Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0bfa25dd-319f-4f2d-b786-8ab19d58e811.roa
File: 0bfa25dd-319f-4f2d-b786-8ab19d58e811.roa (raw, json)
Hash identifier: 2FRPMz2nz4tofHNWmD7wpkcK37Jjv0CQ0lmo/R4xNdg=
Subject key identifier: 5F:DF:E3:15:5D:98:9F:93:82:87:CB:A7:CF:88:3A:75:B8:62:94:0D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3C28D9CB33931E20A06901172DC72E98261B5663
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0bfa25dd-319f-4f2d-b786-8ab19d58e811.roa
Signing time: Sat 28 Feb 2026 06:30:48 +0000
ROA not before: Sat 28 Feb 2026 06:30:48 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.100.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:28:d9:cb:33:93:1e:20:a0:69:01:17:2d:c7:2e:98:26:1b:56:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 28 06:30:48 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=9015f051049e9278bc562e4a692aff127cd5d0a8137c04334fdf4e2abf6f2546, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:46:2e:dd:fe:c8:e0:3a:14:0e:5b:91:0a:85:
53:46:3f:6e:1d:c4:d3:6e:e7:b2:2e:e8:8c:a9:ec:
c7:b5:91:fe:28:76:42:eb:90:7e:ad:71:05:e8:2f:
3f:d7:2a:5e:81:54:73:41:df:c6:74:60:2c:e4:9c:
2d:fb:6a:8d:45:92:c1:cd:3a:84:62:ea:7d:13:2f:
27:6d:bf:0a:78:4b:ae:0b:f8:dd:83:f0:dd:ec:54:
e2:6e:6f:e5:53:23:54:54:6e:23:21:b4:05:53:48:
5a:ec:93:a6:48:59:97:b0:68:02:1c:e8:6e:75:2d:
70:ea:92:01:32:63:77:a7:36:ee:6f:1e:fe:de:c4:
25:3d:e8:26:10:b6:57:26:dc:e0:85:31:da:28:a2:
79:7e:f5:be:c0:9e:72:49:52:4a:e4:c9:e4:41:6c:
e3:92:88:00:35:ab:77:f8:bd:aa:5b:57:f9:33:13:
6c:7d:80:db:04:a7:eb:88:58:fc:b2:78:4b:b2:75:
69:d0:4f:cc:5f:b2:d0:c7:a7:71:5c:55:15:db:5f:
6e:f2:66:76:9a:3e:9c:06:99:3c:47:e8:85:ef:4c:
c8:ea:2b:8c:c8:99:9e:ef:64:e8:a5:6c:13:50:79:
0a:4d:64:9f:85:7a:27:d9:52:8e:64:2d:5d:e5:d4:
f7:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:DF:E3:15:5D:98:9F:93:82:87:CB:A7:CF:88:3A:75:B8:62:94:0D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0bfa25dd-319f-4f2d-b786-8ab19d58e811.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.100.0.0/15
Signature Algorithm: sha256WithRSAEncryption
50:11:87:35:fb:48:31:9b:07:38:99:72:c0:4b:4a:61:a9:b6:
d3:6e:ad:ed:f8:f7:c8:86:4c:ed:a0:90:e3:0a:27:0e:4f:9a:
03:96:59:7a:7f:9c:0f:67:fc:2b:77:d6:12:d5:07:a6:2c:d7:
3d:e5:20:c3:78:75:22:31:d8:fa:25:d5:2e:45:2c:eb:35:b2:
09:c3:18:c7:2d:ec:a4:e0:d2:a4:80:97:c9:cf:bc:94:85:ba:
d9:1f:23:84:fe:ee:bf:e9:0b:9e:c5:b7:ed:3d:46:b4:54:d3:
8b:cb:ce:7e:df:a7:c7:b2:4d:0e:34:b1:be:21:a8:41:b2:93:
5c:da:f2:e5:9b:69:b8:ec:e1:f6:63:f4:ea:08:20:3c:ca:56:
fb:0c:1a:f4:a4:34:21:9d:04:27:82:04:18:44:36:ee:ba:1f:
5e:4c:0c:6d:3d:aa:52:a8:bd:5b:dc:f2:1f:22:2c:3e:d8:4e:
a7:5e:05:de:e6:48:a4:4c:8c:33:af:37:cf:b4:82:f6:8b:e6:
d9:23:dc:b1:ad:18:a0:44:80:5f:c7:ed:58:4e:c4:16:80:ef:
b1:04:ce:9c:6b:8a:af:92:f2:0c:fa:6c:af:e0:ea:97:ea:0c:
65:75:34:d9:ad:c9:ed:bd:aa:7e:00:0e:39:bd:c9:25:e5:5c:
8b:e8:a1:a2
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUPCjZyzOTHiCgaQEXLccumCYbVmMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMjgwNjMwNDhaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDkwMTVmMDUxMDQ5ZTkyNzhiYzU2MmU0YTY5MmFmZjEyN2NkNWQwYTgxMzdj
MDQzMzRmZGY0ZTJhYmY2ZjI1NDYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALRGLt3+yOA6FA5bkQqFU0Y/bh3E027nsi7ojKnsx7WR/ih2QuuQfq1xBegv
P9cqXoFUc0HfxnRgLOScLftqjUWSwc06hGLqfRMvJ22/CnhLrgv43YPw3exU4m5v
5VMjVFRuIyG0BVNIWuyTpkhZl7BoAhzobnUtcOqSATJjd6c27m8e/t7EJT3oJhC2
Vybc4IUx2iiieX71vsCecklSSuTJ5EFs45KIADWrd/i9qltX+TMTbH2A2wSn64hY
/LJ4S7J1adBPzF+y0MencVxVFdtfbvJmdpo+nAaZPEfohe9MyOorjMiZnu9k6KVs
E1B5Ck1kn4V6J9lSjmQtXeXU9+0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRf3+MV
XZifk4KHy6fPiDp1uGKUDTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MGJmYTI1ZGQtMzE5Zi00ZjJkLWI3ODYtOGFiMTlkNThlODExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATNkMA0G
CSqGSIb3DQEBCwUAA4IBAQBQEYc1+0gxmwc4mXLAS0phqbbTbq3t+PfIhkztoJDj
CicOT5oDlll6f5wPZ/wrd9YS1QemLNc95SDDeHUiMdj6JdUuRSzrNbIJwxjHLeyk
4NKkgJfJz7yUhbrZHyOE/u6/6QuexbftPUa0VNOLy85+36fHsk0ONLG+IahBspNc
2vLlm2m47OH2Y/TqCCA8ylb7DBr0pDQhnQQnggQYRDbuuh9eTAxtPapSqL1b3PIf
Iiw+2E6nXgXe5kikTIwzrzfPtIL2i+bZI9yxrRigRIBfx+1YTsQWgO+xBM6ca4qv
kvIM+myv4OqX6gxldTTZrcntvap+AA45vckl5VyL6KGi
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:02:45 2026 by rpki-client