Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2fc6a253-dc60-4611-8bc0-f4b11851ccf1.roa
File: 2fc6a253-dc60-4611-8bc0-f4b11851ccf1.roa (raw, json)
Hash identifier: fddzrgH8fnyt3H8H9vrvDWJpsO5W1tHyogPULXkMuH4=
Subject key identifier: 88:7F:6C:ED:5A:17:3B:82:58:13:47:59:30:F3:86:1D:92:78:08:E3
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 44070CB222D6CD8666E38A1A72684E8107CDB9E7
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2fc6a253-dc60-4611-8bc0-f4b11851ccf1.roa
Signing time: Tue 19 May 2026 05:40:05 +0000
ROA not before: Tue 19 May 2026 05:40:05 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.127.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 17 Jun 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:07:0c:b2:22:d6:cd:86:66:e3:8a:1a:72:68:4e:81:07:cd:b9:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 05:40:05 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=38b4a820c5714d6e26bd5d61817e97a27fde5660b3fc75798af8e9cab0f22882, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:d5:33:92:47:cd:0d:7e:a6:9e:42:8a:2b:1d:
5b:2c:36:59:4e:15:cf:04:36:08:24:65:8c:58:fd:
77:f6:dc:e7:1e:47:83:3d:ed:33:52:e0:b0:cb:a2:
6b:a3:6c:dd:73:03:11:40:42:52:03:48:68:b9:1f:
d2:d4:d0:fa:23:0a:3e:d1:80:51:2f:e4:be:dd:f1:
81:47:1b:26:d0:ad:ea:4f:43:17:30:81:73:da:a1:
bf:5e:21:1d:b7:f2:5d:b3:e5:47:b4:2f:3e:5f:d8:
0b:0b:20:d0:93:bd:bc:da:8d:dd:97:32:1a:28:7d:
4b:a8:e8:d3:7d:53:b9:e4:03:9c:45:7b:0e:31:ce:
7f:7f:a1:71:5d:84:f7:bd:a4:72:bb:df:ef:15:f5:
6e:d2:68:ee:01:4a:7c:79:6a:a8:40:db:82:bf:56:
22:c5:2b:57:fd:3e:66:b6:8f:e4:77:69:d1:61:e4:
91:7d:a1:2e:af:17:da:0c:6f:34:c4:6a:2c:6d:6c:
ac:01:2b:26:f5:ee:96:0c:0c:9f:fa:fe:b4:dc:ce:
3f:4c:88:c9:ed:2b:1b:2f:da:8a:c9:7d:a1:47:2e:
f3:c6:7c:8f:ec:34:62:b4:2b:83:ab:8a:3a:b2:2a:
4c:9c:ea:73:b8:40:bc:03:33:5a:a5:c4:f0:fd:bc:
61:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:7F:6C:ED:5A:17:3B:82:58:13:47:59:30:F3:86:1D:92:78:08:E3
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2fc6a253-dc60-4611-8bc0-f4b11851ccf1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.127.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5d:c2:cd:24:30:1c:e0:56:31:b8:af:31:67:20:d8:2b:15:84:
d8:4d:e7:76:ad:8a:d9:cc:4f:56:3f:b2:c1:b9:51:54:3c:3c:
30:81:b7:cb:0e:ca:a9:fa:86:65:9b:6e:90:54:04:15:5e:43:
08:03:84:64:2f:87:8d:eb:1e:6c:5e:aa:db:74:27:48:49:21:
3d:a8:bc:44:ea:eb:48:72:66:67:aa:50:f6:74:be:8a:7e:fa:
2e:17:3b:2c:3d:9b:af:50:95:32:26:aa:98:1f:dd:0a:b2:0c:
5d:ce:6d:7a:13:a9:62:f5:67:88:3f:8e:ac:f8:06:66:0c:48:
8b:5b:58:a4:23:14:e2:80:b8:1b:66:1b:18:aa:d7:f3:d4:d6:
05:f1:5a:a5:58:6f:0e:96:d7:dd:2d:0b:05:10:0e:6d:5e:9e:
5b:bf:de:c8:18:d8:82:03:e7:28:a1:e3:fd:81:33:4c:1b:f0:
50:23:4d:dc:0e:0b:86:9e:58:42:ae:9f:35:99:9c:dc:2a:91:
59:f0:62:0c:b1:df:1a:e0:9e:0f:0f:4f:65:93:9c:2b:b0:2b:
a1:a6:47:25:8d:7a:2c:a3:85:4e:30:0d:5d:a0:26:e9:27:f5:
f2:a2:1c:56:44:e0:0e:dd:65:b8:ce:da:6d:d3:0c:7f:a3:0d:
30:49:57:3f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIURAcMsiLWzYZm44oacmhOgQfNuecwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNTQwMDVaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDM4YjRhODIwYzU3MTRkNmUyNmJkNWQ2MTgxN2U5N2EyN2ZkZTU2NjBiM2Zj
NzU3OThhZjhlOWNhYjBmMjI4ODIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN3VM5JHzQ1+pp5CiisdWyw2WU4VzwQ2CCRljFj9d/bc5x5Hgz3tM1LgsMui
a6Ns3XMDEUBCUgNIaLkf0tTQ+iMKPtGAUS/kvt3xgUcbJtCt6k9DFzCBc9qhv14h
HbfyXbPlR7QvPl/YCwsg0JO9vNqN3ZcyGih9S6jo031TueQDnEV7DjHOf3+hcV2E
972kcrvf7xX1btJo7gFKfHlqqEDbgr9WIsUrV/0+ZraP5Hdp0WHkkX2hLq8X2gxv
NMRqLG1srAErJvXulgwMn/r+tNzOP0yIye0rGy/aisl9oUcu88Z8j+w0YrQrg6uK
OrIqTJzqc7hAvAMzWqXE8P28YcMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSIf2zt
Whc7glgTR1kw84YdkngI4zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmZjNmEyNTMtZGM2MC00NjExLThiYzAtZjRiMTE4NTFjY2YxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN/MA0G
CSqGSIb3DQEBCwUAA4IBAQBdws0kMBzgVjG4rzFnINgrFYTYTed2rYrZzE9WP7LB
uVFUPDwwgbfLDsqp+oZlm26QVAQVXkMIA4RkL4eN6x5sXqrbdCdISSE9qLxE6utI
cmZnqlD2dL6KfvouFzssPZuvUJUyJqqYH90Ksgxdzm16E6li9WeIP46s+AZmDEiL
W1ikIxTigLgbZhsYqtfz1NYF8VqlWG8OltfdLQsFEA5tXp5bv97IGNiCA+cooeP9
gTNMG/BQI03cDguGnlhCrp81mZzcKpFZ8GIMsd8a4J4PD09lk5wrsCuhpkcljXos
o4VOMA1doCbpJ/XyohxWROAO3WW4ztpt0wx/ow0wSVc/
-----END CERTIFICATE-----
Generated at Wed Jun 17 08:57:13 2026 by rpki-client