Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/39032a05-08aa-42f2-98fc-8aa6aeee1dc2.roa
File: 39032a05-08aa-42f2-98fc-8aa6aeee1dc2.roa (raw, json)
Hash identifier: T+62GWTbxz+TKkPhV7XGLQbs15aR66aYJYW5L49LK/o=
Subject key identifier: B6:C7:08:4F:EF:D8:D7:5E:1C:32:16:81:B7:DD:52:E1:C9:76:D4:8A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2FFFD2B4C91CC8898F1770F6E6DA41A57572DAE3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/39032a05-08aa-42f2-98fc-8aa6aeee1dc2.roa
Signing time: Wed 20 May 2026 00:50:19 +0000
ROA not before: Wed 20 May 2026 00:50:19 +0000
ROA not after: Tue 18 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.80.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:ff:d2:b4:c9:1c:c8:89:8f:17:70:f6:e6:da:41:a5:75:72:da:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 00:50:19 2026 GMT
Not After : Aug 18 23:59:59 2026 GMT
Subject: serialNumber=33e2ecb8a6c045cbbbb20ad55e67a2f42fd5ab7256f57d7eb0619dcac94ae763, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:83:1d:28:ee:ac:ae:44:ba:58:93:c5:f3:fc:
7d:10:ac:64:33:45:09:94:4f:0a:d3:c8:0b:91:16:
6f:4d:6c:b9:37:29:d8:43:dd:66:81:8c:57:7a:2b:
25:dd:bf:47:d2:c1:16:fc:56:01:4f:24:68:7a:6e:
98:f5:c5:57:51:1b:2f:d9:29:be:91:48:ef:dc:22:
06:00:ac:61:e2:6f:93:c8:45:66:18:82:63:e7:cf:
e0:f4:c8:8d:cf:ae:3a:ba:29:a9:4c:0d:b0:59:5b:
a9:60:ed:3b:88:28:17:5e:96:90:c8:ae:25:6a:72:
2d:f3:25:31:94:bb:41:d5:65:be:54:6f:99:43:f2:
7a:7d:8d:57:12:60:91:ae:4e:d9:b1:06:fe:40:78:
74:b8:e8:4c:27:8e:7b:f4:e9:02:7e:d5:23:e6:aa:
b1:10:fe:b6:2b:48:05:23:fb:2e:ad:2a:6e:cc:d5:
4f:a9:01:5d:22:97:df:cf:f2:c5:b4:fa:8c:4c:22:
5f:75:00:b3:6d:2f:05:57:ca:ff:c6:c7:a9:74:be:
d8:b0:50:27:93:ee:59:5c:82:ca:01:71:68:4b:68:
c2:6a:0b:0e:9a:25:62:7b:50:6f:95:b8:8d:51:3f:
5e:fe:aa:f6:12:04:91:6f:d4:13:8d:d4:22:00:6e:
09:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:C7:08:4F:EF:D8:D7:5E:1C:32:16:81:B7:DD:52:E1:C9:76:D4:8A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/39032a05-08aa-42f2-98fc-8aa6aeee1dc2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.80.0/21
Signature Algorithm: sha256WithRSAEncryption
40:38:f3:31:44:82:a4:45:8f:80:ef:50:a3:0e:54:87:14:2f:
61:eb:99:81:4c:7b:ce:5f:68:ee:28:d2:ad:dd:35:7b:44:b8:
13:3c:18:aa:dd:35:7a:13:64:a0:7d:77:64:3f:b7:df:8a:46:
99:7f:1f:27:99:4b:5d:df:26:15:b0:38:bc:25:53:55:ad:47:
ae:89:c7:32:c6:8c:8e:6c:30:5f:b1:47:a7:cf:9c:89:52:26:
54:83:b3:c4:7c:3b:97:4b:a0:1e:fb:d7:e0:55:73:2c:57:75:
11:80:a7:72:16:12:c6:0d:ff:6f:5e:ee:60:37:75:39:9c:65:
bd:79:80:d3:13:ea:62:ff:c5:30:4e:8e:d9:c5:3b:35:f7:28:
dc:6a:84:ef:9a:44:bf:40:e5:b3:67:60:27:fb:00:f1:f0:94:
64:17:1a:18:a3:99:76:4f:96:07:11:1e:0a:34:70:6a:b9:a1:
f0:46:05:2d:8f:53:c8:0e:e0:be:7e:9a:7a:65:61:e2:e7:04:
e0:81:50:98:84:78:81:ad:27:99:eb:34:e7:b4:e7:b7:38:b3:
13:8f:5d:17:90:da:65:c3:20:c8:b1:a7:d9:c2:eb:4a:ed:de:
82:e5:16:b1:59:23:5e:aa:f7:06:11:af:c5:4d:db:e5:84:91:
2e:13:01:46
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUL//StMkcyImPF3D25tpBpXVy2uMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MjAwMDUwMTlaFw0yNjA4MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDMzZTJlY2I4YTZjMDQ1Y2JiYmIyMGFkNTVlNjdhMmY0MmZkNWFiNzI1NmY1
N2Q3ZWIwNjE5ZGNhYzk0YWU3NjMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALSDHSjurK5EuliTxfP8fRCsZDNFCZRPCtPIC5EWb01suTcp2EPdZoGMV3or
Jd2/R9LBFvxWAU8kaHpumPXFV1EbL9kpvpFI79wiBgCsYeJvk8hFZhiCY+fP4PTI
jc+uOropqUwNsFlbqWDtO4goF16WkMiuJWpyLfMlMZS7QdVlvlRvmUPyen2NVxJg
ka5O2bEG/kB4dLjoTCeOe/TpAn7VI+aqsRD+titIBSP7Lq0qbszVT6kBXSKX38/y
xbT6jEwiX3UAs20vBVfK/8bHqXS+2LBQJ5PuWVyCygFxaEtowmoLDpolYntQb5W4
jVE/Xv6q9hIEkW/UE43UIgBuCU0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBS2xwhP
79jXXhwyFoG33VLhyXbUijAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MzkwMzJhMDUtMDhhYS00MmYyLTk4ZmMtOGFhNmFlZWUxZGMyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzMAUDAN
BgkqhkiG9w0BAQsFAAOCAQEAQDjzMUSCpEWPgO9Qow5UhxQvYeuZgUx7zl9o7ijS
rd01e0S4EzwYqt01ehNkoH13ZD+334pGmX8fJ5lLXd8mFbA4vCVTVa1HronHMsaM
jmwwX7FHp8+ciVImVIOzxHw7l0ugHvvX4FVzLFd1EYCnchYSxg3/b17uYDd1OZxl
vXmA0xPqYv/FME6O2cU7Nfco3GqE75pEv0Dls2dgJ/sA8fCUZBcaGKOZdk+WBxEe
CjRwarmh8EYFLY9TyA7gvn6aemVh4ucE4IFQmIR4ga0nmes057TntzizE49dF5Da
ZcMgyLGn2cLrSu3eguUWsVkjXqr3BhGvxU3b5YSRLhMBRg==
-----END CERTIFICATE-----
Generated at Sat Jun 13 07:59:46 2026 by rpki-client