Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/41816f61-5ce3-406a-8d78-37c4eafa6915.roa
File: 41816f61-5ce3-406a-8d78-37c4eafa6915.roa (raw, json)
Hash identifier: wTIPIevoHW/EFVU1I9QJ7cpXTtlxV5xJzhmqK6mWka0=
Subject key identifier: 4E:CD:7D:71:A0:B6:B0:35:23:35:A2:3D:17:E8:D2:29:8E:0C:87:00
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7D5B5359CD5A022B83D6AE6A810CE79B297E14A8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/41816f61-5ce3-406a-8d78-37c4eafa6915.roa
Signing time: Sat 28 Feb 2026 06:30:58 +0000
ROA not before: Sat 28 Feb 2026 06:30:58 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.32.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:5b:53:59:cd:5a:02:2b:83:d6:ae:6a:81:0c:e7:9b:29:7e:14:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 28 06:30:58 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=da727dbe5602f28e1276202b3d0b532f8a5e61d62e229feb2b0f3060a224fdc2, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:3b:f8:76:f3:85:3f:fd:a4:d3:43:ed:4b:dc:
0e:33:75:3f:5a:f6:b3:64:fe:f2:a3:fe:64:0e:cf:
2e:d4:94:ac:45:e9:81:8f:aa:bc:71:f7:05:06:cd:
d7:eb:e9:8e:18:c1:78:b4:c2:3f:e6:51:a2:54:3c:
66:97:06:68:bf:f7:6c:32:28:d4:cb:52:e4:2b:5f:
d2:0d:24:87:51:ef:d6:f1:d1:21:51:99:dc:e8:11:
0d:86:85:19:c2:d6:6a:4d:da:0d:40:0e:77:e6:55:
70:73:80:10:8b:97:20:f1:c8:dd:dd:0d:e8:c8:32:
58:7c:17:98:ff:a0:f4:a7:2f:89:e5:be:dc:d9:3c:
ff:19:57:7f:ca:9f:29:35:ac:71:0e:98:28:ac:81:
af:b2:14:ba:01:eb:fd:15:61:01:25:11:4d:61:ec:
31:ed:e3:a5:32:e1:40:c9:2c:54:6d:b0:76:15:92:
99:50:8f:34:c3:16:62:64:46:01:b5:42:69:3b:f9:
be:92:f7:d5:e2:df:0b:19:b8:93:03:a9:bc:d4:a1:
65:1a:a4:12:8e:03:d5:a6:27:4b:b3:70:42:52:63:
84:32:c3:8b:3e:e0:d6:66:5f:2e:2e:6d:71:db:e4:
8a:4f:b5:2d:ea:8c:dd:b7:92:c9:ec:2d:29:75:11:
88:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:CD:7D:71:A0:B6:B0:35:23:35:A2:3D:17:E8:D2:29:8E:0C:87:00
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/41816f61-5ce3-406a-8d78-37c4eafa6915.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.32.0/19
Signature Algorithm: sha256WithRSAEncryption
c1:3d:7e:11:f8:af:6d:4c:1e:bf:57:b3:28:f5:1a:96:92:12:
b8:22:1d:1a:d5:7c:9d:69:20:63:45:fe:ab:f6:6f:ca:93:b1:
8a:46:fd:ec:24:45:a3:94:c9:e0:da:8b:e5:f9:1f:97:e3:03:
6a:53:68:4f:2d:f1:58:da:66:0a:af:38:0b:41:35:af:22:6b:
d7:bf:49:17:f8:40:08:77:a0:43:71:aa:9b:35:02:28:0f:69:
c2:0f:07:1b:03:d4:08:00:0f:23:59:1d:b1:48:dc:ea:dd:b3:
bd:6f:ab:90:37:e6:92:03:99:a8:73:1f:ae:26:62:5a:49:2f:
11:18:4d:42:dc:e2:03:06:ac:41:e7:d3:ae:34:36:9a:73:31:
5c:84:d8:1c:8e:a4:c8:c6:44:5f:71:e3:64:04:e4:e2:e1:c2:
f4:56:63:43:cb:01:94:ba:1c:d0:35:52:a6:a3:45:da:b9:55:
d3:08:ce:e2:ac:4e:d9:a0:9b:0f:99:17:69:72:4a:0b:1b:da:
29:6f:b3:78:d6:b2:04:3a:5c:9c:95:ce:a2:72:72:be:e1:0d:
c6:53:1b:48:be:d9:b6:a5:3b:b9:7a:64:96:39:ab:46:41:30:
0b:cb:d5:68:92:74:36:01:6c:b1:95:2e:04:c3:8f:06:1c:e3:
6b:9f:7c:1a
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUfVtTWc1aAiuD1q5qgQznmyl+FKgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMjgwNjMwNThaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGRhNzI3ZGJlNTYwMmYyOGUxMjc2MjAyYjNkMGI1MzJmOGE1ZTYxZDYyZTIy
OWZlYjJiMGYzMDYwYTIyNGZkYzIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPI7+HbzhT/9pNND7UvcDjN1P1r2s2T+8qP+ZA7PLtSUrEXpgY+qvHH3BQbN
1+vpjhjBeLTCP+ZRolQ8ZpcGaL/3bDIo1MtS5Ctf0g0kh1Hv1vHRIVGZ3OgRDYaF
GcLWak3aDUAOd+ZVcHOAEIuXIPHI3d0N6MgyWHwXmP+g9KcvieW+3Nk8/xlXf8qf
KTWscQ6YKKyBr7IUugHr/RVhASURTWHsMe3jpTLhQMksVG2wdhWSmVCPNMMWYmRG
AbVCaTv5vpL31eLfCxm4kwOpvNShZRqkEo4D1aYnS7NwQlJjhDLDiz7g1mZfLi5t
cdvkik+1LeqM3beSyewtKXURiOMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBROzX1x
oLawNSM1oj0X6NIpjgyHADAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDE4MTZmNjEtNWNlMy00MDZhLThkNzgtMzdjNGVhZmE2OTE1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBTMAIDAN
BgkqhkiG9w0BAQsFAAOCAQEAwT1+EfivbUwev1ezKPUalpISuCIdGtV8nWkgY0X+
q/ZvypOxikb97CRFo5TJ4NqL5fkfl+MDalNoTy3xWNpmCq84C0E1ryJr179JF/hA
CHegQ3GqmzUCKA9pwg8HGwPUCAAPI1kdsUjc6t2zvW+rkDfmkgOZqHMfriZiWkkv
ERhNQtziAwasQefTrjQ2mnMxXITYHI6kyMZEX3HjZATk4uHC9FZjQ8sBlLoc0DVS
pqNF2rlV0wjO4qxO2aCbD5kXaXJKCxvaKW+zeNayBDpcnJXOonJyvuENxlMbSL7Z
tqU7uXpkljmrRkEwC8vVaJJ0NgFssZUuBMOPBhzja598Gg==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:49:57 2026 by rpki-client