Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/444db014-8d2a-4c59-af9c-399bacab4f3f.roa
File: 444db014-8d2a-4c59-af9c-399bacab4f3f.roa (raw, json)
Hash identifier: f5mYy2Nhmr+KvktKVzeusEHHKMnLKUU1F0y7ADObQhI=
Subject key identifier: E8:E8:3B:ED:23:9A:28:B5:CA:B8:57:02:00:78:82:37:13:98:F8:E2
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7DF5D51790DB105F46876DFB97C852B1A771CE4E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/444db014-8d2a-4c59-af9c-399bacab4f3f.roa
Signing time: Tue 19 May 2026 06:00:09 +0000
ROA not before: Tue 19 May 2026 06:00:09 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.156.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:f5:d5:17:90:db:10:5f:46:87:6d:fb:97:c8:52:b1:a7:71:ce:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 06:00:09 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=d61eb918d65bafdfa086e744335880f591b9dae78168cface8af668b6cdf1482, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:d5:6e:f0:64:1d:7f:13:92:87:2d:05:38:06:
09:03:24:72:e4:03:0e:1d:bc:7a:7a:de:b1:d5:82:
b5:8d:19:3a:e6:05:6c:b1:e4:79:ee:54:71:55:b7:
bc:61:83:3f:35:75:e1:e7:64:25:e8:ff:a9:63:e5:
8e:27:15:ad:e0:39:b7:4b:e2:5f:ef:9a:1f:0c:db:
74:9c:ed:57:c0:ee:ca:9d:43:38:fe:b7:09:0d:52:
71:87:01:37:40:34:0b:ba:77:2b:3b:00:db:ee:1b:
0b:fb:a3:1f:fa:55:d3:d2:90:1e:b3:f1:29:4a:8d:
55:40:27:30:f7:d1:13:1b:4a:05:ee:5c:43:3f:23:
d6:d5:5c:00:2f:73:ca:ef:ef:67:b6:f2:48:4d:f7:
f0:51:80:bf:97:bf:d4:9a:c6:65:a9:b5:5e:e7:fc:
14:ad:7e:23:36:8c:1a:7f:65:85:61:a0:76:ad:83:
89:82:1e:c9:3a:9a:e9:9b:3c:d6:08:23:f1:96:40:
85:97:f5:37:5b:4b:5a:0f:59:c3:d4:eb:c3:af:62:
3c:65:f8:0b:9d:91:38:a7:02:b4:f5:a9:0e:20:6d:
24:c4:fd:10:3c:0a:93:92:41:9f:c0:5b:a0:fb:f4:
36:30:44:5a:5f:18:32:2f:05:27:67:25:f3:c8:56:
f0:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:E8:3B:ED:23:9A:28:B5:CA:B8:57:02:00:78:82:37:13:98:F8:E2
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/444db014-8d2a-4c59-af9c-399bacab4f3f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.156.0.0/15
Signature Algorithm: sha256WithRSAEncryption
39:07:2b:ba:14:cb:d5:2f:b7:31:0b:04:51:d7:56:5d:46:2b:
ef:ed:9e:87:df:eb:1b:31:92:d7:2b:95:f0:8e:74:44:34:da:
84:24:8d:93:60:eb:27:24:ab:cc:d9:fa:4e:89:91:29:74:92:
d4:79:86:0f:11:bd:15:e1:f4:c0:01:98:20:e0:b1:17:94:3d:
48:d1:a1:a0:4b:d6:e0:71:35:6e:10:f7:6d:3b:68:18:29:9a:
aa:22:98:ec:b5:a3:46:8e:99:4e:55:e4:ed:7f:89:8e:ce:0a:
de:66:eb:7f:58:79:0a:33:2a:31:43:c6:c7:f9:31:98:4f:fc:
eb:10:6b:9a:2b:fc:f1:8b:2c:45:25:24:26:07:71:18:c7:7e:
f5:e2:7e:ab:75:29:23:66:c7:6f:99:64:8d:b9:47:11:5a:15:
d4:7c:7f:20:b4:56:76:b4:3f:06:d5:1a:a4:92:60:a9:43:1c:
c3:8b:e9:85:82:e7:87:cd:e7:98:b6:85:8e:b6:4f:d9:8f:b7:
18:83:eb:27:50:bb:92:95:24:15:94:d7:92:ee:ee:91:9e:50:
36:4f:8f:1c:06:82:e3:21:5a:bf:e4:bf:93:e2:86:40:1f:c2:
3d:75:b3:59:80:00:4f:ed:54:f2:86:9b:1a:23:26:c9:7c:c3:
18:f3:5f:82
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUffXVF5DbEF9Gh237l8hSsadxzk4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNjAwMDlaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ2MWViOTE4ZDY1YmFmZGZhMDg2ZTc0NDMzNTg4MGY1OTFiOWRhZTc4MTY4
Y2ZhY2U4YWY2NjhiNmNkZjE0ODIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIzVbvBkHX8TkoctBTgGCQMkcuQDDh28enresdWCtY0ZOuYFbLHkee5UcVW3
vGGDPzV14edkJej/qWPljicVreA5t0viX++aHwzbdJztV8Duyp1DOP63CQ1ScYcB
N0A0C7p3KzsA2+4bC/ujH/pV09KQHrPxKUqNVUAnMPfRExtKBe5cQz8j1tVcAC9z
yu/vZ7bySE338FGAv5e/1JrGZam1Xuf8FK1+IzaMGn9lhWGgdq2DiYIeyTqa6Zs8
1ggj8ZZAhZf1N1tLWg9Zw9Trw69iPGX4C52ROKcCtPWpDiBtJMT9EDwKk5JBn8Bb
oPv0NjBEWl8YMi8FJ2cl88hW8LECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTo6Dvt
I5ootcq4VwIAeII3E5j44jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDQ0ZGIwMTQtOGQyYS00YzU5LWFmOWMtMzk5YmFjYWI0ZjNmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOcMA0G
CSqGSIb3DQEBCwUAA4IBAQA5Byu6FMvVL7cxCwRR11ZdRivv7Z6H3+sbMZLXK5Xw
jnRENNqEJI2TYOsnJKvM2fpOiZEpdJLUeYYPEb0V4fTAAZgg4LEXlD1I0aGgS9bg
cTVuEPdtO2gYKZqqIpjstaNGjplOVeTtf4mOzgreZut/WHkKMyoxQ8bH+TGYT/zr
EGuaK/zxiyxFJSQmB3EYx3714n6rdSkjZsdvmWSNuUcRWhXUfH8gtFZ2tD8G1Rqk
kmCpQxzDi+mFgueHzeeYtoWOtk/Zj7cYg+snULuSlSQVlNeS7u6RnlA2T48cBoLj
IVq/5L+T4oZAH8I9dbNZgABP7VTyhpsaIybJfMMY81+C
-----END CERTIFICATE-----
Generated at Sat Jun 13 11:34:18 2026 by rpki-client