Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0a36b38b-9bd1-4014-823d-9204a303350e.roa
File: 0a36b38b-9bd1-4014-823d-9204a303350e.roa (raw, json)
Hash identifier: OHrQKkSebmwWUCwe9nkmG0BdcuFBv1nXX5gVuKfIh9c=
Subject key identifier: 69:C3:B6:25:DA:18:CA:EE:60:7C:9D:1A:9C:AB:8F:4E:DC:E2:12:58
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 76552015E5F73E083A8BDA70CF1854BAE598D13B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0a36b38b-9bd1-4014-823d-9204a303350e.roa
Signing time: Fri 06 Feb 2026 00:40:28 +0000
ROA not before: Fri 06 Feb 2026 00:40:28 +0000
ROA not after: Thu 07 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.21.183.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:55:20:15:e5:f7:3e:08:3a:8b:da:70:cf:18:54:ba:e5:98:d1:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 6 00:40:28 2026 GMT
Not After : May 7 23:59:59 2026 GMT
Subject: serialNumber=8ec9aca6d1d1eccc888d644b345349878a3974e0ca97c003070f29a6a57861be, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:27:50:c8:92:04:f2:7d:c5:11:e8:4b:16:f4:
a6:24:10:70:5d:dd:63:e7:db:75:fc:c3:f9:bf:ab:
29:73:b9:d8:42:86:36:62:16:07:48:ec:59:35:7c:
8f:98:59:3f:6b:aa:be:9a:68:a7:0d:6e:65:75:aa:
e1:06:dc:3c:2d:82:b2:87:5f:42:eb:3e:82:aa:59:
fd:83:75:dc:e5:d8:4e:97:99:7a:b2:76:c3:8d:c8:
0a:76:99:17:f4:df:af:a9:fb:24:ee:28:70:82:12:
fa:e1:25:6c:79:d0:f5:ab:6f:19:30:48:ff:aa:b0:
c1:7d:23:a2:12:f2:a2:a3:be:08:0d:84:58:c6:bf:
70:f8:ce:7f:6d:0d:67:95:df:16:b7:b1:3e:7b:27:
91:dc:1b:83:24:9e:d7:c5:1a:72:8b:e9:8d:d5:73:
2b:76:b9:3e:ee:df:d5:d4:e0:e9:f8:ac:6d:98:ac:
b2:b6:57:e8:0d:6f:26:54:de:df:5c:63:f2:f0:cd:
07:79:1b:4f:0f:89:dc:6d:fb:be:b9:12:65:6d:e3:
97:91:33:74:b1:ef:b9:f1:cb:a8:8b:8d:09:4c:fb:
e8:5c:c7:75:08:2e:58:a8:97:93:b7:0f:7c:e1:9d:
6c:fa:c7:fb:3b:b2:da:9a:31:42:84:10:e4:ff:19:
cc:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:C3:B6:25:DA:18:CA:EE:60:7C:9D:1A:9C:AB:8F:4E:DC:E2:12:58
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0a36b38b-9bd1-4014-823d-9204a303350e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.21.183.0/24
Signature Algorithm: sha256WithRSAEncryption
c8:1d:d0:2c:a4:bc:eb:f4:2f:a8:03:e4:6f:47:12:17:d6:a2:
8d:47:7a:cb:37:3f:83:7b:a8:38:67:e6:17:5e:3f:0d:db:3c:
29:1e:26:8d:dd:6c:ea:e2:2b:ab:09:30:7c:89:95:de:60:f8:
4e:24:7c:0e:be:0f:ca:22:f5:96:43:ae:f6:45:37:4b:47:dc:
73:50:ab:8a:63:b2:3b:c8:1d:98:d0:c0:e3:26:a1:f5:aa:d8:
92:4d:a3:c7:03:44:84:cc:7b:57:d8:85:92:35:75:d6:cf:47:
07:50:4a:d0:ad:e2:aa:b7:3f:9a:b2:c2:7a:e5:41:b9:15:45:
53:3a:a2:07:dd:e8:4e:1d:4b:55:0c:b8:b8:dc:11:6d:ff:36:
2a:2c:63:9f:ab:f3:c2:66:32:fe:fb:7e:51:2e:c9:8c:0d:0e:
16:89:d0:c2:4a:2a:68:87:b2:3d:15:c1:e9:0e:a4:71:c7:a0:
13:0b:7f:8a:fa:ea:62:08:79:eb:f8:d1:9e:3d:6f:38:b1:df:
2a:f9:98:d9:3d:d9:c6:68:1f:21:8b:c9:6e:ee:32:f2:f3:49:
de:60:47:12:8e:27:51:2b:a4:45:80:91:72:90:13:63:1d:f8:
f9:b9:b2:4d:fb:ab:8e:ee:58:f5:fe:22:77:aa:96:b4:55:3f:
07:c9:09:8f
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUdlUgFeX3Pgg6i9pwzxhUuuWY0TswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMDYwMDQwMjhaFw0yNjA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDhlYzlhY2E2ZDFkMWVjY2M4ODhkNjQ0YjM0NTM0OTg3OGEzOTc0ZTBjYTk3
YzAwMzA3MGYyOWE2YTU3ODYxYmUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALYnUMiSBPJ9xRHoSxb0piQQcF3dY+fbdfzD+b+rKXO52EKGNmIWB0jsWTV8
j5hZP2uqvppopw1uZXWq4QbcPC2CsodfQus+gqpZ/YN13OXYTpeZerJ2w43ICnaZ
F/Tfr6n7JO4ocIIS+uElbHnQ9atvGTBI/6qwwX0johLyoqO+CA2EWMa/cPjOf20N
Z5XfFrexPnsnkdwbgySe18UacovpjdVzK3a5Pu7f1dTg6fisbZissrZX6A1vJlTe
31xj8vDNB3kbTw+J3G37vrkSZW3jl5EzdLHvufHLqIuNCUz76FzHdQguWKiXk7cP
fOGdbPrH+zuy2poxQoQQ5P8ZzN0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRpw7Yl
2hjK7mB8nRqcq49O3OISWDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MGEzNmIzOGItOWJkMS00MDE0LTgyM2QtOTIwNGEzMDMzNTBlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADMVtzAN
BgkqhkiG9w0BAQsFAAOCAQEAyB3QLKS86/QvqAPkb0cSF9aijUd6yzc/g3uoOGfm
F14/Dds8KR4mjd1s6uIrqwkwfImV3mD4TiR8Dr4PyiL1lkOu9kU3S0fcc1CrimOy
O8gdmNDA4yah9arYkk2jxwNEhMx7V9iFkjV11s9HB1BK0K3iqrc/mrLCeuVBuRVF
UzqiB93oTh1LVQy4uNwRbf82Kixjn6vzwmYy/vt+US7JjA0OFonQwkoqaIeyPRXB
6Q6kccegEwt/ivrqYgh56/jRnj1vOLHfKvmY2T3ZxmgfIYvJbu4y8vNJ3mBHEo4n
USukRYCRcpATYx34+bmyTfurju5Y9f4id6qWtFU/B8kJjw==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:37:53 2026 by rpki-client