Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/397b5a86-52b0-4a8c-87de-e6da77812b46.roa
File: 397b5a86-52b0-4a8c-87de-e6da77812b46.roa (raw, json)
Hash identifier: b2FkcygtjQ54/OGzklyRQuzdpOnJdKpZY2Fff0161fU=
Subject key identifier: 30:1F:A8:11:70:AA:75:10:A3:B3:C1:B5:AD:60:7F:2B:F6:A8:FA:DA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7698575B2909108824DDD5C6E5736003B106FA42
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/397b5a86-52b0-4a8c-87de-e6da77812b46.roa
Signing time: Tue 19 May 2026 06:00:49 +0000
ROA not before: Tue 19 May 2026 06:00:49 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.248.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:98:57:5b:29:09:10:88:24:dd:d5:c6:e5:73:60:03:b1:06:fa:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 06:00:49 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=02cc66fe7363da896883a92bf9622200e0ba009fcb3029ba385917342cd11928, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:45:06:9e:3d:55:fe:8c:20:80:61:b6:95:2c:
6b:8d:f8:a0:24:61:1d:fb:ba:61:62:4f:ad:a3:19:
82:64:b0:85:4d:f3:04:fb:6b:4e:71:db:80:a5:47:
1f:5b:34:16:de:1b:f5:f6:ec:ab:fa:e3:63:68:22:
5e:1d:f6:9d:da:57:dd:d7:ec:e0:36:6a:48:fe:8e:
eb:ff:82:13:4a:e3:d0:dc:71:28:bc:cf:01:72:f0:
05:fa:e8:fe:ab:45:83:bd:4d:a0:2a:4c:3a:62:d6:
85:f3:e4:67:dd:66:1d:60:34:97:34:f0:54:29:33:
2a:18:7b:54:a4:e7:1f:b5:20:29:50:47:07:9e:cc:
2c:07:68:b0:7b:68:da:ac:7d:58:af:14:61:82:c4:
35:e9:0b:ef:cf:b8:4c:63:85:3b:ef:4c:e9:2b:9c:
78:6a:4b:34:b6:fa:c5:c2:be:7c:d3:a2:96:f4:fb:
52:9c:ac:63:6d:9e:51:b5:24:3b:d2:1f:a6:10:ee:
9d:21:77:d5:f4:7d:9f:af:65:5d:8f:55:c7:f8:9f:
7d:c3:e4:8e:1f:d3:c8:b5:a7:a2:1d:39:a1:b8:6f:
c9:1c:0c:5c:cf:ac:a6:18:43:ed:48:4e:03:17:d8:
75:ac:3c:59:ca:a8:c5:d1:54:f7:49:f7:5e:e4:0b:
f2:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:1F:A8:11:70:AA:75:10:A3:B3:C1:B5:AD:60:7F:2B:F6:A8:FA:DA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/397b5a86-52b0-4a8c-87de-e6da77812b46.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.248.0.0/15
Signature Algorithm: sha256WithRSAEncryption
6b:bb:e0:ac:45:d1:11:88:df:3f:fb:4e:b9:23:24:30:28:78:
b8:b7:a6:84:fe:36:1d:16:84:a4:52:b7:02:97:5e:f9:8c:a7:
da:24:0c:76:ac:7b:6d:39:19:26:9b:d0:45:4e:64:2e:0e:e5:
22:b5:65:12:00:12:06:d8:1f:10:c7:0d:b2:01:9a:c2:99:b4:
6c:89:27:f3:c3:60:8f:62:58:87:83:6d:f8:ec:ea:22:95:04:
1b:d5:ab:b0:a8:eb:4d:4a:07:81:3d:a9:6e:09:7e:ed:cf:90:
63:f0:eb:bb:35:78:0e:a5:0c:a0:03:c9:a3:27:c5:7b:0a:fb:
fa:b6:21:05:b1:31:10:c1:26:2d:f0:ec:77:ad:83:3a:7e:dd:
3b:40:68:75:f3:2d:4d:43:26:c1:bb:1e:d9:ee:c4:d2:69:3f:
e4:45:56:e3:6c:4b:65:13:86:14:f9:c4:b7:a2:d5:d1:12:f7:
24:3e:13:e8:ac:5c:05:c6:cc:09:91:c3:42:46:a8:fb:6a:3c:
ee:1a:cd:96:5e:98:32:a9:6b:ce:b9:30:99:ff:d6:2a:c3:9b:
76:0e:cc:c1:df:bb:0a:95:9f:ff:4f:50:49:5d:9c:c5:52:2e:
2c:76:34:de:4b:b9:b7:28:4f:29:27:8e:bd:f4:a2:f2:9b:22:
59:68:25:8c
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUdphXWykJEIgk3dXG5XNgA7EG+kIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNjAwNDlaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDAyY2M2NmZlNzM2M2RhODk2ODgzYTkyYmY5NjIyMjAwZTBiYTAwOWZjYjMw
MjliYTM4NTkxNzM0MmNkMTE5MjgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKJFBp49Vf6MIIBhtpUsa434oCRhHfu6YWJPraMZgmSwhU3zBPtrTnHbgKVH
H1s0Ft4b9fbsq/rjY2giXh32ndpX3dfs4DZqSP6O6/+CE0rj0NxxKLzPAXLwBfro
/qtFg71NoCpMOmLWhfPkZ91mHWA0lzTwVCkzKhh7VKTnH7UgKVBHB57MLAdosHto
2qx9WK8UYYLENekL78+4TGOFO+9M6SuceGpLNLb6xcK+fNOilvT7UpysY22eUbUk
O9IfphDunSF31fR9n69lXY9Vx/iffcPkjh/TyLWnoh05obhvyRwMXM+sphhD7UhO
AxfYdaw8WcqoxdFU90n3XuQL8s8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQwH6gR
cKp1EKOzwbWtYH8r9qj62jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Mzk3YjVhODYtNTJiMC00YThjLTg3ZGUtZTZkYTc3ODEyYjQ2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATP4MA0G
CSqGSIb3DQEBCwUAA4IBAQBru+CsRdERiN8/+065IyQwKHi4t6aE/jYdFoSkUrcC
l175jKfaJAx2rHttORkmm9BFTmQuDuUitWUSABIG2B8Qxw2yAZrCmbRsiSfzw2CP
YliHg2347OoilQQb1auwqOtNSgeBPaluCX7tz5Bj8Ou7NXgOpQygA8mjJ8V7Cvv6
tiEFsTEQwSYt8Ox3rYM6ft07QGh18y1NQybBux7Z7sTSaT/kRVbjbEtlE4YU+cS3
otXREvckPhPorFwFxswJkcNCRqj7ajzuGs2WXpgyqWvOuTCZ/9Yqw5t2DszB37sK
lZ//T1BJXZzFUi4sdjTeS7m3KE8pJ4699KLymyJZaCWM
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:23:42 2026 by rpki-client