Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4264c9e7-8855-4a41-950f-ef8df4425790.roa
File: 4264c9e7-8855-4a41-950f-ef8df4425790.roa (raw, json)
Hash identifier: 6pBdbGg6VmkUvgzS5d23zUQkHw75IAXXq7h4fAE1L6o=
Subject key identifier: A6:30:40:8D:3D:94:1D:A9:53:29:3C:D5:4F:A8:07:EF:F1:CB:D5:99
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 170DF1D8AE3F09A66B4B98848CD71D6071E6A7CD
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4264c9e7-8855-4a41-950f-ef8df4425790.roa
Signing time: Sat 28 Feb 2026 06:40:09 +0000
ROA not before: Sat 28 Feb 2026 06:40:09 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 14618
IP address blocks: 51.200.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:0d:f1:d8:ae:3f:09:a6:6b:4b:98:84:8c:d7:1d:60:71:e6:a7:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 28 06:40:09 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=468180a7710617a5aa8d75a8f64f5c91fc9f1641c5eab87e14faf53aa1c289ac, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:4a:e6:c0:e3:78:fc:2e:87:48:2d:c2:ed:37:
f2:27:8e:86:7d:38:3c:83:a5:d6:2f:54:7d:85:c9:
26:f6:fd:67:20:35:f0:1e:50:70:5a:69:fe:81:54:
f1:c8:f7:88:75:9d:84:66:d0:f6:9c:a0:50:67:0e:
05:92:22:47:b8:e9:5d:3b:04:cf:c0:6a:7b:e9:8c:
ba:eb:be:42:fd:58:6c:5a:03:57:88:14:24:5f:8c:
3e:6b:06:0a:e3:0c:23:c9:7e:72:73:47:02:10:ec:
c3:97:30:61:3f:0f:5c:90:7d:3b:71:4c:a2:49:5e:
a0:9c:a2:05:c1:ec:89:03:63:24:3b:ae:3a:52:18:
25:5a:cf:80:10:d3:2c:5e:6f:96:fe:7e:60:72:08:
f1:f5:7e:1e:b2:33:56:c7:a2:b9:91:77:89:9d:6e:
20:94:86:42:a0:cb:f8:ba:87:81:ef:6e:05:5a:50:
c2:99:a3:16:7b:21:fe:87:f2:ee:cf:22:ed:3b:d0:
c7:63:b4:8f:5c:60:e6:e4:ec:2e:2c:d7:ec:eb:29:
e1:87:c1:39:38:b3:fa:9a:5a:35:6b:fc:92:89:9e:
87:de:a5:c8:3b:9e:af:3d:d9:62:47:31:83:e0:8a:
40:86:92:ce:36:91:41:5f:d2:33:2f:0c:6e:43:04:
d3:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:30:40:8D:3D:94:1D:A9:53:29:3C:D5:4F:A8:07:EF:F1:CB:D5:99
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4264c9e7-8855-4a41-950f-ef8df4425790.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.200.0.0/15
Signature Algorithm: sha256WithRSAEncryption
82:99:ed:50:5c:6d:3f:bd:74:38:cf:fa:ef:7f:78:4b:a8:7a:
81:32:45:6d:05:21:6c:50:7e:17:19:f6:11:5c:9f:a6:53:7f:
5b:ad:bc:29:5d:70:6a:3e:21:83:e8:58:70:c8:31:90:6d:0b:
7c:35:1a:c8:48:19:45:8c:67:bb:80:73:01:81:65:db:c3:e1:
55:7c:c8:97:13:22:7a:33:30:5c:98:63:2e:de:ee:8f:4d:ae:
64:6c:11:73:13:2b:55:06:8f:0c:4b:a3:f0:9b:14:72:fa:bd:
2a:d7:c4:e4:b0:d0:bc:51:71:20:97:9f:35:63:e6:ca:0a:60:
5f:a3:1d:e5:b4:3a:cd:1b:7e:31:cb:2c:48:c8:ed:aa:88:68:
0c:d8:d1:55:e3:b5:13:7f:2d:47:48:ab:27:ca:e0:46:72:6e:
c4:78:24:84:cc:51:10:cf:c4:32:0e:dc:97:22:c7:59:d4:17:
dc:71:3a:82:a0:cf:34:c5:29:e3:f1:37:3b:85:25:d1:fc:4f:
bf:80:ff:ca:60:73:a3:27:ef:0b:f8:ed:84:5f:2f:32:37:87:
5b:b1:64:93:1a:1d:8c:39:f9:8e:b3:38:39:7a:a3:2b:30:b9:
e4:e8:c9:a2:d2:6c:ce:16:7c:0d:7b:8a:b0:8b:a9:8d:a1:e2:
6a:44:1b:e1
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUFw3x2K4/CaZrS5iEjNcdYHHmp80wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMjgwNjQwMDlaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ2ODE4MGE3NzEwNjE3YTVhYThkNzVhOGY2NGY1YzkxZmM5ZjE2NDFjNWVh
Yjg3ZTE0ZmFmNTNhYTFjMjg5YWMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANpK5sDjePwuh0gtwu038ieOhn04PIOl1i9UfYXJJvb9ZyA18B5QcFpp/oFU
8cj3iHWdhGbQ9pygUGcOBZIiR7jpXTsEz8Bqe+mMuuu+Qv1YbFoDV4gUJF+MPmsG
CuMMI8l+cnNHAhDsw5cwYT8PXJB9O3FMokleoJyiBcHsiQNjJDuuOlIYJVrPgBDT
LF5vlv5+YHII8fV+HrIzVseiuZF3iZ1uIJSGQqDL+LqHge9uBVpQwpmjFnsh/ofy
7s8i7TvQx2O0j1xg5uTsLizX7Osp4YfBOTiz+ppaNWv8komeh96lyDuerz3ZYkcx
g+CKQIaSzjaRQV/SMy8MbkME01sCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSmMECN
PZQdqVMpPNVPqAfv8cvVmTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDI2NGM5ZTctODg1NS00YTQxLTk1MGYtZWY4ZGY0NDI1NzkwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPIMA0G
CSqGSIb3DQEBCwUAA4IBAQCCme1QXG0/vXQ4z/rvf3hLqHqBMkVtBSFsUH4XGfYR
XJ+mU39brbwpXXBqPiGD6FhwyDGQbQt8NRrISBlFjGe7gHMBgWXbw+FVfMiXEyJ6
MzBcmGMu3u6PTa5kbBFzEytVBo8MS6PwmxRy+r0q18TksNC8UXEgl581Y+bKCmBf
ox3ltDrNG34xyyxIyO2qiGgM2NFV47UTfy1HSKsnyuBGcm7EeCSEzFEQz8QyDtyX
IsdZ1BfccTqCoM80xSnj8Tc7hSXR/E+/gP/KYHOjJ+8L+O2EXy8yN4dbsWSTGh2M
OfmOszg5eqMrMLnk6Mmi0mzOFnwNe4qwi6mNoeJqRBvh
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:54:59 2026 by rpki-client