Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/42efa1a8-f804-47c5-8a3d-6f3ea05e1a5b.roa
File: 42efa1a8-f804-47c5-8a3d-6f3ea05e1a5b.roa (raw, json)
Hash identifier: kAjDX0ZFLnzdn1kN0uxjvFtEGfEiAJ592uGnEaTkFfw=
Subject key identifier: C8:E4:C0:81:E0:14:BC:19:55:43:18:43:63:64:D8:EA:68:A4:AE:CF
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7478C2EC729258AB67D0FF8EA59D1E1B5FF735EA
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/42efa1a8-f804-47c5-8a3d-6f3ea05e1a5b.roa
Signing time: Sat 28 Feb 2026 06:40:37 +0000
ROA not before: Sat 28 Feb 2026 06:40:37 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.164.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:78:c2:ec:72:92:58:ab:67:d0:ff:8e:a5:9d:1e:1b:5f:f7:35:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 28 06:40:37 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=b39a973de7506383ea833688965b1b8a44de685aefdc7dd07710debc5b665a5b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:e5:7a:0d:4f:bc:41:40:53:5a:cb:c4:3b:47:
92:da:f3:cb:8c:b3:25:a9:db:3c:da:59:75:85:08:
dd:a1:10:26:51:81:d0:7d:10:10:8b:19:84:52:28:
2d:81:e9:b0:c6:85:ef:95:f6:0c:70:45:f6:26:55:
a3:83:33:2d:74:9f:5e:c1:d4:c9:b5:54:99:96:b6:
ef:0a:6a:46:89:2f:aa:cb:a1:e8:7d:a4:0b:3b:1f:
4f:b7:0a:f2:fc:e3:33:5b:f1:c5:06:20:b9:4d:ea:
e2:83:30:33:04:45:f4:fd:04:0a:91:34:74:a8:c4:
cb:4b:9a:c1:b6:a4:72:64:dc:94:f5:a6:d2:ee:01:
4c:06:6a:ec:f6:e9:18:ca:93:45:ed:81:c3:36:32:
1f:e5:af:dc:95:0d:10:d0:5c:46:f5:a5:b8:a0:ab:
04:3f:5c:4c:d3:6f:04:83:45:fd:c9:74:7d:6c:40:
aa:8c:f3:6a:5f:06:10:00:0c:04:b5:3a:d2:3e:6a:
84:bb:5a:b1:3c:04:e6:a7:b3:df:5a:07:49:e7:ae:
04:b7:1a:ad:fd:94:43:13:92:36:6b:47:c4:e3:c2:
e3:24:f2:52:6d:61:e1:a2:cd:b7:e2:7f:02:31:2a:
2b:34:d3:60:f3:ff:1b:72:24:98:b7:69:6a:cc:94:
37:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:E4:C0:81:E0:14:BC:19:55:43:18:43:63:64:D8:EA:68:A4:AE:CF
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/42efa1a8-f804-47c5-8a3d-6f3ea05e1a5b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.164.0.0/15
Signature Algorithm: sha256WithRSAEncryption
39:ac:85:26:d4:98:9e:39:ab:c9:fe:e5:f9:f7:65:69:a2:ce:
8e:65:50:03:55:b1:00:a4:e7:c6:87:f5:e1:4e:36:e6:64:4a:
12:5c:59:ea:2f:88:d5:c7:db:43:28:47:2b:5c:3e:45:14:f1:
3d:32:8f:dd:36:72:c8:0e:53:4c:5f:ac:f9:ba:a2:84:c0:e0:
96:f7:9e:e8:de:04:05:77:c5:31:bb:80:ec:26:04:51:34:6e:
c7:e4:05:43:dc:84:62:f5:ac:dc:bd:d0:cf:76:8f:2f:a7:21:
81:f2:b8:c8:ca:7c:d0:a9:9d:af:94:37:01:ef:2f:8a:cf:e2:
31:1c:12:7e:2e:28:3c:12:0f:a5:50:c8:b1:ee:6a:55:c8:d1:
7d:1d:14:ed:72:78:3e:94:e3:15:3d:34:64:0e:0f:0d:1e:b5:
4a:68:87:f7:8f:eb:5d:53:f9:e9:93:d6:00:50:5c:2e:3f:93:
09:31:0d:77:78:5d:08:27:a0:67:26:26:fd:24:2b:ea:3d:65:
0f:e4:42:be:51:c8:c0:0d:04:19:3b:13:3c:19:f1:50:fb:8d:
86:4c:9d:47:8f:18:90:10:62:c3:0b:80:e3:02:84:49:e2:c8:
50:b3:a0:11:55:d4:55:26:c5:48:a2:e5:a7:a7:0e:6d:69:df:
05:b4:08:01
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUdHjC7HKSWKtn0P+OpZ0eG1/3NeowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMjgwNjQwMzdaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGIzOWE5NzNkZTc1MDYzODNlYTgzMzY4ODk2NWIxYjhhNDRkZTY4NWFlZmRj
N2RkMDc3MTBkZWJjNWI2NjVhNWIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANbleg1PvEFAU1rLxDtHktrzy4yzJanbPNpZdYUI3aEQJlGB0H0QEIsZhFIo
LYHpsMaF75X2DHBF9iZVo4MzLXSfXsHUybVUmZa27wpqRokvqsuh6H2kCzsfT7cK
8vzjM1vxxQYguU3q4oMwMwRF9P0ECpE0dKjEy0uawbakcmTclPWm0u4BTAZq7Pbp
GMqTRe2BwzYyH+Wv3JUNENBcRvWluKCrBD9cTNNvBINF/cl0fWxAqozzal8GEAAM
BLU60j5qhLtasTwE5qez31oHSeeuBLcarf2UQxOSNmtHxOPC4yTyUm1h4aLNt+J/
AjEqKzTTYPP/G3IkmLdpasyUN1kCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTI5MCB
4BS8GVVDGENjZNjqaKSuzzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDJlZmExYTgtZjgwNC00N2M1LThhM2QtNmYzZWEwNWUxYTViLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOkMA0G
CSqGSIb3DQEBCwUAA4IBAQA5rIUm1JieOavJ/uX592Vpos6OZVADVbEApOfGh/Xh
TjbmZEoSXFnqL4jVx9tDKEcrXD5FFPE9Mo/dNnLIDlNMX6z5uqKEwOCW957o3gQF
d8Uxu4DsJgRRNG7H5AVD3IRi9azcvdDPdo8vpyGB8rjIynzQqZ2vlDcB7y+Kz+Ix
HBJ+Lig8Eg+lUMix7mpVyNF9HRTtcng+lOMVPTRkDg8NHrVKaIf3j+tdU/npk9YA
UFwuP5MJMQ13eF0IJ6BnJib9JCvqPWUP5EK+UcjADQQZOxM8GfFQ+42GTJ1HjxiQ
EGLDC4DjAoRJ4shQs6ARVdRVJsVIouWnpw5tad8FtAgB
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:53:23 2026 by rpki-client