Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/09ec97ca-044e-4785-bdd4-fcf9e8d514ca.roa
File: 09ec97ca-044e-4785-bdd4-fcf9e8d514ca.roa (raw, json)
Hash identifier: dmO0uiaZvrZ3hNXGCue+8eTRS59Gfk6z3M/srb9AUjA=
Subject key identifier: 15:5A:FD:B2:B2:F1:FB:6D:BB:41:12:DA:BD:0A:5E:AB:E2:E7:81:5F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7AFFAA3DFB5CADD4A6DC98AD535D0263402569D0
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/09ec97ca-044e-4785-bdd4-fcf9e8d514ca.roa
Signing time: Sat 28 Feb 2026 06:40:44 +0000
ROA not before: Sat 28 Feb 2026 06:40:44 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.122.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:ff:aa:3d:fb:5c:ad:d4:a6:dc:98:ad:53:5d:02:63:40:25:69:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 28 06:40:44 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=1d969b8608c193649d4332e2d295cec345e95e1b09af1b3fe12a125fa6252ec9, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:54:cb:96:08:28:0b:b4:6a:34:75:7f:ec:71:
32:c2:00:85:66:44:76:65:17:ed:93:96:90:f7:b9:
04:f8:d5:f4:62:61:e1:14:f4:bf:15:13:63:14:47:
29:87:06:fe:ff:26:4d:ff:f3:ed:16:f7:46:95:dc:
b3:24:83:22:a5:31:fd:c2:0e:f6:3e:d5:c6:b8:74:
5d:5e:dd:76:da:d8:b5:94:94:49:eb:f6:46:e2:4d:
0c:18:6b:7b:23:07:20:52:4a:5c:38:09:b3:e6:55:
1b:a7:9e:b5:8d:aa:a4:72:16:17:95:36:5a:44:a1:
9d:d9:92:6b:34:55:14:a1:3c:46:c3:6a:67:1a:b2:
cd:fe:95:12:99:7d:c9:5f:12:36:d4:dd:d5:5a:a1:
4f:b2:e8:b8:80:a3:1d:d2:40:10:fc:4b:c4:75:25:
73:ae:81:9b:21:53:4e:df:fa:19:fb:a9:b4:a0:44:
d1:46:e4:4d:fa:9b:7a:40:b3:4c:5f:58:54:d1:74:
90:bf:fd:40:12:7e:4e:aa:7f:0f:08:94:9c:34:9a:
66:e2:e4:d4:ca:b2:28:9d:e5:9c:f7:21:13:90:d1:
65:85:c6:a1:59:85:b8:97:d3:3d:50:a5:0a:88:b3:
47:a9:53:77:8e:d9:52:90:08:5f:9b:a9:50:58:ac:
c3:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:5A:FD:B2:B2:F1:FB:6D:BB:41:12:DA:BD:0A:5E:AB:E2:E7:81:5F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/09ec97ca-044e-4785-bdd4-fcf9e8d514ca.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.122.0.0/15
Signature Algorithm: sha256WithRSAEncryption
67:d5:d8:be:d9:aa:39:71:1b:2f:5f:9a:de:bf:75:8f:15:f1:
af:6c:20:97:9c:9b:3c:5c:60:ee:70:80:80:e8:9a:4a:26:30:
28:36:44:41:c2:8a:e1:20:b3:f3:02:19:43:4a:c0:ad:3a:61:
67:0e:bd:9d:12:73:d3:cd:9f:60:58:d2:0b:6e:c2:7b:b2:e1:
0e:07:8d:62:56:64:16:eb:c4:90:61:4e:84:b6:a3:2b:3d:cc:
ec:b9:22:2c:10:99:3e:57:cf:f7:5d:7d:79:a6:a4:1b:dd:d7:
4c:e3:aa:83:e9:5c:1b:ff:b8:0e:58:06:59:41:ce:88:2f:95:
e4:f5:18:2b:2e:23:92:8c:a3:6f:c2:90:90:40:0a:f9:ec:b8:
e0:e5:e2:9f:c5:a9:ee:4d:30:b4:f6:4a:da:c0:97:ce:9b:f8:
98:08:d9:5f:8e:f6:87:52:40:a3:72:fd:83:0b:4a:97:e8:b1:
9d:01:0a:bb:e8:c9:52:d5:5d:4f:c9:56:40:fb:83:b6:4a:d6:
62:4d:76:cd:e6:f6:b2:d2:79:10:d1:40:ec:32:82:9c:01:cf:
54:16:69:fe:17:bb:49:77:ab:75:55:83:fe:16:27:a0:38:9d:
11:e0:db:f0:53:93:af:d5:68:26:10:45:6b:a9:47:d2:b2:b4:
91:54:4e:35
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUev+qPftcrdSm3JitU10CY0AladAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMjgwNjQwNDRaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDFkOTY5Yjg2MDhjMTkzNjQ5ZDQzMzJlMmQyOTVjZWMzNDVlOTVlMWIwOWFm
MWIzZmUxMmExMjVmYTYyNTJlYzkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKNUy5YIKAu0ajR1f+xxMsIAhWZEdmUX7ZOWkPe5BPjV9GJh4RT0vxUTYxRH
KYcG/v8mTf/z7Rb3RpXcsySDIqUx/cIO9j7Vxrh0XV7ddtrYtZSUSev2RuJNDBhr
eyMHIFJKXDgJs+ZVG6eetY2qpHIWF5U2WkShndmSazRVFKE8RsNqZxqyzf6VEpl9
yV8SNtTd1VqhT7LouICjHdJAEPxLxHUlc66BmyFTTt/6GfuptKBE0UbkTfqbekCz
TF9YVNF0kL/9QBJ+Tqp/DwiUnDSaZuLk1MqyKJ3lnPchE5DRZYXGoVmFuJfTPVCl
CoizR6lTd47ZUpAIX5upUFisw/0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQVWv2y
svH7bbtBEtq9Cl6r4ueBXzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDllYzk3Y2EtMDQ0ZS00Nzg1LWJkZDQtZmNmOWU4ZDUxNGNhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATN6MA0G
CSqGSIb3DQEBCwUAA4IBAQBn1di+2ao5cRsvX5rev3WPFfGvbCCXnJs8XGDucICA
6JpKJjAoNkRBworhILPzAhlDSsCtOmFnDr2dEnPTzZ9gWNILbsJ7suEOB41iVmQW
68SQYU6EtqMrPczsuSIsEJk+V8/3XX15pqQb3ddM46qD6Vwb/7gOWAZZQc6IL5Xk
9RgrLiOSjKNvwpCQQAr57Ljg5eKfxanuTTC09krawJfOm/iYCNlfjvaHUkCjcv2D
C0qX6LGdAQq76MlS1V1PyVZA+4O2StZiTXbN5vay0nkQ0UDsMoKcAc9UFmn+F7tJ
d6t1VYP+FiegOJ0R4NvwU5Ov1WgmEEVrqUfSsrSRVE41
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:07:40 2026 by rpki-client