2kik4E0zMe6B7Ei2mmTPUPXuyyBGjSYFxVw1WnRdIYzBKbS
41zbe9yUqJAbnNISYeYbmWKCkrcq5Rj27be0I4PcF3YW4UiBKeHOH2vC/WodaeqY
6bmgUJedlwsv7aKSmj+ypZ5iDUxzwholTZknShllzXG/eZw/AFVEUCIvYuahXItv
QZluM5ujG0m0QRceJUskdLg88TlgS5Rv/xaRmT42hGhe7SWP2/JNG+uw5YwB5zJU
9eIG37w6AG2MgcRMwZkxwvgj6t0jTNJjCZQpd/Wgg+H8
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:12:33 2026 by rpki-client