Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/39032a05-08aa-42f2-98fc-8aa6aeee1dc2.roa
File: 39032a05-08aa-42f2-98fc-8aa6aeee1dc2.roa (raw, json)
Hash identifier: kI3QL6k5+7zzKKWcB3aZEYzhJSEbQfRfNWVrCLC3W2w=
Subject key identifier: F7:64:A2:DC:6C:35:50:40:E0:35:D5:C5:8C:3D:22:03:E9:ED:6D:09
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0C71545639033A728FD5E000E13D3B29D519DB30
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/39032a05-08aa-42f2-98fc-8aa6aeee1dc2.roa
Signing time: Sun 01 Mar 2026 01:00:32 +0000
ROA not before: Sun 01 Mar 2026 01:00:32 +0000
ROA not after: Sat 30 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.80.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:71:54:56:39:03:3a:72:8f:d5:e0:00:e1:3d:3b:29:d5:19:db:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 1 01:00:32 2026 GMT
Not After : May 30 23:59:59 2026 GMT
Subject: serialNumber=655004392479c4f438a2e0bd71d3596f4787f2f90c1ed7dc0e9d8f321228f9c7, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:9b:af:42:9b:2b:90:63:dd:86:23:de:10:6f:
ab:50:aa:ee:88:44:11:4c:9d:63:7b:86:fa:dc:e9:
75:ee:c7:3c:84:9d:0e:83:38:6a:e3:55:ee:94:8e:
43:b8:f7:56:eb:73:ad:6c:49:d3:b9:f6:19:b3:68:
62:19:ad:99:32:2b:a5:98:00:ff:86:d5:42:8b:bd:
ca:d0:4a:92:53:4b:4b:76:e5:03:ed:23:39:84:da:
ce:2b:d8:6a:b9:58:9d:a3:7a:56:c4:b8:c4:40:31:
26:76:0b:07:31:44:0a:65:d0:7f:27:00:c7:7d:2a:
f9:98:fd:7c:c9:98:7a:e3:b7:ff:93:1e:ad:19:5d:
b9:9e:1e:a3:5c:f3:44:b5:11:5c:95:e2:77:cd:c3:
1c:e1:77:32:8f:b7:36:e0:6c:d6:6f:b7:5f:61:62:
93:31:79:2b:88:01:04:96:8b:22:cc:aa:8c:de:a2:
1a:28:74:35:3e:fa:f9:b3:5d:76:b3:c4:2c:a6:96:
c6:ec:9f:13:1d:e8:5f:da:9d:1e:24:b5:25:4b:a7:
80:2f:34:78:d5:3f:5c:74:00:b1:eb:d0:36:82:e3:
1a:21:5c:0a:17:4e:de:38:18:01:0a:78:1f:87:c1:
58:30:ca:59:95:dd:8d:3a:00:09:ac:19:e7:dc:16:
fd:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:64:A2:DC:6C:35:50:40:E0:35:D5:C5:8C:3D:22:03:E9:ED:6D:09
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/39032a05-08aa-42f2-98fc-8aa6aeee1dc2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.80.0/21
Signature Algorithm: sha256WithRSAEncryption
69:d2:fd:b0:b1:48:7f:35:99:48:b8:07:36:32:df:47:54:86:
10:18:56:26:d4:7b:c1:f2:36:ac:e2:12:39:56:c7:21:73:f3:
32:c4:64:af:ac:14:4b:b4:fc:41:a8:b8:97:22:15:4d:44:cf:
24:5d:f3:d7:ad:62:33:db:38:c9:5a:c7:56:4f:c3:c4:a9:63:
80:09:78:24:92:d9:a5:1a:a8:b4:92:2e:4a:92:5f:ab:c3:67:
fb:51:44:0b:ac:c5:18:05:c9:97:32:76:29:a0:75:c1:d7:1b:
c9:52:ba:8f:b8:cb:93:4a:7f:00:50:5a:06:0d:56:be:03:b5:
6c:a0:0d:7b:8f:7d:02:df:8e:42:95:af:d8:c6:f6:c8:bd:1d:
73:98:e6:72:6a:d8:9f:a0:9c:7b:ee:7c:0b:42:33:87:59:30:
79:05:8f:79:a3:04:a4:71:af:e6:63:2f:dc:92:bd:c9:6a:5e:
03:b6:80:35:7d:af:f0:02:e3:bb:c4:8b:c8:e8:22:f5:9a:e4:
45:f5:9f:41:52:7b:9c:f4:1c:4c:80:3c:7e:e7:a0:53:18:93:
51:09:ab:4a:8f:0a:12:48:60:c8:85:0e:56:5c:96:8d:83:81:
44:e0:4a:b0:7e:b0:31:ef:e3:d6:c4:23:65:2d:c9:85:39:f4:
95:0a:45:e5
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUDHFUVjkDOnKP1eAA4T07KdUZ2zAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAzMDEwMTAwMzJaFw0yNjA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDY1NTAwNDM5MjQ3OWM0ZjQzOGEyZTBiZDcxZDM1OTZmNDc4N2YyZjkwYzFl
ZDdkYzBlOWQ4ZjMyMTIyOGY5YzcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALmbr0KbK5Bj3YYj3hBvq1Cq7ohEEUydY3uG+tzpde7HPISdDoM4auNV7pSO
Q7j3VutzrWxJ07n2GbNoYhmtmTIrpZgA/4bVQou9ytBKklNLS3blA+0jOYTazivY
arlYnaN6VsS4xEAxJnYLBzFECmXQfycAx30q+Zj9fMmYeuO3/5MerRlduZ4eo1zz
RLURXJXid83DHOF3Mo+3NuBs1m+3X2FikzF5K4gBBJaLIsyqjN6iGih0NT76+bNd
drPELKaWxuyfEx3oX9qdHiS1JUungC80eNU/XHQAsevQNoLjGiFcChdO3jgYAQp4
H4fBWDDKWZXdjToACawZ59wW/XECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT3ZKLc
bDVQQOA11cWMPSID6e1tCTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MzkwMzJhMDUtMDhhYS00MmYyLTk4ZmMtOGFhNmFlZWUxZGMyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzMAUDAN
BgkqhkiG9w0BAQsFAAOCAQEAadL9sLFIfzWZSLgHNjLfR1SGEBhWJtR7wfI2rOIS
OVbHIXPzMsRkr6wUS7T8Qai4lyIVTUTPJF3z161iM9s4yVrHVk/DxKljgAl4JJLZ
pRqotJIuSpJfq8Nn+1FEC6zFGAXJlzJ2KaB1wdcbyVK6j7jLk0p/AFBaBg1WvgO1
bKANe499At+OQpWv2Mb2yL0dc5jmcmrYn6Cce+58C0Izh1kweQWPeaMEpHGv5mMv
3JK9yWpeA7aANX2v8ALju8SLyOgi9ZrkRfWfQVJ7nPQcTIA8fuegUxiTUQmrSo8K
EkhgyIUOVlyWjYOBROBKsH6wMe/j1sQjZS3JhTn0lQpF5Q==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:44:55 2026 by rpki-client