Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/444db014-8d2a-4c59-af9c-399bacab4f3f.roa
File: 444db014-8d2a-4c59-af9c-399bacab4f3f.roa (raw, json)
Hash identifier: vy3JrJbP/zR79N3zeLmNMK7DkQBkjIA1gRE2J2VMsTA=
Subject key identifier: BA:9F:4C:70:11:22:98:EF:AE:86:D1:D1:BF:6C:21:3E:C9:65:4F:78
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1F8E1756DC39BBF0A81AF75AAAF21C7B27FCAF5C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/444db014-8d2a-4c59-af9c-399bacab4f3f.roa
Signing time: Sat 28 Feb 2026 06:40:48 +0000
ROA not before: Sat 28 Feb 2026 06:40:48 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.156.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:8e:17:56:dc:39:bb:f0:a8:1a:f7:5a:aa:f2:1c:7b:27:fc:af:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 28 06:40:48 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=a1c942118c8b0f0903ec331ed4f654ef7daba94281c4bc4c4ab2aa47a479bf51, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:54:de:67:f4:cf:58:63:0b:28:ad:a0:9a:2c:
f3:0f:c2:51:b0:93:11:84:43:54:5a:63:65:99:eb:
a3:7d:33:4d:60:20:3a:d8:8d:ea:62:7e:9d:4a:f4:
64:4f:23:fb:1c:b1:8c:42:b4:3a:8d:1c:49:1f:8f:
aa:1e:3c:af:d2:85:5b:df:3c:0f:c9:4b:87:24:17:
07:86:a5:57:ad:0a:e3:2e:0a:78:30:3f:e9:bf:41:
9b:de:e2:fd:b7:ba:c1:f6:79:ca:64:4a:d1:8d:f1:
ef:b3:c1:b7:fd:b3:58:2d:99:e6:92:bd:99:2e:de:
09:44:af:86:74:bd:c6:47:b7:92:08:b4:51:c2:7b:
52:c2:49:4a:9d:43:e5:93:33:fc:41:54:2b:09:ad:
95:a0:87:2d:81:6b:48:4a:f5:ac:fe:70:58:01:43:
67:db:8d:f4:cd:a2:0b:2d:6b:1c:d6:a5:f0:cb:11:
6a:c4:03:44:1f:3d:e0:52:27:6a:11:8c:da:57:a9:
1c:bb:c1:2b:3a:30:35:1d:82:7c:ac:cc:17:34:55:
92:cf:75:15:61:f1:8e:01:3a:db:50:7c:47:ea:59:
6c:9f:65:ae:72:72:12:e1:b4:14:c2:2c:af:27:e5:
5f:52:6f:d7:2c:7c:dc:d3:8a:0d:27:1c:ba:28:83:
e9:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:9F:4C:70:11:22:98:EF:AE:86:D1:D1:BF:6C:21:3E:C9:65:4F:78
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/444db014-8d2a-4c59-af9c-399bacab4f3f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.156.0.0/15
Signature Algorithm: sha256WithRSAEncryption
7d:41:91:91:3c:46:60:ee:1c:95:60:e1:a7:93:a4:08:c7:ca:
c4:8e:c7:27:10:32:1a:68:90:38:b0:f6:2c:bb:18:7b:73:b8:
b5:15:a5:3d:60:0c:97:24:82:73:7d:f5:e7:16:cc:fa:63:9e:
2e:c7:69:fa:05:4d:55:8b:c0:b6:92:7e:af:b6:51:1b:61:ad:
d6:af:33:69:21:6e:42:7c:75:a0:75:26:a9:66:30:e4:90:84:
55:ba:1a:37:6b:67:38:00:f8:07:53:8c:aa:28:7f:27:fa:82:
d9:6d:15:b2:59:5c:e8:eb:80:87:ef:10:ea:1a:88:a9:fb:4b:
92:5f:58:f9:5d:25:3f:56:9d:10:5c:0d:6b:db:ab:8e:2f:48:
0b:dc:4a:3a:8b:ce:fa:13:6e:10:99:41:9c:ff:b4:65:08:a7:
f4:1e:5a:e2:27:85:c5:31:2b:f1:21:aa:97:1e:20:65:37:d1:
ea:bd:e0:f9:d1:1b:95:d6:61:56:3e:a5:00:83:ed:fe:ca:d8:
98:af:55:b5:f2:9e:d6:8d:34:06:4a:31:b5:10:69:cc:b3:52:
49:49:5f:7b:25:ee:5e:eb:15:5b:53:bf:10:1e:e1:61:be:f2:
9a:9c:24:39:06:17:a1:fd:8f:f7:cb:63:b4:2b:cb:df:f1:d1:
3d:11:64:2a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUH44XVtw5u/CoGvdaqvIceyf8r1wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMjgwNjQwNDhaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGExYzk0MjExOGM4YjBmMDkwM2VjMzMxZWQ0ZjY1NGVmN2RhYmE5NDI4MWM0
YmM0YzRhYjJhYTQ3YTQ3OWJmNTExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANpU3mf0z1hjCyitoJos8w/CUbCTEYRDVFpjZZnro30zTWAgOtiN6mJ+nUr0
ZE8j+xyxjEK0Oo0cSR+Pqh48r9KFW988D8lLhyQXB4alV60K4y4KeDA/6b9Bm97i
/be6wfZ5ymRK0Y3x77PBt/2zWC2Z5pK9mS7eCUSvhnS9xke3kgi0UcJ7UsJJSp1D
5ZMz/EFUKwmtlaCHLYFrSEr1rP5wWAFDZ9uN9M2iCy1rHNal8MsRasQDRB894FIn
ahGM2lepHLvBKzowNR2CfKzMFzRVks91FWHxjgE621B8R+pZbJ9lrnJyEuG0FMIs
ryflX1Jv1yx83NOKDSccuiiD6ckCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS6n0xw
ESKY766G0dG/bCE+yWVPeDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDQ0ZGIwMTQtOGQyYS00YzU5LWFmOWMtMzk5YmFjYWI0ZjNmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOcMA0G
CSqGSIb3DQEBCwUAA4IBAQB9QZGRPEZg7hyVYOGnk6QIx8rEjscnEDIaaJA4sPYs
uxh7c7i1FaU9YAyXJIJzffXnFsz6Y54ux2n6BU1Vi8C2kn6vtlEbYa3WrzNpIW5C
fHWgdSapZjDkkIRVuho3a2c4APgHU4yqKH8n+oLZbRWyWVzo64CH7xDqGoip+0uS
X1j5XSU/Vp0QXA1r26uOL0gL3Eo6i876E24QmUGc/7RlCKf0HlriJ4XFMSvxIaqX
HiBlN9HqveD50RuV1mFWPqUAg+3+ytiYr1W18p7WjTQGSjG1EGnMs1JJSV97Je5e
6xVbU78QHuFhvvKanCQ5Bheh/Y/3y2O0K8vf8dE9EWQq
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:46:42 2026 by rpki-client