Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/46b220b9-837f-4174-97e6-c711958273ea.roa
File: 46b220b9-837f-4174-97e6-c711958273ea.roa (raw, json)
Hash identifier: Hk4qMoq7/sDt7bbqPjfdHqhTRDDhwOi9ttTxu4MFsCY=
Subject key identifier: 27:E7:4F:6F:F5:9C:43:6F:FE:BB:0D:05:15:60:E9:CF:01:D7:03:E2
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 695FDD6495A8E97D5D4079A6CE8AEB2BCC4D6A8D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/46b220b9-837f-4174-97e6-c711958273ea.roa
Signing time: Sat 28 Feb 2026 06:30:45 +0000
ROA not before: Sat 28 Feb 2026 06:30:45 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.78.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:5f:dd:64:95:a8:e9:7d:5d:40:79:a6:ce:8a:eb:2b:cc:4d:6a:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 28 06:30:45 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=a89fc7dc9ff7d9a76c6ea98ecaf354cb6dc3ee5f3fecf761bb614373b2ee50a5, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:d7:a4:6e:c9:e5:e7:87:68:22:ce:09:bb:a6:
0a:e7:c7:8b:9a:81:43:3d:03:b4:a9:44:14:32:72:
fd:0e:cc:f2:b3:6a:40:00:e5:f6:d4:3f:4e:60:96:
2c:ba:7e:df:32:3d:fc:6e:31:c3:ae:6d:40:86:1b:
8b:64:c7:e5:bd:f5:67:6c:ca:05:be:28:24:aa:f4:
ec:9b:44:67:42:19:71:96:a6:9d:d7:6f:5d:f7:de:
e4:3a:0f:65:1f:97:f9:fa:71:8f:e4:e6:b1:72:b1:
d5:cc:8b:1b:02:81:e9:89:82:1a:39:d5:26:1f:62:
75:39:f5:b4:00:51:2e:d4:cd:63:21:b6:27:1f:88:
ba:b8:75:88:73:ec:8d:2c:4e:34:8e:0b:4a:97:f1:
e2:1c:40:8f:cc:9a:a3:c8:0f:d1:8d:69:55:46:7f:
fc:d6:2b:6c:91:95:2f:bf:93:d7:8b:fd:bc:26:ed:
a2:e6:2c:62:dd:74:98:98:dc:74:b6:8a:1f:39:24:
18:f3:45:cf:e5:6b:0e:ff:78:17:fc:81:61:90:2d:
6d:35:45:e3:cd:e6:ee:68:c1:13:e2:51:11:63:b5:
41:ec:68:fd:b5:0f:ad:d4:f1:76:8e:65:ad:e6:27:
1f:39:10:ea:cb:9f:db:d6:ea:69:15:c7:1a:46:99:
64:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:E7:4F:6F:F5:9C:43:6F:FE:BB:0D:05:15:60:E9:CF:01:D7:03:E2
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/46b220b9-837f-4174-97e6-c711958273ea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.78.0.0/16
Signature Algorithm: sha256WithRSAEncryption
05:30:94:8a:40:ee:81:f8:39:1f:28:6f:30:76:c7:41:0e:69:
41:28:ec:fe:af:04:0d:74:39:0d:78:2c:3d:ad:44:c4:f0:3e:
b2:a1:28:11:db:3c:c3:6f:4d:89:17:e2:71:2d:2a:75:8a:fb:
f3:0b:1b:48:d6:89:9e:cd:f6:bc:7e:dd:d6:75:85:c2:4a:fc:
9a:3d:d4:95:89:e0:3d:6b:1f:40:61:2e:6f:dd:77:00:a1:33:
5e:73:b6:05:b2:93:1e:07:48:94:34:b3:a6:19:4b:1f:68:d5:
46:8c:3e:7e:0c:ba:52:98:32:4d:65:ea:7d:e2:df:b3:cc:3e:
ad:e8:1f:0b:70:b6:1a:95:59:91:8f:b2:fd:20:d0:e2:25:90:
1e:5f:fc:26:be:55:10:3b:ff:ea:98:0c:65:06:07:9d:f6:ae:
2a:b2:9a:0a:1e:ba:8f:7f:40:f6:8d:48:19:35:51:3a:b8:09:
04:d0:40:5b:fd:a5:b8:40:f3:e1:e3:71:ef:cf:ac:e7:f9:85:
36:6f:b7:64:b5:3b:d2:f6:b7:d6:07:4f:1a:6e:62:93:c0:c1:
d7:e9:9d:61:36:f6:2f:c6:e0:b4:2b:e3:ef:e7:07:4d:c0:8d:
e4:9f:23:97:d1:65:b5:ed:e9:a1:82:7a:3c:50:b3:9e:36:6d:
a8:8d:df:fd
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUaV/dZJWo6X1dQHmmzorrK8xNao0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMjgwNjMwNDVaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGE4OWZjN2RjOWZmN2Q5YTc2YzZlYTk4ZWNhZjM1NGNiNmRjM2VlNWYzZmVj
Zjc2MWJiNjE0MzczYjJlZTUwYTUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANrXpG7J5eeHaCLOCbumCufHi5qBQz0DtKlEFDJy/Q7M8rNqQADl9tQ/TmCW
LLp+3zI9/G4xw65tQIYbi2TH5b31Z2zKBb4oJKr07JtEZ0IZcZamnddvXffe5DoP
ZR+X+fpxj+TmsXKx1cyLGwKB6YmCGjnVJh9idTn1tABRLtTNYyG2Jx+Iurh1iHPs
jSxONI4LSpfx4hxAj8yao8gP0Y1pVUZ//NYrbJGVL7+T14v9vCbtouYsYt10mJjc
dLaKHzkkGPNFz+VrDv94F/yBYZAtbTVF483m7mjBE+JREWO1Qexo/bUPrdTxdo5l
reYnHzkQ6suf29bqaRXHGkaZZH8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQn509v
9ZxDb/67DQUVYOnPAdcD4jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDZiMjIwYjktODM3Zi00MTc0LTk3ZTYtYzcxMTk1ODI3M2VhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNOMA0G
CSqGSIb3DQEBCwUAA4IBAQAFMJSKQO6B+DkfKG8wdsdBDmlBKOz+rwQNdDkNeCw9
rUTE8D6yoSgR2zzDb02JF+JxLSp1ivvzCxtI1omezfa8ft3WdYXCSvyaPdSVieA9
ax9AYS5v3XcAoTNec7YFspMeB0iUNLOmGUsfaNVGjD5+DLpSmDJNZep94t+zzD6t
6B8LcLYalVmRj7L9INDiJZAeX/wmvlUQO//qmAxlBged9q4qspoKHrqPf0D2jUgZ
NVE6uAkE0EBb/aW4QPPh43Hvz6zn+YU2b7dktTvS9rfWB08abmKTwMHX6Z1hNvYv
xuC0K+Pv5wdNwI3knyOX0WW17emhgno8ULOeNm2ojd/9
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:55:06 2026 by rpki-client