Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/07a0a2d7-7de7-4807-863f-fcbe7f8106e1.roa
File: 07a0a2d7-7de7-4807-863f-fcbe7f8106e1.roa (raw, json)
Hash identifier: z+RwgqRTn5rui0KYc4BycH6/uwPUzrpmx7jxaEq+R1o=
Subject key identifier: 46:70:68:D4:BE:48:C8:99:D0:45:D0:C9:56:67:BE:F8:8E:5E:08:E7
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 11A04DB6E248A7F71B2506BCD48729173B195991
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/07a0a2d7-7de7-4807-863f-fcbe7f8106e1.roa
Signing time: Tue 19 May 2026 05:40:03 +0000
ROA not before: Tue 19 May 2026 05:40:03 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 14618
IP address blocks: 51.35.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:a0:4d:b6:e2:48:a7:f7:1b:25:06:bc:d4:87:29:17:3b:19:59:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 05:40:03 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=deb8f183206459b40772bf0de40263049142cdb996003b6cdf13669b44b335a5, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:6d:34:f7:87:75:f8:13:c0:c9:ac:8f:2b:ed:
f5:eb:ee:26:34:84:a1:41:f1:84:56:96:a7:cb:b8:
dc:fb:a2:88:22:2e:9b:b8:cf:4a:29:ee:7e:4b:a8:
a9:1f:f0:9a:d0:28:ad:e4:d1:b4:ef:38:55:8b:6f:
dd:4d:a7:de:a2:b8:b5:12:1e:e2:b4:3e:7b:a1:fc:
2c:d6:fd:fe:b7:15:51:2d:46:8e:0c:50:13:61:77:
1c:2a:0d:84:5a:5d:4f:ba:92:84:c9:3c:38:63:54:
7c:39:f5:db:1b:87:ef:41:0c:12:2c:64:07:5a:fc:
e4:90:d8:09:2c:b8:03:63:ce:8f:4a:68:15:e5:43:
ce:6a:10:3f:73:85:bf:17:c7:3a:76:c7:d0:9f:70:
32:cc:cf:4d:58:60:b2:97:c9:36:0f:5f:9e:56:77:
d1:b3:7f:98:86:91:ee:fc:f4:ab:e9:94:e7:13:5b:
bf:20:d0:c7:2b:b5:a2:5f:4f:e2:e2:81:91:12:89:
c9:be:46:2e:8c:c7:9c:e8:17:13:8c:57:50:80:5a:
35:94:04:6d:5e:11:e5:db:78:e1:7e:3b:9d:18:ce:
84:1a:0c:bf:db:57:09:7f:59:eb:bf:49:8d:28:5c:
3a:9f:b7:42:a4:a3:f2:79:92:d2:30:df:24:96:3c:
3a:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:70:68:D4:BE:48:C8:99:D0:45:D0:C9:56:67:BE:F8:8E:5E:08:E7
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/07a0a2d7-7de7-4807-863f-fcbe7f8106e1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.35.0.0/16
Signature Algorithm: sha256WithRSAEncryption
23:c3:20:67:a9:37:3d:5e:b5:a3:e2:f7:12:9a:80:59:07:77:
db:fd:ab:7d:2f:8c:c6:6e:bf:d2:87:bc:f0:37:1e:61:5f:02:
1c:db:70:ef:88:1b:ae:d1:48:0e:e3:53:f0:67:f4:08:79:53:
73:f1:20:05:ce:a1:c7:4b:79:8f:69:d9:d2:a4:79:3c:b9:97:
fe:0d:a0:60:15:75:cb:d3:e8:33:3b:3d:40:ed:e2:9f:bb:60:
9d:e5:00:c8:f2:20:73:88:b3:6f:30:90:88:90:60:0e:d2:55:
ab:f4:90:8a:0e:86:13:60:13:84:4a:03:4a:05:ac:d2:ee:a9:
40:86:08:a7:13:eb:44:89:66:cb:b0:f2:72:b3:d4:cf:84:a9:
13:f5:df:4e:54:c0:d1:4a:da:fc:6a:19:56:5c:1b:8f:60:91:
dd:81:4d:b4:40:60:b8:8d:3f:2f:58:fa:6a:8f:83:9f:ee:6d:
3d:e7:f1:38:59:28:5f:67:c0:bc:ee:dd:64:8d:c9:68:3f:35:
b3:c1:b6:32:44:f1:b7:f8:7e:d1:3f:97:a7:73:7f:d9:48:08:
08:a4:e5:12:dd:45:5e:40:9a:f2:55:9c:0b:03:2f:83:9d:ef:
66:79:dc:2b:ec:da:e0:f8:42:0a:c4:bc:63:c5:4a:fe:55:68:
49:9c:70:b8
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUEaBNtuJIp/cbJQa81IcpFzsZWZEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNTQwMDNaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGRlYjhmMTgzMjA2NDU5YjQwNzcyYmYwZGU0MDI2MzA0OTE0MmNkYjk5NjAw
M2I2Y2RmMTM2NjliNDRiMzM1YTUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJRtNPeHdfgTwMmsjyvt9evuJjSEoUHxhFaWp8u43PuiiCIum7jPSinufkuo
qR/wmtAoreTRtO84VYtv3U2n3qK4tRIe4rQ+e6H8LNb9/rcVUS1GjgxQE2F3HCoN
hFpdT7qShMk8OGNUfDn12xuH70EMEixkB1r85JDYCSy4A2POj0poFeVDzmoQP3OF
vxfHOnbH0J9wMszPTVhgspfJNg9fnlZ30bN/mIaR7vz0q+mU5xNbvyDQxyu1ol9P
4uKBkRKJyb5GLozHnOgXE4xXUIBaNZQEbV4R5dt44X47nRjOhBoMv9tXCX9Z679J
jShcOp+3QqSj8nmS0jDfJJY8OskCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRGcGjU
vkjImdBF0MlWZ774jl4I5zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDdhMGEyZDctN2RlNy00ODA3LTg2M2YtZmNiZTdmODEwNmUxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMjMA0G
CSqGSIb3DQEBCwUAA4IBAQAjwyBnqTc9XrWj4vcSmoBZB3fb/at9L4zGbr/Sh7zw
Nx5hXwIc23DviBuu0UgO41PwZ/QIeVNz8SAFzqHHS3mPadnSpHk8uZf+DaBgFXXL
0+gzOz1A7eKfu2Cd5QDI8iBziLNvMJCIkGAO0lWr9JCKDoYTYBOESgNKBazS7qlA
hginE+tEiWbLsPJys9TPhKkT9d9OVMDRStr8ahlWXBuPYJHdgU20QGC4jT8vWPpq
j4Of7m095/E4WShfZ8C87t1kjcloPzWzwbYyRPG3+H7RP5enc3/ZSAgIpOUS3UVe
QJryVZwLAy+Dne9medwr7Nrg+EIKxLxjxUr+VWhJnHC4
-----END CERTIFICATE-----
Generated at Sat Jun 13 05:44:31 2026 by rpki-client