Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1fa61929-412c-4540-85ff-6ae53d3a9f99.roa
File: 1fa61929-412c-4540-85ff-6ae53d3a9f99.roa (raw, json)
Hash identifier: OryoGV0A9m2uCJHfKrK69jXr0ZJp9UWa3q3xV2sVPIw=
Subject key identifier: E8:66:77:4C:B8:28:D2:D1:9B:D2:69:BD:D0:B8:40:DA:2E:63:F2:0D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 192C2028D565317C38D70A3CA0A8DD5159B6F22A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1fa61929-412c-4540-85ff-6ae53d3a9f99.roa
Signing time: Tue 19 May 2026 06:00:08 +0000
ROA not before: Tue 19 May 2026 06:00:08 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.212.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:2c:20:28:d5:65:31:7c:38:d7:0a:3c:a0:a8:dd:51:59:b6:f2:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 06:00:08 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=556a2b312390af32def29f05b4c8b62e440a5ff94bb9148e7635ca0e8e749a62, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:81:0b:28:f5:74:f0:e2:0a:c8:07:12:39:25:
34:87:8e:cc:7f:25:e0:0f:d4:da:a2:4b:83:31:38:
f5:a3:3c:48:a8:55:47:cc:63:60:c9:4e:37:53:30:
63:21:b7:1e:8a:31:58:40:e4:84:d1:cc:0e:6d:5d:
94:7e:cf:3d:f6:51:e2:63:60:41:2b:a8:dd:18:60:
b8:e0:38:50:2e:6d:a0:92:2a:dc:b7:a2:ed:60:6e:
9b:36:06:78:4e:45:31:1c:41:67:05:ad:55:3f:bd:
3a:04:bd:5e:fe:5d:c8:a3:17:58:3e:fb:91:7a:4c:
d4:a1:f6:96:d8:49:c4:9f:c4:4a:77:6e:1b:79:86:
b6:77:52:7e:f3:f0:cf:cf:6f:5d:3c:38:67:e1:be:
58:55:13:31:0d:ef:19:5e:7a:44:45:51:27:6d:10:
86:b8:59:63:63:50:dc:34:a4:8a:9a:85:5e:c0:90:
71:f5:b7:de:69:63:54:77:de:58:1a:07:d3:e9:2a:
91:a4:42:e9:86:30:6d:9e:71:00:6a:85:6f:56:83:
e9:32:66:e7:70:43:ad:6b:ad:65:24:e0:14:50:f9:
8a:5c:a0:40:43:5a:53:d0:7e:93:58:a6:be:2d:8f:
3c:61:1e:36:4a:7e:30:42:59:b4:dc:b6:80:75:9b:
e7:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:66:77:4C:B8:28:D2:D1:9B:D2:69:BD:D0:B8:40:DA:2E:63:F2:0D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1fa61929-412c-4540-85ff-6ae53d3a9f99.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.212.0.0/15
Signature Algorithm: sha256WithRSAEncryption
14:5d:1a:65:8f:f0:ae:70:18:7c:bd:05:ce:75:99:53:cf:c5:
71:71:8f:6e:b6:70:b3:78:39:c5:a7:dc:5e:b4:89:e7:44:a4:
57:8d:3d:da:5b:87:11:4d:4e:1e:c8:38:b6:80:9b:b9:6a:e2:
9e:b6:f6:5e:77:d8:1c:b8:d7:df:75:c4:98:c0:63:12:b1:cc:
3b:57:7d:b0:f4:1f:10:7c:ef:6c:d2:6f:66:c8:68:d7:82:81:
0a:50:2c:5b:7d:ea:0c:7e:df:73:9b:6e:f1:78:11:e0:d3:da:
28:86:0f:3c:e8:2b:b8:ca:62:f3:0a:d6:37:76:e3:5a:d6:fe:
90:2d:4a:d1:a8:45:eb:7c:87:82:f2:3c:96:be:6d:df:ab:26:
c0:a2:b7:78:b2:cc:f1:61:a2:bb:b8:74:7c:8c:cc:ce:4c:63:
b4:a5:2a:5a:a1:c1:17:04:19:e3:eb:6b:c4:f9:de:fd:5c:4c:
3a:f9:72:6c:3a:4b:9c:f7:39:4a:ac:7d:58:48:a2:0e:0a:e6:
5e:fa:88:f1:af:fb:97:fc:1f:c1:3d:b4:d2:ab:1f:ad:16:0d:
e8:fb:b6:4f:77:3f:56:3e:f4:76:dc:98:16:f1:07:62:6a:8f:
69:e2:69:1b:a4:8e:6b:25:77:f4:7d:86:bd:9a:56:a7:7b:61:
ee:15:0f:7e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUGSwgKNVlMXw41wo8oKjdUVm28iowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNjAwMDhaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDU1NmEyYjMxMjM5MGFmMzJkZWYyOWYwNWI0YzhiNjJlNDQwYTVmZjk0YmI5
MTQ4ZTc2MzVjYTBlOGU3NDlhNjIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALuBCyj1dPDiCsgHEjklNIeOzH8l4A/U2qJLgzE49aM8SKhVR8xjYMlON1Mw
YyG3HooxWEDkhNHMDm1dlH7PPfZR4mNgQSuo3RhguOA4UC5toJIq3Lei7WBumzYG
eE5FMRxBZwWtVT+9OgS9Xv5dyKMXWD77kXpM1KH2lthJxJ/ESnduG3mGtndSfvPw
z89vXTw4Z+G+WFUTMQ3vGV56REVRJ20QhrhZY2NQ3DSkipqFXsCQcfW33mljVHfe
WBoH0+kqkaRC6YYwbZ5xAGqFb1aD6TJm53BDrWutZSTgFFD5ilygQENaU9B+k1im
vi2PPGEeNkp+MEJZtNy2gHWb52sCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBToZndM
uCjS0ZvSab3QuEDaLmPyDTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWZhNjE5MjktNDEyYy00NTQwLTg1ZmYtNmFlNTNkM2E5Zjk5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPUMA0G
CSqGSIb3DQEBCwUAA4IBAQAUXRplj/CucBh8vQXOdZlTz8VxcY9utnCzeDnFp9xe
tInnRKRXjT3aW4cRTU4eyDi2gJu5auKetvZed9gcuNffdcSYwGMSscw7V32w9B8Q
fO9s0m9myGjXgoEKUCxbfeoMft9zm27xeBHg09oohg886Cu4ymLzCtY3duNa1v6Q
LUrRqEXrfIeC8jyWvm3fqybAord4sszxYaK7uHR8jMzOTGO0pSpaocEXBBnj62vE
+d79XEw6+XJsOkuc9zlKrH1YSKIOCuZe+ojxr/uX/B/BPbTSqx+tFg3o+7ZPdz9W
PvR23JgW8Qdiao9p4mkbpI5rJXf0fYa9mlane2HuFQ9+
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:13:22 2026 by rpki-client