Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2b51d415-1366-43ea-8ce9-f13b63a2c827.roa
File: 2b51d415-1366-43ea-8ce9-f13b63a2c827.roa (raw, json)
Hash identifier: Pp4whHChCR9vA2QFajf9hAxK1WBeMLmakWPmGl69DlQ=
Subject key identifier: 25:1A:4B:96:E9:3E:E3:61:5B:BD:A0:72:6F:3A:C8:4E:80:24:E2:D3
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 55E0821D4354F5DB4E320A20EC088D08AD63A3C3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2b51d415-1366-43ea-8ce9-f13b63a2c827.roa
Signing time: Fri 06 Feb 2026 00:40:08 +0000
ROA not before: Fri 06 Feb 2026 00:40:08 +0000
ROA not after: Thu 07 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.45.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:e0:82:1d:43:54:f5:db:4e:32:0a:20:ec:08:8d:08:ad:63:a3:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 6 00:40:08 2026 GMT
Not After : May 7 23:59:59 2026 GMT
Subject: serialNumber=d8f9a121ddbc08798113f532c8c051621dc5bca0797c930038ce72c29094372b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:4c:d4:30:b5:d5:7a:d9:17:5f:a3:a6:30:7b:
db:60:5b:66:60:5e:5f:04:21:ae:01:e6:5c:c3:ef:
43:ac:40:37:e4:1f:1f:b0:e5:fd:ab:06:92:d6:e3:
da:c0:27:7a:c5:0e:cf:4a:2a:4b:df:2f:56:3a:5e:
4e:2b:df:26:1c:7e:60:80:f8:ec:37:47:a5:89:2e:
c3:ef:c1:6f:f1:e6:5d:70:2f:b8:6b:a9:c5:ea:18:
f4:aa:e0:42:cc:8d:c7:ab:ad:85:e7:17:4e:23:99:
57:b3:4c:b6:7e:c2:dc:0f:4a:09:a7:96:a8:aa:1f:
9d:99:b3:16:96:61:6d:20:1b:fa:99:6d:c9:ed:37:
0a:24:f3:82:12:6a:40:f7:20:60:be:65:c1:59:5b:
41:d8:f2:a7:a6:34:c5:dc:04:ef:a8:8a:bf:0b:fe:
19:8d:0c:25:a2:0d:70:59:9e:35:d4:80:4f:ce:32:
e9:5b:e6:a1:19:91:69:31:7a:5b:26:2c:3a:ce:51:
97:0b:9a:fe:11:58:f9:70:b0:9d:a9:20:bb:44:7a:
4a:23:83:e2:a0:cc:03:b0:04:65:c0:28:15:18:c2:
81:dd:71:18:d5:e3:ea:84:24:8d:1e:5b:5e:a2:ca:
5b:fb:7a:0c:ae:80:41:27:6a:ff:7c:ab:42:76:f9:
4e:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:1A:4B:96:E9:3E:E3:61:5B:BD:A0:72:6F:3A:C8:4E:80:24:E2:D3
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2b51d415-1366-43ea-8ce9-f13b63a2c827.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.45.0.0/16
Signature Algorithm: sha256WithRSAEncryption
51:ef:19:e7:9e:4f:b6:cb:c0:d3:8c:62:71:a6:00:6d:ad:5f:
77:22:bf:7d:20:07:d5:3f:b8:16:c3:de:6b:34:82:78:32:8f:
b1:53:b1:a7:03:81:1d:27:37:c2:aa:76:a3:c3:c7:a8:88:b8:
11:cc:85:77:a4:cc:52:2c:e3:a0:5d:de:0c:dd:4f:cb:54:b6:
14:57:7e:ea:df:e4:18:f5:4b:bf:1c:48:59:23:80:c4:bd:50:
60:71:3c:28:7f:7e:e1:0b:90:33:a8:49:d2:c1:44:05:39:66:
40:be:7a:8e:39:40:5f:a9:92:13:a5:de:40:3d:ae:7e:a2:f9:
be:b7:bd:3e:be:8e:47:5d:a8:1a:40:fe:bc:ea:c2:e5:ac:a0:
33:df:d0:90:e2:1f:b1:19:6c:9f:69:27:7a:7b:44:a1:82:09:
b8:c1:70:24:1b:3d:69:0a:bb:bc:d2:5b:75:60:ef:df:05:25:
8f:4c:38:8d:79:92:bf:f2:71:f8:76:8a:e6:72:03:73:96:37:
e1:82:90:16:4a:2c:f0:c4:9c:e6:3a:2e:52:e5:0d:50:3d:b6:
15:ea:05:e8:00:e9:89:f8:f9:c2:67:23:75:fc:bf:42:90:5a:
67:37:e2:9c:29:2f:93:8d:d6:d1:b7:77:7a:35:9b:62:1a:27:
a0:5f:8d:d3
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUVeCCHUNU9dtOMgog7AiNCK1jo8MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMDYwMDQwMDhaFw0yNjA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ4ZjlhMTIxZGRiYzA4Nzk4MTEzZjUzMmM4YzA1MTYyMWRjNWJjYTA3OTdj
OTMwMDM4Y2U3MmMyOTA5NDM3MmIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKlM1DC11XrZF1+jpjB722BbZmBeXwQhrgHmXMPvQ6xAN+QfH7Dl/asGktbj
2sAnesUOz0oqS98vVjpeTivfJhx+YID47DdHpYkuw+/Bb/HmXXAvuGupxeoY9Krg
QsyNx6uthecXTiOZV7NMtn7C3A9KCaeWqKofnZmzFpZhbSAb+pltye03CiTzghJq
QPcgYL5lwVlbQdjyp6Y0xdwE76iKvwv+GY0MJaINcFmeNdSAT84y6VvmoRmRaTF6
WyYsOs5Rlwua/hFY+XCwnakgu0R6SiOD4qDMA7AEZcAoFRjCgd1xGNXj6oQkjR5b
XqLKW/t6DK6AQSdq/3yrQnb5TikCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQlGkuW
6T7jYVu9oHJvOshOgCTi0zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmI1MWQ0MTUtMTM2Ni00M2VhLThjZTktZjEzYjYzYTJjODI3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMtMA0G
CSqGSIb3DQEBCwUAA4IBAQBR7xnnnk+2y8DTjGJxpgBtrV93Ir99IAfVP7gWw95r
NIJ4Mo+xU7GnA4EdJzfCqnajw8eoiLgRzIV3pMxSLOOgXd4M3U/LVLYUV37q3+QY
9Uu/HEhZI4DEvVBgcTwof37hC5AzqEnSwUQFOWZAvnqOOUBfqZITpd5APa5+ovm+
t70+vo5HXagaQP686sLlrKAz39CQ4h+xGWyfaSd6e0Shggm4wXAkGz1pCru80lt1
YO/fBSWPTDiNeZK/8nH4dormcgNzljfhgpAWSizwxJzmOi5S5Q1QPbYV6gXoAOmJ
+PnCZyN1/L9CkFpnN+KcKS+TjdbRt3d6NZtiGiegX43T
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:58:25 2026 by rpki-client