Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/41816f61-5ce3-406a-8d78-37c4eafa6915.roa
File: 41816f61-5ce3-406a-8d78-37c4eafa6915.roa (raw, json)
Hash identifier: PEiJYqV5+qB02NxA6Wi89fRVfmGg6rDazBtgKRVOlyw=
Subject key identifier: EC:B7:4F:27:03:AB:B9:8F:8B:C4:1A:B5:53:F8:9C:01:B1:F0:F2:2D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 09F1BF2A655C4D9EB27AA2116215339D8CDA7A20
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/41816f61-5ce3-406a-8d78-37c4eafa6915.roa
Signing time: Tue 19 May 2026 05:40:06 +0000
ROA not before: Tue 19 May 2026 05:40:06 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.32.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:f1:bf:2a:65:5c:4d:9e:b2:7a:a2:11:62:15:33:9d:8c:da:7a:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 05:40:06 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=5f569a7f27b12ad9ecfbb3371e9aaf2118945d2389e441a407a76f3020ddbf66, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:dc:69:bc:c7:2e:ab:a9:e8:2c:b0:b3:37:9f:
49:75:45:36:f7:6b:71:25:17:fa:99:71:2a:2b:1c:
c9:41:d4:9b:13:9e:78:2b:ed:a6:53:f8:43:1a:8f:
64:59:4b:08:b5:9e:d5:4e:ca:9b:60:0c:8d:c3:73:
a7:f2:3f:c4:9d:de:d2:50:c6:5e:f0:5d:51:5c:cd:
34:e4:f2:08:73:68:0f:6e:86:b6:b6:85:cd:91:1d:
a4:fc:88:0b:75:50:50:19:a2:a7:7d:6a:2d:43:9f:
4e:f0:c2:9a:29:35:f1:8e:35:b4:66:2c:19:09:12:
b2:e5:18:e2:7f:b9:f5:42:11:ec:24:d2:9b:7c:a5:
60:7f:ca:72:41:06:4d:c8:78:a8:a6:57:23:b7:17:
03:47:84:21:42:2f:bc:f8:6b:70:1a:b9:a9:20:df:
40:10:d7:80:a0:13:53:ad:fe:12:c5:44:08:56:e5:
70:22:94:30:e4:be:f9:61:6d:c8:77:1e:ed:da:02:
79:a7:25:ef:a4:ac:58:2e:8d:a8:d5:83:23:85:3e:
02:fa:07:e5:45:f0:d2:e5:27:9d:1e:a0:2a:44:ee:
2c:21:ee:91:3f:62:d9:e3:4f:f2:d7:87:aa:97:47:
19:eb:23:52:64:53:ff:df:d6:65:84:39:f8:ba:ae:
c0:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:B7:4F:27:03:AB:B9:8F:8B:C4:1A:B5:53:F8:9C:01:B1:F0:F2:2D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/41816f61-5ce3-406a-8d78-37c4eafa6915.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.32.0/19
Signature Algorithm: sha256WithRSAEncryption
a9:77:12:e1:ee:de:fa:4d:5d:99:f6:7b:37:81:32:26:ca:fa:
fb:da:89:c8:ee:a0:7d:64:21:91:82:82:6c:39:a9:51:be:f9:
53:1e:75:05:e3:36:2f:2c:a5:27:2b:4b:7e:2a:e4:3e:c8:16:
ab:4b:c4:34:94:9b:78:dd:6a:74:d2:ae:a3:40:fd:99:23:86:
a6:8c:a2:4c:88:a5:b8:fe:2b:3f:26:55:47:ce:6c:b2:b0:52:
d6:3e:b9:9c:53:1b:1c:6d:37:65:3c:08:61:a8:4e:30:38:eb:
d2:42:29:94:a7:1e:4e:72:5f:d6:76:8a:8b:60:84:96:14:e9:
49:e7:7d:19:e4:34:94:ec:0a:b2:04:48:1e:d2:a1:9b:71:70:
5b:27:fb:c1:e7:87:a0:12:f3:f5:be:de:7f:24:8a:21:1b:b5:
6f:76:49:ab:55:47:0f:8e:f9:4e:7e:1e:6c:18:91:3c:d6:07:
35:39:4e:f0:2a:d2:5a:98:28:78:dd:56:82:3d:14:a8:c2:ed:
31:bd:6a:ab:c8:2d:da:cf:bf:54:5b:4e:1c:e3:13:f7:a2:80:
30:28:ed:0d:43:7a:99:49:a2:57:44:c3:c2:5a:42:12:6e:d4:
c5:10:8f:b4:70:e6:9b:08:a4:17:4c:9d:d0:f1:aa:d7:b6:7a:
df:2b:b1:28
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUCfG/KmVcTZ6yeqIRYhUznYzaeiAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNTQwMDZaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDVmNTY5YTdmMjdiMTJhZDllY2ZiYjMzNzFlOWFhZjIxMTg5NDVkMjM4OWU0
NDFhNDA3YTc2ZjMwMjBkZGJmNjYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK7cabzHLqup6CywszefSXVFNvdrcSUX+plxKiscyUHUmxOeeCvtplP4QxqP
ZFlLCLWe1U7Km2AMjcNzp/I/xJ3e0lDGXvBdUVzNNOTyCHNoD26GtraFzZEdpPyI
C3VQUBmip31qLUOfTvDCmik18Y41tGYsGQkSsuUY4n+59UIR7CTSm3ylYH/KckEG
Tch4qKZXI7cXA0eEIUIvvPhrcBq5qSDfQBDXgKATU63+EsVECFblcCKUMOS++WFt
yHce7doCeacl76SsWC6NqNWDI4U+AvoH5UXw0uUnnR6gKkTuLCHukT9i2eNP8teH
qpdHGesjUmRT/9/WZYQ5+LquwK0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTst08n
A6u5j4vEGrVT+JwBsfDyLTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDE4MTZmNjEtNWNlMy00MDZhLThkNzgtMzdjNGVhZmE2OTE1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBTMAIDAN
BgkqhkiG9w0BAQsFAAOCAQEAqXcS4e7e+k1dmfZ7N4EyJsr6+9qJyO6gfWQhkYKC
bDmpUb75Ux51BeM2LyylJytLfirkPsgWq0vENJSbeN1qdNKuo0D9mSOGpoyiTIil
uP4rPyZVR85ssrBS1j65nFMbHG03ZTwIYahOMDjr0kIplKceTnJf1naKi2CElhTp
Sed9GeQ0lOwKsgRIHtKhm3FwWyf7weeHoBLz9b7efySKIRu1b3ZJq1VHD475Tn4e
bBiRPNYHNTlO8CrSWpgoeN1Wgj0UqMLtMb1qq8gt2s+/VFtOHOMT96KAMCjtDUN6
mUmiV0TDwlpCEm7UxRCPtHDmmwikF0yd0PGq17Z63yuxKA==
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:00:10 2026 by rpki-client