Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/277d74fd-3101-4a9b-8f2a-9bfd9dc55230.roa
File: 277d74fd-3101-4a9b-8f2a-9bfd9dc55230.roa (raw, json)
Hash identifier: bcQtjd5WtDxHf+K+A4veP4BUFYPelT4ZcUYTlDWAkCE=
Subject key identifier: 0F:02:26:E5:7A:18:18:E4:BE:49:EF:A7:C3:97:6C:95:1D:3F:77:32
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 378BBEEF6CAC2F05CD99A9227D0FE13A4EC418B7
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/277d74fd-3101-4a9b-8f2a-9bfd9dc55230.roa
Signing time: Mon 23 Feb 2026 01:00:07 +0000
ROA not before: Mon 23 Feb 2026 01:00:07 +0000
ROA not after: Sun 24 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.118.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:8b:be:ef:6c:ac:2f:05:cd:99:a9:22:7d:0f:e1:3a:4e:c4:18:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 23 01:00:07 2026 GMT
Not After : May 24 23:59:59 2026 GMT
Subject: serialNumber=394108cc5efaaa71d57ecbee35380bb2897655bd7a5e0c0da572630745e85670, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b8:f3:fd:a7:5e:db:3a:14:44:a5:0c:6b:53:
b1:9f:af:f9:25:7b:49:28:1e:95:73:54:86:e2:29:
73:33:3e:37:c8:d2:28:e6:8e:d7:8b:f4:2a:5e:2f:
d6:a4:08:f4:5b:8c:dc:53:d3:0b:b2:d9:2c:a1:e9:
5c:67:e4:6a:1c:1a:d1:20:a4:ea:10:df:95:61:fa:
26:f7:51:75:ee:5a:87:fd:00:61:b5:4a:14:96:0d:
ef:8f:b8:9b:d2:3c:66:8b:aa:8b:99:97:ec:53:2e:
1e:a7:52:53:ee:95:22:42:c4:37:72:57:3f:02:7b:
37:15:b0:5e:85:52:33:8d:e6:bc:23:b5:73:83:1c:
0a:c9:31:a7:02:15:12:ff:09:34:07:56:d5:40:15:
19:70:8a:af:ea:c3:48:ee:cc:28:62:75:a2:0c:08:
a3:82:1a:48:93:79:d5:1f:ce:6f:2c:17:d2:d2:48:
78:df:9f:60:61:56:bc:bf:3d:da:e6:98:06:73:42:
04:57:37:7b:e5:1e:7e:c4:d6:70:47:39:af:0a:2b:
2a:f8:08:50:c9:0b:b2:25:dd:61:7d:74:68:46:0d:
cd:03:4f:ca:1c:99:f3:45:0b:8f:c5:7f:6a:19:a9:
9e:98:5d:00:d3:22:cf:3f:74:da:98:2c:c7:21:5d:
d0:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:02:26:E5:7A:18:18:E4:BE:49:EF:A7:C3:97:6C:95:1D:3F:77:32
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/277d74fd-3101-4a9b-8f2a-9bfd9dc55230.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.118.0.0/16
Signature Algorithm: sha256WithRSAEncryption
d7:f9:08:8b:01:94:50:c8:d0:95:4c:0d:c3:76:bc:d8:01:46:
7c:1e:3d:6c:25:2d:33:8c:9d:fe:26:0d:19:33:18:f2:fb:d6:
d5:04:52:9f:aa:5c:b6:b6:15:4c:a0:a0:a9:ea:ee:cf:12:8d:
0e:d6:30:a9:f1:48:6f:6c:81:7a:5e:f0:c9:50:1f:cb:c4:55:
66:a6:4c:90:75:ad:4e:5b:26:39:be:8b:66:6e:40:e7:41:16:
0b:9c:7d:c6:92:83:4b:a5:c8:50:75:1e:9d:9e:64:cf:22:a0:
f6:10:28:91:eb:73:e4:07:23:85:65:0e:72:97:67:80:85:28:
b3:d4:c2:61:e5:38:ae:91:59:a8:04:e9:46:81:91:cf:19:53:
76:83:ad:10:a8:64:2b:3d:77:70:ba:6c:29:6e:c0:78:8b:b1:
50:39:f5:86:e2:47:46:05:8b:28:a5:35:30:bc:22:d2:8d:6b:
93:89:22:b7:90:4b:4d:5d:a8:c9:57:e0:af:49:9b:33:81:bd:
da:7d:a8:5f:9c:e5:b8:b6:99:87:96:8d:8b:41:ba:c2:8b:bd:
70:77:78:cf:91:02:03:54:12:9e:0d:b6:89:5e:56:58:98:75:
b2:6b:94:bd:50:d0:c2:bb:1b:a0:b0:4d:4c:f3:37:39:7b:13:
50:4e:e1:c6
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUN4u+72ysLwXNmakifQ/hOk7EGLcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMjMwMTAwMDdaFw0yNjA1MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDM5NDEwOGNjNWVmYWFhNzFkNTdlY2JlZTM1MzgwYmIyODk3NjU1YmQ3YTVl
MGMwZGE1NzI2MzA3NDVlODU2NzAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALO48/2nXts6FESlDGtTsZ+v+SV7SSgelXNUhuIpczM+N8jSKOaO14v0Kl4v
1qQI9FuM3FPTC7LZLKHpXGfkahwa0SCk6hDflWH6JvdRde5ah/0AYbVKFJYN74+4
m9I8Zouqi5mX7FMuHqdSU+6VIkLEN3JXPwJ7NxWwXoVSM43mvCO1c4McCskxpwIV
Ev8JNAdW1UAVGXCKr+rDSO7MKGJ1ogwIo4IaSJN51R/ObywX0tJIeN+fYGFWvL89
2uaYBnNCBFc3e+UefsTWcEc5rworKvgIUMkLsiXdYX10aEYNzQNPyhyZ80ULj8V/
ahmpnphdANMizz902pgsxyFd0JECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQPAibl
ehgY5L5J76fDl2yVHT93MjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Mjc3ZDc0ZmQtMzEwMS00YTliLThmMmEtOWJmZDlkYzU1MjMwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN2MA0G
CSqGSIb3DQEBCwUAA4IBAQDX+QiLAZRQyNCVTA3DdrzYAUZ8Hj1sJS0zjJ3+Jg0Z
Mxjy+9bVBFKfqly2thVMoKCp6u7PEo0O1jCp8UhvbIF6XvDJUB/LxFVmpkyQda1O
WyY5votmbkDnQRYLnH3GkoNLpchQdR6dnmTPIqD2ECiR63PkByOFZQ5yl2eAhSiz
1MJh5TiukVmoBOlGgZHPGVN2g60QqGQrPXdwumwpbsB4i7FQOfWG4kdGBYsopTUw
vCLSjWuTiSK3kEtNXajJV+CvSZszgb3afahfnOW4tpmHlo2LQbrCi71wd3jPkQID
VBKeDbaJXlZYmHWya5S9UNDCuxugsE1M8zc5exNQTuHG
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:48:43 2026 by rpki-client