Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2d24b638-b951-4333-ac88-4886c7af230f.roa
File: 2d24b638-b951-4333-ac88-4886c7af230f.roa (raw, json)
Hash identifier: 7D7vsvwxnjEigNIJtD8FKJkeMc3OG3YczkZvLKPE3RE=
Subject key identifier: 54:3B:C5:A5:EE:60:F1:DD:96:CD:79:59:C3:65:8A:65:EF:45:B9:9B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5BE325FC986BD33DBED969721A6BBF5D265223A8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2d24b638-b951-4333-ac88-4886c7af230f.roa
Signing time: Sat 28 Feb 2026 06:40:24 +0000
ROA not before: Sat 28 Feb 2026 06:40:24 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.82.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:e3:25:fc:98:6b:d3:3d:be:d9:69:72:1a:6b:bf:5d:26:52:23:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 28 06:40:24 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=0b62fbc88c25ababc7740f6374d78719a555fb9163198e576ad20ec5174b2a84, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:10:e9:75:cf:e2:75:d2:c6:14:ce:a4:c6:94:
f6:86:da:4c:bc:8e:d4:5b:1a:7c:c1:95:16:55:3a:
d7:06:92:8e:53:2f:d8:94:49:59:b3:fa:27:63:36:
0c:d2:9c:d5:42:60:6e:73:7f:ba:d1:75:be:ad:16:
6a:0c:6f:50:05:cf:a1:85:c4:93:37:fb:5b:ec:cd:
26:6b:b7:f3:f0:0e:83:92:ad:15:38:3a:e8:c5:85:
18:f4:b9:80:13:c5:36:1a:85:ab:ea:00:f6:20:f6:
85:a0:ab:75:13:75:0d:78:1e:24:c4:85:53:0e:88:
db:13:fc:ef:5a:3b:55:32:9c:25:2e:0e:07:5c:4c:
65:10:7e:61:02:4b:c4:d1:70:71:80:a2:33:12:00:
53:22:b1:2e:6b:02:e2:82:e9:f3:5d:9b:58:ec:a8:
94:93:24:8f:12:d3:04:40:33:72:ca:83:d1:4c:f8:
e8:ec:1c:1c:20:91:e2:c2:be:46:35:6a:50:a8:51:
c5:60:9e:08:cf:aa:01:d3:6f:8c:f3:34:79:d1:16:
6e:93:48:60:d8:91:9a:b5:17:6d:89:c3:22:5d:8d:
42:2c:75:aa:ec:06:18:99:3c:9b:35:d4:a2:15:92:
d2:81:be:44:49:ef:79:a5:3a:8a:3c:04:45:71:8d:
38:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:3B:C5:A5:EE:60:F1:DD:96:CD:79:59:C3:65:8A:65:EF:45:B9:9B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2d24b638-b951-4333-ac88-4886c7af230f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.82.0.0/16
Signature Algorithm: sha256WithRSAEncryption
d4:3b:66:e4:c1:fc:4a:1f:27:5e:c9:a2:45:14:e3:d9:17:03:
bc:9b:ec:72:78:41:ed:24:7c:d4:61:b6:cc:ee:ff:e5:11:7e:
0b:2d:20:4e:6e:16:a9:ee:fc:67:5d:f7:6b:15:c1:6b:8c:56:
b7:31:2c:5a:07:d4:0f:d6:69:67:11:e9:1e:75:bf:49:39:b2:
95:68:17:d6:9c:13:64:ec:03:cd:99:83:7c:df:71:ea:c9:41:
b5:40:64:38:5b:69:70:d2:e4:d8:79:49:d8:07:e8:04:da:76:
4e:8e:15:a7:ad:3e:e1:87:a3:fa:60:01:1b:d7:75:a1:7c:e2:
6d:e7:3c:73:e1:00:b5:9f:8d:e3:98:e5:a5:35:1e:42:4c:9e:
08:77:3b:81:c1:ee:5c:0f:07:3b:de:a1:3a:e9:1c:01:e2:4a:
44:96:f9:15:d5:61:70:82:7b:bb:b3:8c:5e:61:f4:f8:23:d8:
5b:04:4a:41:e9:b0:e6:2b:cd:62:1d:67:da:2b:6e:bc:0e:84:
79:0f:40:fb:09:1b:0a:54:b9:7a:cc:7f:c6:85:15:f3:c8:31:
66:83:24:41:34:1a:94:c9:0d:4a:0f:7b:57:f1:03:9f:f1:3a:
ec:f6:b8:5b:e9:e5:d0:59:52:1d:2c:3c:36:4f:f5:f2:60:9e:
f7:97:ba:e0
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUW+Ml/Jhr0z2+2WlyGmu/XSZSI6gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMjgwNjQwMjRaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDBiNjJmYmM4OGMyNWFiYWJjNzc0MGY2Mzc0ZDc4NzE5YTU1NWZiOTE2MzE5
OGU1NzZhZDIwZWM1MTc0YjJhODQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANgQ6XXP4nXSxhTOpMaU9obaTLyO1FsafMGVFlU61waSjlMv2JRJWbP6J2M2
DNKc1UJgbnN/utF1vq0WagxvUAXPoYXEkzf7W+zNJmu38/AOg5KtFTg66MWFGPS5
gBPFNhqFq+oA9iD2haCrdRN1DXgeJMSFUw6I2xP871o7VTKcJS4OB1xMZRB+YQJL
xNFwcYCiMxIAUyKxLmsC4oLp812bWOyolJMkjxLTBEAzcsqD0Uz46OwcHCCR4sK+
RjVqUKhRxWCeCM+qAdNvjPM0edEWbpNIYNiRmrUXbYnDIl2NQix1quwGGJk8mzXU
ohWS0oG+REnveaU6ijwERXGNOKsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRUO8Wl
7mDx3ZbNeVnDZYpl70W5mzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmQyNGI2MzgtYjk1MS00MzMzLWFjODgtNDg4NmM3YWYyMzBmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNSMA0G
CSqGSIb3DQEBCwUAA4IBAQDUO2bkwfxKHydeyaJFFOPZFwO8m+xyeEHtJHzUYbbM
7v/lEX4LLSBObhap7vxnXfdrFcFrjFa3MSxaB9QP1mlnEekedb9JObKVaBfWnBNk
7APNmYN833HqyUG1QGQ4W2lw0uTYeUnYB+gE2nZOjhWnrT7hh6P6YAEb13WhfOJt
5zxz4QC1n43jmOWlNR5CTJ4IdzuBwe5cDwc73qE66RwB4kpElvkV1WFwgnu7s4xe
YfT4I9hbBEpB6bDmK81iHWfaK268DoR5D0D7CRsKVLl6zH/GhRXzyDFmgyRBNBqU
yQ1KD3tX8QOf8Trs9rhb6eXQWVIdLDw2T/XyYJ73l7rg
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:40:35 2026 by rpki-client