Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2740a5f5-ec55-42ac-b7df-f4c863c83981.roa
File: 2740a5f5-ec55-42ac-b7df-f4c863c83981.roa (raw, json)
Hash identifier: S0S3DUIQjrcQaDptiIKxXpaYMJXT8Pnpkl9SLoUgdKI=
Subject key identifier: 81:EC:61:EE:FD:A7:CC:A1:B6:05:39:12:B3:18:A5:16:36:DE:3E:B7
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2906302486AEE5BD5BC2AF982F5D91DB35C30BA1
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2740a5f5-ec55-42ac-b7df-f4c863c83981.roa
Signing time: Tue 19 May 2026 05:50:10 +0000
ROA not before: Tue 19 May 2026 05:50:10 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.125.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:06:30:24:86:ae:e5:bd:5b:c2:af:98:2f:5d:91:db:35:c3:0b:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 05:50:10 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=8b39887fdaca4cda21c0b5703bdfce5f32b23b3d78daa9ee751123ed8ee7481c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:05:89:6a:76:20:a9:c2:07:15:71:20:40:8a:
50:2a:df:ab:47:0e:a4:b7:0c:64:6f:02:8e:ea:13:
77:18:15:c3:17:02:e4:08:91:5e:89:1a:61:dd:76:
71:27:1a:81:48:d9:94:9d:23:ef:e1:ce:d9:73:55:
ea:0d:64:24:8e:97:df:4a:0c:49:cb:60:47:21:9f:
c2:a8:c5:b7:b1:b2:12:df:37:5b:a1:72:14:dc:af:
57:7a:05:19:b3:ba:ed:7f:44:0f:e2:8d:23:a6:1a:
0d:2f:76:16:da:0c:06:17:6a:0f:26:c8:79:2c:04:
a4:53:8c:fa:a3:d1:6c:06:92:46:a5:1e:d5:ad:05:
10:95:10:81:2c:3f:e0:e6:d9:9a:38:c2:22:a7:ba:
4e:6a:f3:cc:8d:44:a7:9b:23:87:2f:80:13:7c:94:
d7:db:e1:9e:af:70:ac:26:34:9e:69:1e:5e:d8:88:
d6:a9:69:60:40:30:f5:8a:65:ea:0c:8f:21:e9:6f:
f6:c5:b5:f9:d0:9e:5b:a0:63:33:5f:97:82:17:09:
7e:d7:93:77:9b:c9:15:5b:37:4d:3b:4c:68:ba:22:
77:34:05:b5:4b:ae:98:95:9a:c2:0c:16:b3:d3:be:
2e:de:54:02:b0:63:60:4e:9a:4e:4a:9f:c7:39:66:
d5:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:EC:61:EE:FD:A7:CC:A1:B6:05:39:12:B3:18:A5:16:36:DE:3E:B7
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2740a5f5-ec55-42ac-b7df-f4c863c83981.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.125.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8b:0b:56:24:e0:12:33:aa:00:55:14:e9:08:c5:42:e1:55:8e:
16:7d:31:32:9d:e3:36:28:91:81:97:73:8c:8f:79:90:d9:c0:
a3:cd:12:34:ee:08:9f:8f:7a:e2:b8:52:e6:1f:b4:fc:61:06:
24:45:66:ad:f4:29:cd:1a:5d:69:69:4c:c0:24:c9:8d:ee:3b:
b8:8c:b7:92:e1:f9:72:df:3b:77:8a:f1:29:10:f7:85:bc:8d:
15:84:65:c5:c8:8a:eb:9e:16:15:3c:02:78:c3:40:63:4d:c9:
ab:4a:b6:eb:29:6f:63:5d:53:be:f8:5d:3f:eb:23:e9:a7:11:
28:aa:75:25:30:5e:37:e4:24:69:65:d0:be:a5:d2:e4:19:8e:
5c:81:ac:cd:6b:0f:ba:1e:68:26:33:69:ae:ad:88:26:37:cb:
83:96:cd:40:5d:8b:c3:d2:e8:47:7d:f7:27:12:dd:0e:a9:6e:
77:d5:6d:f7:ef:b9:ce:a6:cc:0b:9a:78:60:c2:2f:8b:fb:86:
2c:85:96:ed:39:ed:da:3f:1b:95:26:f0:1d:7a:e5:6b:18:0f:
01:55:62:e8:a5:4f:53:02:62:22:5e:dd:54:bd:6a:54:43:1b:
65:82:52:ce:4f:f6:6b:45:6e:a8:fa:a8:6b:f6:13:57:c2:a0:
4d:7e:f2:e5
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUKQYwJIau5b1bwq+YL12R2zXDC6EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNTUwMTBaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDhiMzk4ODdmZGFjYTRjZGEyMWMwYjU3MDNiZGZjZTVmMzJiMjNiM2Q3OGRh
YTllZTc1MTEyM2VkOGVlNzQ4MWMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMkFiWp2IKnCBxVxIECKUCrfq0cOpLcMZG8CjuoTdxgVwxcC5AiRXokaYd12
cScagUjZlJ0j7+HO2XNV6g1kJI6X30oMSctgRyGfwqjFt7GyEt83W6FyFNyvV3oF
GbO67X9ED+KNI6YaDS92FtoMBhdqDybIeSwEpFOM+qPRbAaSRqUe1a0FEJUQgSw/
4ObZmjjCIqe6TmrzzI1Ep5sjhy+AE3yU19vhnq9wrCY0nmkeXtiI1qlpYEAw9Ypl
6gyPIelv9sW1+dCeW6BjM1+XghcJfteTd5vJFVs3TTtMaLoidzQFtUuumJWawgwW
s9O+Lt5UArBjYE6aTkqfxzlm1TkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSB7GHu
/afMobYFORKzGKUWNt4+tzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Mjc0MGE1ZjUtZWM1NS00MmFjLWI3ZGYtZjRjODYzYzgzOTgxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN9MA0G
CSqGSIb3DQEBCwUAA4IBAQCLC1Yk4BIzqgBVFOkIxULhVY4WfTEyneM2KJGBl3OM
j3mQ2cCjzRI07gifj3riuFLmH7T8YQYkRWat9CnNGl1paUzAJMmN7ju4jLeS4fly
3zt3ivEpEPeFvI0VhGXFyIrrnhYVPAJ4w0BjTcmrSrbrKW9jXVO++F0/6yPppxEo
qnUlMF435CRpZdC+pdLkGY5cgazNaw+6HmgmM2murYgmN8uDls1AXYvD0uhHffcn
Et0OqW531W3377nOpswLmnhgwi+L+4YshZbtOe3aPxuVJvAdeuVrGA8BVWLopU9T
AmIiXt1UvWpUQxtlglLOT/ZrRW6o+qhr9hNXwqBNfvLl
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:03:19 2026 by rpki-client