Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2ce9a789-9599-4c9d-a093-ead3033f60d1.roa
File: 2ce9a789-9599-4c9d-a093-ead3033f60d1.roa (raw, json)
Hash identifier: yQuiyC4AMUAWkAg4cdEUrST43gUfggBJqFCqPJLEL1I=
Subject key identifier: 7C:5E:B9:67:92:AC:C2:BC:A8:0C:07:79:68:F8:6F:AC:05:93:09:FF
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 435AC304549C1A26DB07FBBF53670057CEA84E2D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2ce9a789-9599-4c9d-a093-ead3033f60d1.roa
Signing time: Tue 19 May 2026 05:50:35 +0000
ROA not before: Tue 19 May 2026 05:50:35 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.34.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:5a:c3:04:54:9c:1a:26:db:07:fb:bf:53:67:00:57:ce:a8:4e:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 05:50:35 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=eb42d749854a035c4f3e6b69571bdff13ff265253f75a8140c9fe3c78feec5cc, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:11:bc:5d:10:ed:68:59:f1:96:4c:96:53:78:
6a:ff:7a:9f:0d:54:47:d0:7f:14:6f:5f:85:5c:6f:
47:58:b9:3b:50:40:d7:f6:3c:ec:54:1c:97:ca:24:
36:7e:b2:4f:b6:70:f1:44:10:c8:8e:70:40:09:29:
9a:89:4f:0e:8b:a6:a3:ab:d2:90:f6:8b:bf:1a:3b:
36:ba:7b:4d:33:e1:27:92:d0:bf:59:07:32:ce:56:
2e:94:38:75:b0:c5:cc:1b:6e:5a:ee:ab:22:9f:02:
a2:83:ab:ac:b9:a6:40:1e:14:96:59:43:a9:69:08:
9d:f1:a3:e7:3f:f6:c4:c2:ee:6a:b6:45:27:dd:0b:
ac:26:0f:fe:be:dd:0d:34:dd:b1:74:12:1e:e2:6e:
d0:ee:06:b5:87:c3:78:95:3b:04:bb:55:47:ec:6b:
4e:ee:20:03:a0:6d:4a:2d:a6:bf:b5:7f:01:50:63:
65:fb:1d:e9:0f:9b:6c:6a:f7:98:6e:45:ff:2a:99:
49:6b:e2:bc:d2:58:df:a5:1f:bf:30:1c:4f:6c:93:
32:9e:fb:ee:6f:65:72:45:b9:86:fa:5d:26:f2:50:
e6:16:3b:b6:cc:cf:9e:25:e0:58:dc:a1:35:73:10:
16:b2:7f:6e:a8:b8:0d:e6:84:c0:c2:1b:f4:9b:ac:
a5:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:5E:B9:67:92:AC:C2:BC:A8:0C:07:79:68:F8:6F:AC:05:93:09:FF
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2ce9a789-9599-4c9d-a093-ead3033f60d1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.34.0.0/16
Signature Algorithm: sha256WithRSAEncryption
47:e4:de:e3:19:77:67:ea:59:e9:95:69:88:44:ad:3a:40:1a:
2e:05:83:40:65:b0:80:46:f7:ad:0c:f4:b3:19:62:d5:c7:3d:
bb:0e:84:0c:82:5c:9e:07:f6:29:58:1a:13:a4:24:f5:8f:7e:
b9:11:c0:2f:de:2f:7b:61:6f:fc:72:8f:85:9c:c8:88:e2:20:
47:6a:56:c4:81:35:79:18:a1:e3:bc:b6:a2:12:e4:cd:e4:56:
ae:7b:14:49:f7:02:05:c6:e9:72:12:e2:20:c0:71:51:8b:19:
61:54:8f:37:8b:66:e1:d8:22:a0:48:b5:fb:2c:5c:d9:80:c8:
85:c1:e5:f2:47:a2:88:ca:c8:a5:82:37:76:74:e1:7f:69:74:
b3:c9:f7:6c:79:aa:a3:e0:08:fb:0e:94:01:40:a3:4b:c3:01:
92:3c:db:d3:cf:d6:bd:c4:69:d7:ba:4b:1d:46:d8:b2:39:a0:
a3:f5:43:da:7e:a4:a9:27:a3:41:75:ae:15:5d:2d:bc:91:83:
fa:73:39:04:60:9d:43:c4:1f:f3:9d:ca:7c:09:d4:1e:ec:21:
87:ae:89:f6:ee:7e:d3:2c:74:4d:d9:c7:82:5a:30:2f:68:f6:
fc:20:c7:62:ac:61:5d:cc:71:f2:f9:68:7c:18:d9:73:3b:53:
f6:85:a7:87
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUQ1rDBFScGibbB/u/U2cAV86oTi0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNTUwMzVaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGViNDJkNzQ5ODU0YTAzNWM0ZjNlNmI2OTU3MWJkZmYxM2ZmMjY1MjUzZjc1
YTgxNDBjOWZlM2M3OGZlZWM1Y2MxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKYRvF0Q7WhZ8ZZMllN4av96nw1UR9B/FG9fhVxvR1i5O1BA1/Y87FQcl8ok
Nn6yT7Zw8UQQyI5wQAkpmolPDoumo6vSkPaLvxo7Nrp7TTPhJ5LQv1kHMs5WLpQ4
dbDFzBtuWu6rIp8CooOrrLmmQB4UlllDqWkInfGj5z/2xMLuarZFJ90LrCYP/r7d
DTTdsXQSHuJu0O4GtYfDeJU7BLtVR+xrTu4gA6BtSi2mv7V/AVBjZfsd6Q+bbGr3
mG5F/yqZSWvivNJY36UfvzAcT2yTMp777m9lckW5hvpdJvJQ5hY7tszPniXgWNyh
NXMQFrJ/bqi4DeaEwMIb9JuspY0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR8Xrln
kqzCvKgMB3lo+G+sBZMJ/zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmNlOWE3ODktOTU5OS00YzlkLWEwOTMtZWFkMzAzM2Y2MGQxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMiMA0G
CSqGSIb3DQEBCwUAA4IBAQBH5N7jGXdn6lnplWmIRK06QBouBYNAZbCARvetDPSz
GWLVxz27DoQMglyeB/YpWBoTpCT1j365EcAv3i97YW/8co+FnMiI4iBHalbEgTV5
GKHjvLaiEuTN5FauexRJ9wIFxulyEuIgwHFRixlhVI83i2bh2CKgSLX7LFzZgMiF
weXyR6KIysilgjd2dOF/aXSzyfdseaqj4Aj7DpQBQKNLwwGSPNvTz9a9xGnXuksd
RtiyOaCj9UPafqSpJ6NBda4VXS28kYP6czkEYJ1DxB/zncp8CdQe7CGHron27n7T
LHRN2ceCWjAvaPb8IMdirGFdzHHy+Wh8GNlzO1P2haeH
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:12:56 2026 by rpki-client