Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2db57b82-f8e4-4b85-a46a-befecb4774c0.roa
File: 2db57b82-f8e4-4b85-a46a-befecb4774c0.roa (raw, json)
Hash identifier: A7gIxuu+/XVOACVbPh3kWn4R6qU2Fe+uSC2RfuAxoPM=
Subject key identifier: 77:53:72:D4:D9:B7:BF:CB:E8:AE:EC:1C:4C:96:56:BD:7B:03:A1:76
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3A864F259DD57AD713468E0401EAA773A0BD2F39
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2db57b82-f8e4-4b85-a46a-befecb4774c0.roa
Signing time: Sat 28 Feb 2026 06:40:02 +0000
ROA not before: Sat 28 Feb 2026 06:40:02 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.32.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:86:4f:25:9d:d5:7a:d7:13:46:8e:04:01:ea:a7:73:a0:bd:2f:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 28 06:40:02 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=1a6614d224d3cde81c887cff5e4706ae4334a7b3078c131091d0a2902733f754, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:67:60:ce:f7:4f:28:65:4e:28:47:a8:6f:07:
be:d2:93:4d:cb:b7:70:1a:0a:cc:f3:47:e6:ba:17:
2d:a7:76:4f:c8:3f:0d:fa:a8:2e:e9:48:ed:ef:82:
57:07:1b:93:da:07:db:ac:16:d0:50:1d:e7:d9:f8:
a1:1a:55:bd:9d:e9:ff:8f:f7:7a:a3:c7:a5:5c:af:
81:56:68:5f:a9:85:b3:4b:80:69:5a:09:e9:83:0c:
6e:08:9d:3d:d6:86:05:0f:3c:68:dc:aa:2f:9a:c3:
a2:e4:97:9d:f3:d8:48:20:a6:80:fe:c0:a8:79:1c:
ca:6a:9f:8c:5f:11:63:60:3a:ca:4a:a4:d2:d7:5e:
77:83:cd:5e:f5:9d:69:bb:f2:bd:71:a8:a1:2c:81:
22:c6:4f:3a:c4:c6:48:35:7a:ec:6f:ba:be:65:70:
5f:46:0f:a9:25:b7:98:f2:95:c6:e0:f1:90:95:d9:
1c:d6:2d:e9:3c:68:66:8b:89:3e:61:bf:b4:3f:04:
f5:33:f6:cb:97:89:bc:0c:b4:45:25:73:d2:a9:39:
d5:2b:6a:aa:5c:97:3c:33:3e:e2:9f:3a:c9:2a:ad:
d0:5d:16:e3:b5:f9:6e:0d:d0:d1:9b:b1:37:c7:dd:
5f:1f:a2:a1:27:2d:78:ee:ab:23:e3:67:83:aa:d2:
94:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:53:72:D4:D9:B7:BF:CB:E8:AE:EC:1C:4C:96:56:BD:7B:03:A1:76
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2db57b82-f8e4-4b85-a46a-befecb4774c0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.32.0.0/16
Signature Algorithm: sha256WithRSAEncryption
69:ca:a2:6e:bb:ca:27:13:13:ff:75:29:18:3f:61:4b:1c:b5:
b2:9e:f6:be:32:ea:21:40:ca:16:86:c6:5c:1a:94:95:3e:eb:
14:a9:07:fd:dd:5b:02:c4:d6:6c:15:80:c0:2a:33:b3:8c:04:
c4:b7:61:e1:b8:32:81:b6:a1:5d:cb:fe:11:cb:22:d3:f8:bb:
ec:56:1e:1f:19:09:41:de:09:1e:e4:7b:0b:6a:eb:28:11:75:
38:f9:06:21:2a:1c:e0:0d:54:83:64:ad:4e:5d:27:f1:76:df:
ab:34:c7:13:ad:1a:c9:40:0c:03:3e:8a:b8:76:54:13:f3:f9:
7b:e0:43:10:bd:a0:00:f4:be:eb:e7:17:4c:97:20:b5:ed:5d:
a7:43:3e:1e:ce:be:e8:26:4e:5f:94:ac:b9:e4:47:93:47:3b:
0c:64:05:db:4d:c3:db:1d:90:43:c9:9c:82:62:52:1f:29:32:
42:c7:1b:90:18:c1:7a:f0:0b:d1:eb:b3:6f:a2:5f:8a:bc:2b:
3a:1a:2d:f9:e7:7a:a0:b9:de:ef:a6:f0:77:a5:92:7d:c4:73:
37:05:1d:39:5c:86:31:87:d2:ea:7e:d9:ca:99:04:de:11:bf:
91:ed:eb:9f:47:45:cc:d0:d7:50:1b:5a:50:93:b9:95:a8:3e:
91:d7:eb:55
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUOoZPJZ3VetcTRo4EAeqnc6C9LzkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMjgwNjQwMDJaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDFhNjYxNGQyMjRkM2NkZTgxYzg4N2NmZjVlNDcwNmFlNDMzNGE3YjMwNzhj
MTMxMDkxZDBhMjkwMjczM2Y3NTQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANRnYM73TyhlTihHqG8HvtKTTcu3cBoKzPNH5roXLad2T8g/DfqoLulI7e+C
Vwcbk9oH26wW0FAd59n4oRpVvZ3p/4/3eqPHpVyvgVZoX6mFs0uAaVoJ6YMMbgid
PdaGBQ88aNyqL5rDouSXnfPYSCCmgP7AqHkcymqfjF8RY2A6ykqk0tded4PNXvWd
abvyvXGooSyBIsZPOsTGSDV67G+6vmVwX0YPqSW3mPKVxuDxkJXZHNYt6TxoZouJ
PmG/tD8E9TP2y5eJvAy0RSVz0qk51StqqlyXPDM+4p86ySqt0F0W47X5bg3Q0Zux
N8fdXx+ioScteO6rI+Nng6rSlG8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR3U3LU
2be/y+iu7BxMlla9ewOhdjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmRiNTdiODItZjhlNC00Yjg1LWE0NmEtYmVmZWNiNDc3NGMwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMgMA0G
CSqGSIb3DQEBCwUAA4IBAQBpyqJuu8onExP/dSkYP2FLHLWynva+MuohQMoWhsZc
GpSVPusUqQf93VsCxNZsFYDAKjOzjATEt2HhuDKBtqFdy/4RyyLT+LvsVh4fGQlB
3gke5HsLausoEXU4+QYhKhzgDVSDZK1OXSfxdt+rNMcTrRrJQAwDPoq4dlQT8/l7
4EMQvaAA9L7r5xdMlyC17V2nQz4ezr7oJk5flKy55EeTRzsMZAXbTcPbHZBDyZyC
YlIfKTJCxxuQGMF68AvR67Nvol+KvCs6Gi3553qgud7vpvB3pZJ9xHM3BR05XIYx
h9LqftnKmQTeEb+R7eufR0XM0NdQG1pQk7mVqD6R1+tV
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:48:14 2026 by rpki-client