Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/07a0a2d7-7de7-4807-863f-fcbe7f8106e1.roa
File: 07a0a2d7-7de7-4807-863f-fcbe7f8106e1.roa (raw, json)
Hash identifier: YekciHIryLkmUFwa4pee1l1GQEvEDGqH3W9r266bL20=
Subject key identifier: 08:30:DD:82:CF:11:00:55:3C:E6:43:EF:44:44:89:F9:EB:04:99:2D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6399ABBB1066B26817166607391724ABA1A08983
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/07a0a2d7-7de7-4807-863f-fcbe7f8106e1.roa
Signing time: Sat 28 Feb 2026 06:30:53 +0000
ROA not before: Sat 28 Feb 2026 06:30:53 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 14618
IP address blocks: 51.35.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:99:ab:bb:10:66:b2:68:17:16:66:07:39:17:24:ab:a1:a0:89:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 28 06:30:53 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=8138f36632ef1ca6f8b1aa9776c51364f1786035f9e8debcc7b84ba4c1d3d558, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:76:53:6c:84:06:da:2e:ea:8e:5d:9f:af:8a:
d0:43:86:ec:e9:1c:72:3e:62:81:a1:85:ec:47:29:
2c:e3:ee:e2:c2:09:6b:fb:36:56:e6:d8:31:77:b4:
b5:28:ad:2b:92:74:06:31:97:31:b6:16:da:a0:28:
27:63:16:07:61:84:fb:cc:ea:41:78:e9:b2:1d:b0:
63:2e:6f:d8:2b:a9:e4:65:51:71:28:83:d6:af:6f:
c0:f5:35:85:0c:a2:fd:d0:6e:79:a5:8e:bc:c3:11:
7f:2e:a9:8d:a8:ee:a3:84:3f:b3:71:bb:60:12:96:
52:aa:28:53:b7:8b:5e:4e:f4:f5:ef:6b:24:bf:0e:
02:3b:4d:ed:d2:c3:c3:72:78:82:44:b0:b0:3b:23:
06:74:b1:3d:21:74:df:33:32:a9:ae:5b:cc:a6:11:
28:77:bd:e0:da:db:0f:25:ca:7f:dc:26:98:4f:f2:
b1:7f:6f:60:d0:cc:39:ea:88:ba:9d:e3:09:4a:3b:
6b:5d:9e:6e:40:35:d7:23:11:14:76:38:1b:63:92:
23:f6:9d:fa:13:72:a3:19:7a:e0:db:3e:6e:aa:48:
ce:9f:ad:fa:d7:fe:f7:28:e9:aa:26:91:8a:97:a6:
9f:3f:52:1a:49:71:f5:a5:4b:fa:40:7e:8d:69:c1:
60:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:30:DD:82:CF:11:00:55:3C:E6:43:EF:44:44:89:F9:EB:04:99:2D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/07a0a2d7-7de7-4807-863f-fcbe7f8106e1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.35.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8d:42:8a:9f:e2:52:76:f2:84:63:48:f0:65:b5:b2:90:a9:af:
1c:6c:0c:6d:25:44:5b:15:a3:d8:3c:d2:97:56:ff:7b:8c:6c:
e6:d9:bb:bd:fe:44:c0:4a:3e:a3:b9:ea:9f:dd:bf:8c:d1:c4:
7c:eb:b5:76:ac:ba:2f:f6:d0:47:52:89:08:42:62:82:ff:7d:
c2:df:9c:41:18:42:70:17:63:e2:64:39:73:b6:b4:8a:a7:2c:
81:05:36:8f:c8:51:72:07:ec:7f:4f:a3:3d:61:7e:b2:19:5e:
02:2a:46:3e:fa:cc:f0:17:24:e8:1e:73:18:45:94:5b:17:22:
f6:60:05:00:29:1f:3f:7e:f3:cc:5f:02:eb:d0:6f:df:33:98:
58:fa:a4:b4:06:36:8b:64:ae:5f:a6:86:26:cf:89:e8:ec:12:
36:eb:a7:04:52:eb:ec:7f:41:fa:ef:4b:d2:68:10:eb:53:9b:
06:57:22:40:61:ac:54:12:b0:7d:54:67:9b:58:c6:86:4f:bd:
40:a0:f7:73:69:c3:4d:ea:01:30:9d:f1:7a:f6:29:bb:11:11:
2a:62:c3:14:7d:cf:4a:49:38:28:ff:68:78:8d:6b:05:60:cb:
26:e9:9a:f8:6f:01:70:06:9e:ff:71:48:6d:f8:09:d9:18:33:
3d:3f:cc:ff
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUY5mruxBmsmgXFmYHORckq6GgiYMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMjgwNjMwNTNaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDgxMzhmMzY2MzJlZjFjYTZmOGIxYWE5Nzc2YzUxMzY0ZjE3ODYwMzVmOWU4
ZGViY2M3Yjg0YmE0YzFkM2Q1NTgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJJ2U2yEBtou6o5dn6+K0EOG7Okccj5igaGF7EcpLOPu4sIJa/s2VubYMXe0
tSitK5J0BjGXMbYW2qAoJ2MWB2GE+8zqQXjpsh2wYy5v2Cup5GVRcSiD1q9vwPU1
hQyi/dBueaWOvMMRfy6pjajuo4Q/s3G7YBKWUqooU7eLXk709e9rJL8OAjtN7dLD
w3J4gkSwsDsjBnSxPSF03zMyqa5bzKYRKHe94NrbDyXKf9wmmE/ysX9vYNDMOeqI
up3jCUo7a12ebkA11yMRFHY4G2OSI/ad+hNyoxl64Ns+bqpIzp+t+tf+9yjpqiaR
ipemnz9SGklx9aVL+kB+jWnBYGMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQIMN2C
zxEAVTzmQ+9ERIn56wSZLTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDdhMGEyZDctN2RlNy00ODA3LTg2M2YtZmNiZTdmODEwNmUxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMjMA0G
CSqGSIb3DQEBCwUAA4IBAQCNQoqf4lJ28oRjSPBltbKQqa8cbAxtJURbFaPYPNKX
Vv97jGzm2bu9/kTASj6jueqf3b+M0cR867V2rLov9tBHUokIQmKC/33C35xBGEJw
F2PiZDlztrSKpyyBBTaPyFFyB+x/T6M9YX6yGV4CKkY++szwFyToHnMYRZRbFyL2
YAUAKR8/fvPMXwLr0G/fM5hY+qS0BjaLZK5fpoYmz4no7BI266cEUuvsf0H670vS
aBDrU5sGVyJAYaxUErB9VGebWMaGT71AoPdzacNN6gEwnfF69im7EREqYsMUfc9K
STgo/2h4jWsFYMsm6Zr4bwFwBp7/cUht+AnZGDM9P8z/
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:23:39 2026 by rpki-client