Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1fa61929-412c-4540-85ff-6ae53d3a9f99.roa
File: 1fa61929-412c-4540-85ff-6ae53d3a9f99.roa (raw, json)
Hash identifier: LjSELPjc5Vm+4l6q+ZsJcx5hG3Urg+eqGi1x2ExoJCM=
Subject key identifier: 6E:EF:22:18:FB:A7:83:9F:90:E7:A4:8D:CC:E5:77:EB:AD:86:C0:E9
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 193C85C0E24E3997E73F3C1951C07ABBE9D4F7AB
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1fa61929-412c-4540-85ff-6ae53d3a9f99.roa
Signing time: Sat 28 Feb 2026 06:40:46 +0000
ROA not before: Sat 28 Feb 2026 06:40:46 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.212.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:3c:85:c0:e2:4e:39:97:e7:3f:3c:19:51:c0:7a:bb:e9:d4:f7:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 28 06:40:46 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=2101911ecf5bfab20c03629da6c59f34e76d59e708112074b627e823f80e311f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:05:f3:8f:fb:97:ed:88:d1:0b:ad:02:9f:1d:
38:8c:9e:d3:9e:a5:15:20:40:2d:b7:50:ce:3c:65:
75:a8:43:f0:db:aa:5b:c6:08:7a:c9:10:b6:bf:82:
f4:26:bc:5f:08:7c:80:8e:30:25:ba:11:dd:93:3a:
0f:a1:77:c9:cd:ba:7c:cd:00:91:e3:4e:ed:9b:e6:
12:74:6e:de:42:96:19:8f:04:08:a7:75:85:10:40:
b6:64:e2:c8:eb:ee:d5:78:79:75:e7:dc:41:f5:7f:
33:44:51:a6:0c:9b:e2:66:9d:d2:a2:7d:13:aa:8d:
8a:0d:14:31:3d:24:fd:a1:01:b7:53:f7:e2:19:97:
b7:f4:91:0f:db:b3:ec:3a:c3:16:22:41:ad:ad:9a:
05:94:d4:9d:9e:fa:2d:aa:f9:f7:70:9a:7a:0a:dc:
8b:fd:9c:d3:06:d7:c9:b9:21:a4:5b:64:bc:24:bd:
e1:5a:6c:f6:fa:28:e3:63:75:54:55:51:0c:b6:c1:
f8:bf:7b:24:ac:6a:57:0e:f8:ab:73:c6:bc:b5:eb:
b3:0b:bf:a7:93:f3:b7:7e:b9:3b:14:e9:19:1c:38:
d0:f3:13:49:2f:72:19:4e:bf:e0:f2:ed:04:08:d8:
7e:20:ef:5c:a4:3c:c0:e2:5b:0c:ee:2f:92:72:9d:
81:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:EF:22:18:FB:A7:83:9F:90:E7:A4:8D:CC:E5:77:EB:AD:86:C0:E9
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1fa61929-412c-4540-85ff-6ae53d3a9f99.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.212.0.0/15
Signature Algorithm: sha256WithRSAEncryption
ac:22:4d:4f:ec:a3:23:19:e1:4a:02:d3:60:b7:3d:9f:a4:96:
fb:62:81:08:53:92:34:94:7b:00:13:88:ea:c6:73:6b:52:0c:
f5:c4:c6:84:54:10:ff:8f:c3:dd:4c:4f:95:24:b5:0c:90:5d:
4f:f8:f1:05:e4:f4:80:4a:f7:ab:94:19:74:76:cc:06:3a:1d:
aa:4d:1b:b9:a2:0e:54:e7:a4:89:f3:72:3b:32:c9:12:d1:66:
2d:e6:e1:16:38:65:ac:62:8a:79:b0:4f:fb:1b:6a:b8:c5:f0:
40:8a:2e:67:30:46:a0:52:92:49:8b:a5:9f:4b:b3:63:42:dd:
1a:89:c2:3e:c6:db:99:4f:47:a3:9a:ee:04:16:30:31:5b:a2:
d6:b2:52:f0:08:ea:fc:1b:66:1a:08:6d:01:be:d3:f8:39:72:
bd:b1:5b:17:fa:09:e3:c6:14:ad:34:a3:f3:16:65:ea:23:67:
e4:65:9c:08:3d:cd:2c:1c:39:10:b4:da:3b:02:fb:c3:f8:7a:
3a:15:0f:9d:6c:80:fe:5e:85:20:e7:31:08:8c:65:cd:51:83:
c2:c9:b4:7b:f4:d4:c5:33:8a:00:35:f5:e6:a0:86:85:8f:b6:
54:04:76:58:79:43:f7:b4:bd:be:34:4c:63:01:1b:62:94:46:
7a:a5:ea:46
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUGTyFwOJOOZfnPzwZUcB6u+nU96swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMjgwNjQwNDZaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDIxMDE5MTFlY2Y1YmZhYjIwYzAzNjI5ZGE2YzU5ZjM0ZTc2ZDU5ZTcwODEx
MjA3NGI2MjdlODIzZjgwZTMxMWYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPMF84/7l+2I0QutAp8dOIye056lFSBALbdQzjxldahD8NuqW8YIeskQtr+C
9Ca8Xwh8gI4wJboR3ZM6D6F3yc26fM0AkeNO7ZvmEnRu3kKWGY8ECKd1hRBAtmTi
yOvu1Xh5defcQfV/M0RRpgyb4mad0qJ9E6qNig0UMT0k/aEBt1P34hmXt/SRD9uz
7DrDFiJBra2aBZTUnZ76Lar593Caegrci/2c0wbXybkhpFtkvCS94Vps9voo42N1
VFVRDLbB+L97JKxqVw74q3PGvLXrswu/p5Pzt365OxTpGRw40PMTSS9yGU6/4PLt
BAjYfiDvXKQ8wOJbDO4vknKdgRECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRu7yIY
+6eDn5DnpI3M5XfrrYbA6TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWZhNjE5MjktNDEyYy00NTQwLTg1ZmYtNmFlNTNkM2E5Zjk5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPUMA0G
CSqGSIb3DQEBCwUAA4IBAQCsIk1P7KMjGeFKAtNgtz2fpJb7YoEIU5I0lHsAE4jq
xnNrUgz1xMaEVBD/j8PdTE+VJLUMkF1P+PEF5PSASverlBl0dswGOh2qTRu5og5U
56SJ83I7MskS0WYt5uEWOGWsYop5sE/7G2q4xfBAii5nMEagUpJJi6WfS7NjQt0a
icI+xtuZT0ejmu4EFjAxW6LWslLwCOr8G2YaCG0BvtP4OXK9sVsX+gnjxhStNKPz
FmXqI2fkZZwIPc0sHDkQtNo7AvvD+Ho6FQ+dbID+XoUg5zEIjGXNUYPCybR79NTF
M4oANfXmoIaFj7ZUBHZYeUP3tL2+NExjARtilEZ6pepG
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:51:14 2026 by rpki-client