Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44bb00cc-3dee-4cf6-8de9-2febfa0f0f6d.roa
File: 44bb00cc-3dee-4cf6-8de9-2febfa0f0f6d.roa (raw, json)
Hash identifier: 0ZLNOxV7b7RA64pDD23o/9wJkI1dtZWj8TEilOSLLEk=
Subject key identifier: 7C:02:5E:5A:82:9E:82:EA:1B:F4:DD:DE:0E:C9:53:EB:CA:DC:95:13
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5E0E1A5416926A4AD46BBF011B64C5D54788DD88
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44bb00cc-3dee-4cf6-8de9-2febfa0f0f6d.roa
Signing time: Fri 13 Feb 2026 15:30:42 +0000
ROA not before: Fri 13 Feb 2026 15:30:42 +0000
ROA not after: Thu 14 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.244.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:0e:1a:54:16:92:6a:4a:d4:6b:bf:01:1b:64:c5:d5:47:88:dd:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 13 15:30:42 2026 GMT
Not After : May 14 23:59:59 2026 GMT
Subject: serialNumber=cd8fdc46a7566230ebe9cabbcd43af1461a98f4b95b139dac4385fc73458e012, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:a3:f1:22:77:21:f7:ba:8e:17:97:6b:96:50:
1b:96:a9:cf:57:4b:37:ad:39:22:43:37:7e:f5:15:
92:2a:a0:d3:e9:d4:0a:61:87:03:06:27:21:19:04:
44:d9:68:c4:bc:b4:61:1d:26:9e:4b:66:1e:05:97:
bc:77:d4:b1:bb:04:08:64:18:dc:56:5e:7d:b6:b8:
4b:61:c9:0c:e4:b0:95:4f:a0:cd:11:29:1a:c4:1d:
98:70:3a:89:45:dd:ef:25:a2:04:8e:e6:b4:48:61:
22:e0:c6:e8:46:99:2f:83:4e:2c:f8:28:eb:89:ba:
a5:e9:9b:6b:ce:b2:7a:d3:94:7e:72:ed:84:2c:33:
73:2e:47:70:d3:d5:3a:50:cd:32:5e:00:7a:6c:25:
21:e1:5d:8d:ee:c2:09:cb:b3:b4:22:5c:d6:3a:f4:
2b:ee:24:86:98:6e:df:35:f1:9e:4c:53:06:f3:29:
45:f0:0b:15:54:0f:58:f5:fc:f7:52:2a:e1:1d:f0:
7f:46:e6:c3:d1:37:5d:f3:cc:a1:e5:02:e5:b1:81:
3a:47:06:52:77:6c:50:8f:31:8d:7c:ca:e7:86:90:
0f:f2:be:0c:90:b4:0e:58:0d:67:b4:1a:23:67:52:
b2:56:af:5f:ba:37:3f:6b:2d:fe:08:e2:3a:c9:87:
9d:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:02:5E:5A:82:9E:82:EA:1B:F4:DD:DE:0E:C9:53:EB:CA:DC:95:13
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44bb00cc-3dee-4cf6-8de9-2febfa0f0f6d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.244.0.0/15
Signature Algorithm: sha256WithRSAEncryption
a5:81:b3:ca:b3:c3:b6:94:6d:53:f5:25:fe:a5:3d:a8:aa:1d:
d9:25:12:90:57:f6:03:45:96:d6:70:a7:0b:5b:6c:b1:2a:a7:
5a:99:cb:df:c3:15:73:9d:a4:aa:fe:55:48:ba:28:d5:6b:45:
8a:8d:c4:85:5f:69:1f:ca:57:01:57:6f:1e:c3:31:3a:28:83:
a6:69:e8:34:b4:6e:b0:61:5a:a6:05:8e:56:51:45:90:60:d7:
38:44:e0:1d:6c:b3:9e:7c:e8:ff:e3:97:6e:01:e5:08:cb:5c:
e3:65:d2:4f:bd:07:3a:c6:82:a5:b2:89:1e:6c:a3:fe:40:62:
d3:c4:f5:2c:71:2a:68:6d:21:e9:9e:8d:e3:26:6c:7c:76:c0:
05:5c:c5:1c:9b:22:a4:10:a7:1d:2d:79:65:36:f6:99:c9:b9:
2f:9f:a8:a4:38:1c:4a:e6:85:1a:b4:73:12:93:5d:4c:a3:45:
f2:71:4e:25:a4:bd:35:bd:79:1b:cf:eb:96:4a:7a:56:5d:5a:
8a:df:74:e3:64:41:e8:35:09:6c:8a:f3:28:f3:22:71:8c:9b:
ee:56:cc:bd:02:f9:ac:d3:a2:37:76:8d:ea:6f:c4:fc:d1:9e:
86:7a:6b:90:79:6a:2e:77:22:a8:2f:c5:6e:5a:03:cc:de:0f:
8e:21:32:91
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUXg4aVBaSakrUa78BG2TF1UeI3YgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMTMxNTMwNDJaFw0yNjA1MTQyMzU5NTlaMHoxSTBHBgNV
BAUTQGNkOGZkYzQ2YTc1NjYyMzBlYmU5Y2FiYmNkNDNhZjE0NjFhOThmNGI5NWIx
MzlkYWM0Mzg1ZmM3MzQ1OGUwMTIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANyj8SJ3Ife6jheXa5ZQG5apz1dLN605IkM3fvUVkiqg0+nUCmGHAwYnIRkE
RNloxLy0YR0mnktmHgWXvHfUsbsECGQY3FZefba4S2HJDOSwlU+gzREpGsQdmHA6
iUXd7yWiBI7mtEhhIuDG6EaZL4NOLPgo64m6pemba86yetOUfnLthCwzcy5HcNPV
OlDNMl4AemwlIeFdje7CCcuztCJc1jr0K+4khphu3zXxnkxTBvMpRfALFVQPWPX8
91Iq4R3wf0bmw9E3XfPMoeUC5bGBOkcGUndsUI8xjXzK54aQD/K+DJC0DlgNZ7Qa
I2dSslavX7o3P2st/gjiOsmHnZsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR8Al5a
gp6C6hv03d4OyVPrytyVEzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDRiYjAwY2MtM2RlZS00Y2Y2LThkZTktMmZlYmZhMGYwZjZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATP0MA0G
CSqGSIb3DQEBCwUAA4IBAQClgbPKs8O2lG1T9SX+pT2oqh3ZJRKQV/YDRZbWcKcL
W2yxKqdamcvfwxVznaSq/lVIuijVa0WKjcSFX2kfylcBV28ewzE6KIOmaeg0tG6w
YVqmBY5WUUWQYNc4ROAdbLOefOj/45duAeUIy1zjZdJPvQc6xoKlsokebKP+QGLT
xPUscSpobSHpno3jJmx8dsAFXMUcmyKkEKcdLXllNvaZybkvn6ikOBxK5oUatHMS
k11Mo0XycU4lpL01vXkbz+uWSnpWXVqK33TjZEHoNQlsivMo8yJxjJvuVsy9Avms
06I3do3qb8T80Z6GemuQeWoudyKoL8VuWgPM3g+OITKR
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:00:35 2026 by rpki-client