Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/16466217-dced-4a5a-a70d-36ae6ab6acbe.roa
File: 16466217-dced-4a5a-a70d-36ae6ab6acbe.roa (raw, json)
Hash identifier: SW0+nghWU2hch1jamTnlRCRuoSdwIqy2lS0+2uCUXeo=
Subject key identifier: 66:0C:E5:4F:05:97:80:CB:0B:F3:7D:C8:8A:22:65:CE:B9:8A:9D:F3
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 64EE435784590262DAC75523E22613CCACC95C25
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/16466217-dced-4a5a-a70d-36ae6ab6acbe.roa
Signing time: Fri 06 Feb 2026 00:40:05 +0000
ROA not before: Fri 06 Feb 2026 00:40:05 +0000
ROA not after: Thu 07 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.92.0.0/14 maxlen: 14
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:ee:43:57:84:59:02:62:da:c7:55:23:e2:26:13:cc:ac:c9:5c:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 6 00:40:05 2026 GMT
Not After : May 7 23:59:59 2026 GMT
Subject: serialNumber=d39640bc030577e26a7736af587a9c5ffed7440af7caf21c81560a12fc55ff1a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:b2:6b:ba:3b:3a:9a:2e:25:f4:df:03:86:47:
3a:ae:85:03:3d:4a:eb:df:0b:39:d4:53:a5:68:64:
a4:d7:1f:58:b1:58:9a:b2:ab:9f:28:fe:35:68:eb:
78:d5:bb:27:a5:ac:49:c0:6b:7e:f7:30:6b:0a:c8:
c8:c6:db:81:b8:2f:f6:09:fa:e4:1c:aa:b7:53:bb:
91:08:21:8a:19:a4:7f:69:34:65:b6:08:71:19:a0:
24:e0:23:f0:91:9a:45:e7:05:df:2c:dd:21:30:82:
e8:88:c8:53:59:ed:be:26:47:d7:9d:ab:c3:7d:e5:
7f:ee:b3:b0:a3:ed:87:30:14:b3:24:b2:46:1a:b9:
af:d8:27:7d:5a:f3:cb:d6:68:ce:d9:54:bf:66:e1:
6d:6e:1a:3b:f3:85:09:f5:23:a3:7b:38:73:78:25:
46:ba:ee:21:de:1a:83:67:87:5d:8f:4a:3b:e1:b1:
3a:8d:fd:1a:d7:08:61:fa:49:75:e5:db:39:ea:8f:
40:31:c9:ba:77:6e:c8:2e:a9:bd:1e:70:0a:ec:2e:
da:df:23:4d:b9:16:f5:a3:ea:27:5f:57:14:b2:9e:
41:c1:a5:d5:1b:fb:7d:44:8d:98:6b:a1:7a:61:a4:
22:7f:54:7f:01:b8:75:64:5e:37:22:7e:04:10:40:
e7:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:0C:E5:4F:05:97:80:CB:0B:F3:7D:C8:8A:22:65:CE:B9:8A:9D:F3
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/16466217-dced-4a5a-a70d-36ae6ab6acbe.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.92.0.0/14
Signature Algorithm: sha256WithRSAEncryption
5f:eb:60:f3:f8:af:64:5e:f1:93:73:0e:ae:c2:94:a6:75:a7:
b2:e1:fe:51:44:d0:d6:4f:a8:87:a9:c5:03:95:31:b9:86:e8:
ef:96:1b:52:4d:64:5d:48:24:d0:60:73:be:55:d4:54:d3:ae:
45:57:86:79:56:a3:85:f7:7d:0a:64:d2:66:8e:5b:ce:8d:ac:
95:01:87:65:33:d7:29:9c:80:6f:25:fa:b7:1b:4e:39:b1:0d:
18:8e:59:04:3c:69:f1:f9:01:91:72:e4:10:5a:5d:2d:43:26:
63:e3:b9:8c:bf:a0:fd:9e:d2:b0:39:9c:6e:1b:e0:67:24:a6:
55:08:cf:7f:d2:28:10:62:15:4f:13:55:e1:1c:df:00:cf:0d:
c4:c8:96:82:ff:b3:91:ce:ec:a9:a8:1f:3e:9e:13:1d:ae:6c:
41:9a:42:1e:dc:ef:67:fc:03:00:43:10:67:89:60:2b:1d:1d:
6a:a2:28:e1:a7:94:1c:71:25:3d:0c:3a:8c:9b:63:2c:bd:3c:
f5:e5:c5:03:a5:63:12:74:62:cf:e3:8e:bb:81:60:99:a5:98:
c7:99:5b:bd:c0:c0:b5:85:f1:0a:aa:f5:65:fc:50:e0:73:a5:
28:53:73:2f:56:e7:c3:28:cb:bd:10:15:e4:1c:17:fe:e0:af:
1f:68:54:6d
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUZO5DV4RZAmLax1Uj4iYTzKzJXCUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMDYwMDQwMDVaFw0yNjA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQGQzOTY0MGJjMDMwNTc3ZTI2YTc3MzZhZjU4N2E5YzVmZmVkNzQ0MGFmN2Nh
ZjIxYzgxNTYwYTEyZmM1NWZmMWExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMyya7o7OpouJfTfA4ZHOq6FAz1K698LOdRTpWhkpNcfWLFYmrKrnyj+NWjr
eNW7J6WsScBrfvcwawrIyMbbgbgv9gn65Byqt1O7kQghihmkf2k0ZbYIcRmgJOAj
8JGaRecF3yzdITCC6IjIU1ntviZH152rw33lf+6zsKPthzAUsySyRhq5r9gnfVrz
y9ZoztlUv2bhbW4aO/OFCfUjo3s4c3glRrruId4ag2eHXY9KO+GxOo39GtcIYfpJ
deXbOeqPQDHJunduyC6pvR5wCuwu2t8jTbkW9aPqJ19XFLKeQcGl1Rv7fUSNmGuh
emGkIn9UfwG4dWReNyJ+BBBA548CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRmDOVP
BZeAywvzfciKImXOuYqd8zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTY0NjYyMTctZGNlZC00YTVhLWE3MGQtMzZhZTZhYjZhY2JlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjNcMA0G
CSqGSIb3DQEBCwUAA4IBAQBf62Dz+K9kXvGTcw6uwpSmdaey4f5RRNDWT6iHqcUD
lTG5hujvlhtSTWRdSCTQYHO+VdRU065FV4Z5VqOF930KZNJmjlvOjayVAYdlM9cp
nIBvJfq3G045sQ0YjlkEPGnx+QGRcuQQWl0tQyZj47mMv6D9ntKwOZxuG+BnJKZV
CM9/0igQYhVPE1XhHN8Azw3EyJaC/7ORzuypqB8+nhMdrmxBmkIe3O9n/AMAQxBn
iWArHR1qoijhp5QccSU9DDqMm2MsvTz15cUDpWMSdGLP4467gWCZpZjHmVu9wMC1
hfEKqvVl/FDgc6UoU3MvVufDKMu9EBXkHBf+4K8faFRt
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:51:31 2026 by rpki-client