Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0bfa25dd-319f-4f2d-b786-8ab19d58e811.roa
File: 0bfa25dd-319f-4f2d-b786-8ab19d58e811.roa (raw, json)
Hash identifier: wTh1y5+AHBKd1vAOId1iRyKC9EfiVRPLd2wu17lCNyg=
Subject key identifier: 52:89:B8:96:64:73:8C:AF:29:35:89:47:3C:A5:71:96:0A:E3:F1:73
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 12BF8EBA2D3AD0AEE01D4B3903D2D07BFB6EA0E6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0bfa25dd-319f-4f2d-b786-8ab19d58e811.roa
Signing time: Tue 19 May 2026 05:50:39 +0000
ROA not before: Tue 19 May 2026 05:50:39 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.100.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:bf:8e:ba:2d:3a:d0:ae:e0:1d:4b:39:03:d2:d0:7b:fb:6e:a0:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 05:50:39 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=abad6322a7c0a4b06079c634f52a38d0de3f12a7b832be38a32b483b4af12ac4, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:c1:34:f1:0a:08:67:ec:f1:1d:22:d9:b3:2a:
f0:ea:6c:69:b4:67:91:c3:bf:7f:e7:a7:0f:1a:43:
c0:db:fc:86:0d:2b:d5:bb:da:48:c2:4d:c4:7f:fa:
55:75:3b:83:ef:f1:a3:53:fb:41:d7:98:dc:af:a4:
52:66:20:3f:f9:b6:bc:b0:46:39:c9:68:ab:e3:fd:
68:f4:10:55:2f:41:a2:33:01:53:8c:fe:f2:72:58:
57:4b:4e:27:32:40:eb:a0:18:b5:35:c8:ae:f9:6b:
c6:fe:d8:e6:53:35:3c:16:58:31:32:04:51:b6:84:
1b:12:e0:25:f3:e3:fe:ab:39:3b:ad:a8:61:85:43:
56:0c:f8:88:9e:32:b2:cb:92:71:f0:cd:d9:89:55:
f6:5a:bc:28:11:49:0b:13:0d:7e:95:2e:0d:32:3e:
fe:11:23:4a:34:68:5a:8c:05:67:d4:9f:dd:f9:de:
e2:58:37:e8:34:b0:76:1d:fb:26:7b:26:2d:5d:33:
53:e5:76:64:95:1d:46:2a:7c:ac:f5:5b:78:df:e2:
ed:b7:f6:71:50:87:41:71:aa:ed:ed:48:74:50:77:
86:08:b7:7f:a4:1f:c5:68:c5:ba:e1:74:9a:92:ba:
16:2e:64:5e:bd:fb:50:7f:e8:ec:e4:fa:dd:99:b5:
de:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:89:B8:96:64:73:8C:AF:29:35:89:47:3C:A5:71:96:0A:E3:F1:73
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0bfa25dd-319f-4f2d-b786-8ab19d58e811.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.100.0.0/15
Signature Algorithm: sha256WithRSAEncryption
70:04:1f:6e:32:66:21:53:ac:09:e8:87:2c:ca:44:6c:a4:61:
05:c9:97:8e:6f:be:94:a4:04:16:0d:2b:46:d2:bd:ee:d9:24:
0e:57:c6:f9:18:96:5c:f8:5f:f7:5c:2c:df:83:e3:12:82:cb:
fc:5a:a9:70:00:0b:e6:67:64:42:c6:fb:9f:15:2d:d9:24:cc:
df:8a:97:57:54:10:e8:8f:97:08:f5:d0:cf:f4:93:d5:6f:b1:
fc:99:c6:f3:be:d8:87:0a:41:64:8a:eb:fe:e7:6d:21:52:34:
7f:46:58:65:d0:a3:4e:fa:42:25:84:99:ac:fa:45:58:ed:f8:
a6:42:96:a9:73:05:c4:3d:88:10:19:0e:9d:09:94:15:a6:7c:
f0:7a:e7:68:87:ef:c2:a3:84:03:45:76:12:3f:ac:7c:12:c9:
b7:a9:d8:1b:46:07:a9:bd:9f:1f:d2:5f:30:f4:42:2e:45:d7:
30:55:ab:a2:f7:21:88:94:fa:27:01:30:cd:3e:ed:6c:90:1f:
70:10:d6:54:05:8f:0e:4e:80:80:1e:fa:e5:ba:08:4d:4b:95:
d8:e7:9e:ec:5d:c2:f2:97:02:04:b2:7c:f1:94:93:50:5b:73:
9a:39:4d:c1:1e:f4:6a:bb:3c:f7:c5:39:c0:58:c9:70:ef:8f:
82:cf:3d:83
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUEr+Oui060K7gHUs5A9LQe/tuoOYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNTUwMzlaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGFiYWQ2MzIyYTdjMGE0YjA2MDc5YzYzNGY1MmEzOGQwZGUzZjEyYTdiODMy
YmUzOGEzMmI0ODNiNGFmMTJhYzQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALvBNPEKCGfs8R0i2bMq8OpsabRnkcO/f+enDxpDwNv8hg0r1bvaSMJNxH/6
VXU7g+/xo1P7QdeY3K+kUmYgP/m2vLBGOcloq+P9aPQQVS9BojMBU4z+8nJYV0tO
JzJA66AYtTXIrvlrxv7Y5lM1PBZYMTIEUbaEGxLgJfPj/qs5O62oYYVDVgz4iJ4y
ssuScfDN2YlV9lq8KBFJCxMNfpUuDTI+/hEjSjRoWowFZ9Sf3fne4lg36DSwdh37
JnsmLV0zU+V2ZJUdRip8rPVbeN/i7bf2cVCHQXGq7e1IdFB3hgi3f6QfxWjFuuF0
mpK6Fi5kXr37UH/o7OT63Zm13qUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRSibiW
ZHOMryk1iUc8pXGWCuPxczAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MGJmYTI1ZGQtMzE5Zi00ZjJkLWI3ODYtOGFiMTlkNThlODExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATNkMA0G
CSqGSIb3DQEBCwUAA4IBAQBwBB9uMmYhU6wJ6IcsykRspGEFyZeOb76UpAQWDStG
0r3u2SQOV8b5GJZc+F/3XCzfg+MSgsv8WqlwAAvmZ2RCxvufFS3ZJMzfipdXVBDo
j5cI9dDP9JPVb7H8mcbzvtiHCkFkiuv+520hUjR/Rlhl0KNO+kIlhJms+kVY7fim
QpapcwXEPYgQGQ6dCZQVpnzweudoh+/Co4QDRXYSP6x8Esm3qdgbRgepvZ8f0l8w
9EIuRdcwVaui9yGIlPonATDNPu1skB9wENZUBY8OToCAHvrlughNS5XY557sXcLy
lwIEsnzxlJNQW3OaOU3BHvRquzz3xTnAWMlw74+Czz2D
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:12:44 2026 by rpki-client