Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/286f881c-8fa0-4200-ada2-20a0cc49038e.roa
File: 286f881c-8fa0-4200-ada2-20a0cc49038e.roa (raw, json)
Hash identifier: sANG1HBheDm2OJ3rHST3YW44MeL0KizXtGAaop0gHyM=
Subject key identifier: CE:1C:08:05:3B:5D:CC:90:B2:DF:7C:E3:F6:C2:AA:D6:36:92:7E:20
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3F7D671A08341AE94D81C334CF613D5BFCCCE045
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/286f881c-8fa0-4200-ada2-20a0cc49038e.roa
Signing time: Sat 28 Feb 2026 06:40:18 +0000
ROA not before: Sat 28 Feb 2026 06:40:18 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.166.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:7d:67:1a:08:34:1a:e9:4d:81:c3:34:cf:61:3d:5b:fc:cc:e0:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 28 06:40:18 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=b1f8d73d0e87b7ed7783510558eaa1daca695c3b1df95780addce57a0ad6512c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:ec:1e:3f:2e:b4:6b:4a:0e:9b:17:33:38:43:
61:dc:47:32:fc:d2:43:0a:51:83:d2:27:29:76:79:
3a:e8:bc:5c:f4:9f:9c:99:f1:7f:64:f7:52:d4:dd:
2a:f0:2f:5f:1f:5e:dc:91:59:9e:ab:2b:bf:4e:98:
cd:ee:86:83:59:f9:48:b4:1e:26:97:2f:d6:f3:e3:
2a:b6:63:dc:b5:59:86:01:b0:a0:b8:5e:e6:8b:b7:
75:07:83:d3:66:19:22:1d:7c:9e:00:f7:b9:f6:49:
d4:4f:a7:df:84:2e:ad:6b:6e:f2:b0:06:c2:bc:3b:
ae:47:f7:8d:02:0c:af:53:76:f4:84:d8:1b:a9:47:
d3:11:3a:ec:1e:80:10:09:3f:14:59:de:af:3d:8f:
91:8b:77:6a:0f:78:ce:e5:04:6d:83:44:42:43:ac:
ec:74:37:9e:22:ec:ac:8e:3b:1d:38:78:82:c5:8a:
ee:9a:78:00:e7:51:10:66:4e:cc:18:78:c9:12:57:
82:80:6e:ea:d1:bc:d4:a1:df:0d:f2:03:c5:a8:47:
1a:68:6a:56:d1:c0:0e:5a:d4:7e:34:fc:c7:c4:5f:
c5:ce:97:17:e7:de:d8:6c:8c:42:77:17:9e:da:e3:
6e:f1:6d:b6:2a:66:4a:fa:d3:bf:d9:6c:58:ba:8b:
84:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:1C:08:05:3B:5D:CC:90:B2:DF:7C:E3:F6:C2:AA:D6:36:92:7E:20
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/286f881c-8fa0-4200-ada2-20a0cc49038e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.166.0.0/15
Signature Algorithm: sha256WithRSAEncryption
3a:d7:5f:0e:34:ba:33:72:30:54:3a:60:84:64:d8:aa:cf:32:
fa:22:0c:93:04:c4:49:67:05:0e:27:31:59:a6:b8:65:aa:20:
74:4d:04:1a:51:32:af:54:e7:7a:cc:16:72:de:4e:30:5f:e8:
b5:67:31:6d:de:6a:5b:6e:26:95:a1:1a:da:76:e7:f4:38:e0:
d5:7b:b1:51:f0:13:37:cf:dc:c3:a5:92:a0:ae:d6:5b:1c:ee:
2b:9f:89:f4:e4:ee:51:c7:7d:c7:58:80:46:be:e2:b5:14:a7:
db:f0:76:9a:7e:2f:90:2c:e3:4b:75:ae:6d:bd:9d:01:eb:33:
ba:59:77:b7:c6:e9:dc:76:09:d1:0f:1c:d4:91:25:43:14:63:
18:64:5a:80:1d:b8:1e:d4:fb:38:73:c0:4b:2e:cb:98:00:a6:
47:e7:09:ee:e8:e1:00:b8:67:55:f4:2b:0e:8d:82:b2:e3:da:
46:59:12:55:e3:96:7c:82:01:0a:b3:c5:ff:90:75:65:80:26:
7c:63:20:08:33:94:3c:cf:f8:f7:fd:33:e4:25:23:30:a3:fc:
1c:98:7f:94:33:30:3a:1f:11:88:ca:65:97:18:46:b2:d2:6a:
56:f0:36:59:2a:1b:ca:48:fb:c0:4b:30:3e:d8:d6:61:e2:a8:
c3:a0:56:97
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUP31nGgg0GulNgcM0z2E9W/zM4EUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMjgwNjQwMThaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGIxZjhkNzNkMGU4N2I3ZWQ3NzgzNTEwNTU4ZWFhMWRhY2E2OTVjM2IxZGY5
NTc4MGFkZGNlNTdhMGFkNjUxMmMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK3sHj8utGtKDpsXMzhDYdxHMvzSQwpRg9InKXZ5Oui8XPSfnJnxf2T3UtTd
KvAvXx9e3JFZnqsrv06Yze6Gg1n5SLQeJpcv1vPjKrZj3LVZhgGwoLhe5ou3dQeD
02YZIh18ngD3ufZJ1E+n34QurWtu8rAGwrw7rkf3jQIMr1N29ITYG6lH0xE67B6A
EAk/FFnerz2PkYt3ag94zuUEbYNEQkOs7HQ3niLsrI47HTh4gsWK7pp4AOdREGZO
zBh4yRJXgoBu6tG81KHfDfIDxahHGmhqVtHADlrUfjT8x8Rfxc6XF+fe2GyMQncX
ntrjbvFttipmSvrTv9lsWLqLhGcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTOHAgF
O13MkLLffOP2wqrWNpJ+IDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Mjg2Zjg4MWMtOGZhMC00MjAwLWFkYTItMjBhMGNjNDkwMzhlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOmMA0G
CSqGSIb3DQEBCwUAA4IBAQA6118ONLozcjBUOmCEZNiqzzL6IgyTBMRJZwUOJzFZ
prhlqiB0TQQaUTKvVOd6zBZy3k4wX+i1ZzFt3mpbbiaVoRraduf0OODVe7FR8BM3
z9zDpZKgrtZbHO4rn4n05O5Rx33HWIBGvuK1FKfb8Haafi+QLONLda5tvZ0B6zO6
WXe3xuncdgnRDxzUkSVDFGMYZFqAHbge1Ps4c8BLLsuYAKZH5wnu6OEAuGdV9CsO
jYKy49pGWRJV45Z8ggEKs8X/kHVlgCZ8YyAIM5Q8z/j3/TPkJSMwo/wcmH+UMzA6
HxGIymWXGEay0mpW8DZZKhvKSPvASzA+2NZh4qjDoFaX
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:51:13 2026 by rpki-client