Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/186c4a20-4025-4599-90c9-1eeb15cf6730.roa
File: 186c4a20-4025-4599-90c9-1eeb15cf6730.roa (raw, json)
Hash identifier: FH79xwwrtuwfkA2jbi0sQIvxYJbuEeoEpz8+UriWHSs=
Subject key identifier: 23:CC:E4:7B:93:73:1D:48:5A:09:38:D5:F8:82:9E:97:7F:3E:8B:C3
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 03D0A5F831D2F9C1E46105F5614A78591E4C399A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/186c4a20-4025-4599-90c9-1eeb15cf6730.roa
Signing time: Sun 01 Mar 2026 01:00:08 +0000
ROA not before: Sun 01 Mar 2026 01:00:08 +0000
ROA not after: Sat 30 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.16.205.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:d0:a5:f8:31:d2:f9:c1:e4:61:05:f5:61:4a:78:59:1e:4c:39:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 1 01:00:08 2026 GMT
Not After : May 30 23:59:59 2026 GMT
Subject: serialNumber=3ded7da7cf5b4a59451cfd2cd55fb04750b59732006acd84c4bdf9947f46cd45, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:12:64:f3:e0:21:eb:cb:a9:fa:69:09:9f:f3:
7d:b4:e9:3d:b2:95:85:3b:56:c7:49:b0:d2:55:b9:
f4:4b:28:f4:e7:76:e5:46:6d:b5:fe:d0:61:ab:7b:
29:01:84:ea:38:9c:50:c1:78:b7:8e:de:e0:3a:48:
32:96:77:c0:20:dc:6f:fa:bf:c4:6b:b7:b1:74:b8:
07:0f:e9:67:14:a4:ce:88:8b:f3:4d:c0:1f:5d:f0:
d2:c5:e6:6e:b1:31:92:3c:ac:53:8a:7f:86:f9:d0:
83:a0:e3:ce:99:c9:36:5f:ae:3e:c3:e1:4d:2e:cf:
b0:45:60:a1:4f:c9:6f:a2:c7:00:1c:26:83:5b:69:
9b:27:90:f3:bd:1b:12:58:4c:7c:6b:c6:a3:4c:cd:
67:47:34:32:b0:db:27:9a:6d:51:5d:6e:0a:3b:a0:
a6:f2:40:92:70:65:2b:86:38:d6:da:7c:96:89:d4:
79:ae:01:4c:03:b8:08:58:82:0b:e4:77:fb:d1:67:
17:5e:ff:19:09:e3:37:97:2f:3b:27:02:28:2c:29:
9b:79:43:b0:da:7a:58:09:38:98:8a:52:db:34:77:
98:59:5a:32:52:17:9d:af:1f:6e:f7:5d:fc:1a:e0:
31:17:3b:4e:aa:63:69:51:78:38:df:91:3c:25:64:
55:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:CC:E4:7B:93:73:1D:48:5A:09:38:D5:F8:82:9E:97:7F:3E:8B:C3
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/186c4a20-4025-4599-90c9-1eeb15cf6730.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.16.205.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:5c:b2:5d:cc:32:e3:6e:41:2b:32:2f:f2:f7:09:e3:3c:6b:
61:38:ae:6b:32:29:db:7a:23:b7:9c:62:03:1e:2d:90:75:d0:
dd:f3:6d:92:a2:52:b2:5a:a5:77:1f:ed:53:16:45:65:a2:d0:
c8:fd:5f:5e:80:42:07:35:ff:0d:e7:69:f5:eb:63:ea:c9:ea:
9f:5e:ac:61:a6:c1:39:ff:08:0a:4d:79:d1:d8:2e:47:ad:05:
65:42:89:dd:30:74:6e:c9:ba:2a:2d:a7:b9:d8:89:ea:2f:b7:
8a:63:d6:dc:b1:61:9e:ec:d1:be:96:18:73:66:ae:03:e6:a0:
e6:d3:84:40:b1:0d:54:5d:f8:3c:16:d5:36:43:1e:b2:49:cf:
50:e7:aa:be:2c:95:a0:18:d3:c9:68:c8:0a:c2:80:de:85:b0:
7e:c7:38:19:4c:c6:98:ba:8b:ac:53:bd:2f:80:4b:9d:e0:54:
22:16:20:06:91:b7:4b:65:90:0a:b9:db:f0:f2:95:61:cd:82:
86:9c:b1:61:15:77:7b:6d:a5:f2:88:23:26:18:b5:8c:d8:ea:
72:91:7c:ac:20:c3:54:11:cb:33:34:b8:68:b0:9f:aa:97:94:
9f:da:45:fc:ae:f6:2c:48:54:a0:11:03:dc:3d:9e:3d:9e:cb:
6c:ee:f6:97
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUA9Cl+DHS+cHkYQX1YUp4WR5MOZowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAzMDEwMTAwMDhaFw0yNjA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDNkZWQ3ZGE3Y2Y1YjRhNTk0NTFjZmQyY2Q1NWZiMDQ3NTBiNTk3MzIwMDZh
Y2Q4NGM0YmRmOTk0N2Y0NmNkNDUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJYSZPPgIevLqfppCZ/zfbTpPbKVhTtWx0mw0lW59Eso9Od25UZttf7QYat7
KQGE6jicUMF4t47e4DpIMpZ3wCDcb/q/xGu3sXS4Bw/pZxSkzoiL803AH13w0sXm
brExkjysU4p/hvnQg6DjzpnJNl+uPsPhTS7PsEVgoU/Jb6LHABwmg1tpmyeQ870b
ElhMfGvGo0zNZ0c0MrDbJ5ptUV1uCjugpvJAknBlK4Y41tp8lonUea4BTAO4CFiC
C+R3+9FnF17/GQnjN5cvOycCKCwpm3lDsNp6WAk4mIpS2zR3mFlaMlIXna8fbvdd
/BrgMRc7TqpjaVF4ON+RPCVkVUMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQjzOR7
k3MdSFoJONX4gp6Xfz6LwzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTg2YzRhMjAtNDAyNS00NTk5LTkwYzktMWVlYjE1Y2Y2NzMwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADMQzTAN
BgkqhkiG9w0BAQsFAAOCAQEAa1yyXcwy425BKzIv8vcJ4zxrYTiuazIp23ojt5xi
Ax4tkHXQ3fNtkqJSslqldx/tUxZFZaLQyP1fXoBCBzX/Dedp9etj6snqn16sYabB
Of8ICk150dguR60FZUKJ3TB0bsm6Ki2nudiJ6i+3imPW3LFhnuzRvpYYc2auA+ag
5tOEQLENVF34PBbVNkMesknPUOeqviyVoBjTyWjICsKA3oWwfsc4GUzGmLqLrFO9
L4BLneBUIhYgBpG3S2WQCrnb8PKVYc2ChpyxYRV3e22l8ogjJhi1jNjqcpF8rCDD
VBHLMzS4aLCfqpeUn9pF/K72LEhUoBED3D2ePZ7LbO72lw==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:48:34 2026 by rpki-client