Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/179c664b-afae-4c21-9c97-2a2a3985d5b0.roa
File: 179c664b-afae-4c21-9c97-2a2a3985d5b0.roa (raw, json)
Hash identifier: qxFuSRBa8msv/oDE8HxQxkKGY3FCZMuhzep/kSdZU4U=
Subject key identifier: 0C:8F:86:AA:6F:C5:E0:3B:BD:BA:32:38:BC:6D:3A:87:E4:E0:01:D5
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 119A68DF17D16BFBA41595F76DCED1EAA26B360C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/179c664b-afae-4c21-9c97-2a2a3985d5b0.roa
Signing time: Sat 28 Feb 2026 06:30:11 +0000
ROA not before: Sat 28 Feb 2026 06:30:11 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.117.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:9a:68:df:17:d1:6b:fb:a4:15:95:f7:6d:ce:d1:ea:a2:6b:36:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 28 06:30:11 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=46944e38c0f53da0dd137b4a6310c184c93a33ae3ec02383b1f6128902da4942, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:52:78:d0:63:db:3b:99:df:9b:14:5b:8a:b9:
a0:23:53:d4:5e:4f:0e:fa:2f:b3:24:6b:cf:84:5d:
9e:e2:07:3b:9f:0b:b1:51:5b:42:2f:12:75:46:a4:
46:4e:d5:91:af:1b:73:d4:3c:87:22:3a:ec:fa:49:
0c:8c:84:47:51:10:d6:11:bc:41:e1:78:cb:a5:b2:
49:2c:bf:08:76:40:4a:c7:94:c1:08:79:eb:96:34:
b4:58:5b:67:60:01:8a:15:39:e1:cd:f5:d5:fd:a5:
ee:67:53:3e:55:4d:79:ac:ee:92:f5:dc:4c:e7:fd:
60:f6:8e:9a:9b:4a:1f:0a:88:d1:7a:77:77:ec:98:
81:4d:c5:ce:91:e6:1d:12:cf:f4:94:61:9b:85:50:
1a:9d:38:68:af:ae:87:11:bd:94:7d:9b:47:cc:2d:
d3:4c:71:7f:1f:be:37:3e:49:49:ec:1d:28:02:23:
23:43:f1:56:72:e7:47:4a:a4:fa:d2:e7:7a:d5:cb:
00:74:c9:48:2a:19:9a:06:91:a6:02:66:9d:b1:c9:
ac:ea:9e:bf:33:85:65:1f:7f:15:d9:d2:47:b5:42:
89:09:e9:12:19:81:e4:f8:d0:4a:0d:3a:ab:63:6d:
ee:ad:29:e7:18:51:a5:f8:05:36:09:ce:e1:2a:93:
9e:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:8F:86:AA:6F:C5:E0:3B:BD:BA:32:38:BC:6D:3A:87:E4:E0:01:D5
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/179c664b-afae-4c21-9c97-2a2a3985d5b0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.117.0.0/16
Signature Algorithm: sha256WithRSAEncryption
62:25:d7:b5:2a:0d:66:0d:7e:31:3e:1a:08:da:c3:b4:a1:15:
ef:4a:cb:e5:92:2d:08:3c:82:e8:8c:75:c2:46:41:40:b4:25:
f8:b1:b8:c0:f5:be:4a:69:22:41:db:2e:0a:ae:37:6d:ab:a3:
cf:96:8d:98:9a:31:a3:83:ec:d3:a4:18:89:20:f9:4f:c8:fa:
b1:47:5b:6f:37:68:d8:2d:38:47:e8:19:01:59:8a:14:70:54:
a9:a3:87:d9:88:98:99:2a:b8:06:f4:bc:f4:7f:fc:90:69:fe:
7a:48:c2:d7:00:a4:6f:8c:89:ac:0e:22:e8:15:18:0d:79:1e:
5f:62:51:be:8d:00:60:49:91:35:56:4a:55:92:e6:93:fa:31:
40:cf:5f:7d:54:df:71:42:ce:e4:2e:67:9d:6a:39:00:1c:34:
b5:13:30:11:f5:51:c3:36:67:58:e5:3e:73:7a:fd:b1:49:a9:
54:16:f1:78:2b:06:3c:9b:36:c0:4b:4a:cd:fc:21:8c:5b:1f:
62:84:0d:79:8a:dc:f6:13:9d:b7:df:a2:d3:f2:74:d5:9b:b3:
13:90:1c:c6:f1:86:3f:ea:6a:fe:66:99:92:7c:ef:ec:ec:20:
9e:3f:5d:62:5e:b3:1b:67:36:91:e3:84:34:66:64:af:c9:09:
02:52:e7:8c
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUEZpo3xfRa/ukFZX3bc7R6qJrNgwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMjgwNjMwMTFaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ2OTQ0ZTM4YzBmNTNkYTBkZDEzN2I0YTYzMTBjMTg0YzkzYTMzYWUzZWMw
MjM4M2IxZjYxMjg5MDJkYTQ5NDIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALlSeNBj2zuZ35sUW4q5oCNT1F5PDvovsyRrz4RdnuIHO58LsVFbQi8SdUak
Rk7Vka8bc9Q8hyI67PpJDIyER1EQ1hG8QeF4y6WySSy/CHZASseUwQh565Y0tFhb
Z2ABihU54c311f2l7mdTPlVNeazukvXcTOf9YPaOmptKHwqI0Xp3d+yYgU3FzpHm
HRLP9JRhm4VQGp04aK+uhxG9lH2bR8wt00xxfx++Nz5JSewdKAIjI0PxVnLnR0qk
+tLnetXLAHTJSCoZmgaRpgJmnbHJrOqevzOFZR9/FdnSR7VCiQnpEhmB5PjQSg06
q2Nt7q0p5xhRpfgFNgnO4SqTnr8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQMj4aq
b8XgO726Mji8bTqH5OAB1TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTc5YzY2NGItYWZhZS00YzIxLTljOTctMmEyYTM5ODVkNWIwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN1MA0G
CSqGSIb3DQEBCwUAA4IBAQBiJde1Kg1mDX4xPhoI2sO0oRXvSsvlki0IPILojHXC
RkFAtCX4sbjA9b5KaSJB2y4Krjdtq6PPlo2YmjGjg+zTpBiJIPlPyPqxR1tvN2jY
LThH6BkBWYoUcFSpo4fZiJiZKrgG9Lz0f/yQaf56SMLXAKRvjImsDiLoFRgNeR5f
YlG+jQBgSZE1VkpVkuaT+jFAz199VN9xQs7kLmedajkAHDS1EzAR9VHDNmdY5T5z
ev2xSalUFvF4KwY8mzbAS0rN/CGMWx9ihA15itz2E52336LT8nTVm7MTkBzG8YY/
6mr+ZpmSfO/s7CCeP11iXrMbZzaR44Q0ZmSvyQkCUueM
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:51:45 2026 by rpki-client