Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/46eb8bb9-8a91-491d-8f3f-9cc4afcf5ecd.roa
File: 46eb8bb9-8a91-491d-8f3f-9cc4afcf5ecd.roa (raw, json)
Hash identifier: H3KzvxCltspJGd8jDkqdOUKRT3g7lwm3Tv2T0ISYiyE=
Subject key identifier: 5C:09:24:A9:D7:F2:F6:04:22:78:8E:FD:AB:DF:67:45:D2:54:19:8A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7439653709B33BA37BD0A29D2C6F1D49F5F47E81
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/46eb8bb9-8a91-491d-8f3f-9cc4afcf5ecd.roa
Signing time: Fri 13 Feb 2026 15:30:12 +0000
ROA not before: Fri 13 Feb 2026 15:30:12 +0000
ROA not after: Thu 14 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.108.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:39:65:37:09:b3:3b:a3:7b:d0:a2:9d:2c:6f:1d:49:f5:f4:7e:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 13 15:30:12 2026 GMT
Not After : May 14 23:59:59 2026 GMT
Subject: serialNumber=3417523510877030126c23eb113c56ad4ef4b2d36326c605350324de1022d148, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:eb:5c:e6:a9:56:e9:d2:55:33:27:43:be:91:
3c:d5:52:68:6e:f6:fc:fe:62:7c:46:55:69:3b:53:
4f:84:b7:51:c3:b3:70:45:56:73:e5:5b:3a:fc:bc:
6f:26:75:ea:85:82:a8:33:cf:3a:e8:db:4a:d6:e9:
c9:6d:0e:11:bb:d1:fe:28:c6:a7:bd:ce:cf:89:97:
d3:a9:1f:d5:84:b0:d4:a4:3d:2d:e6:c8:0b:8b:bd:
52:23:96:64:58:50:b0:0b:8b:c1:57:9b:e6:e6:b1:
07:de:a7:b5:6b:b6:5c:7e:41:25:61:66:02:e8:65:
51:0a:3d:fc:c7:3e:43:ae:25:84:8e:95:04:5a:ff:
70:c5:4a:41:ae:eb:14:f1:db:e5:3e:40:7e:99:e2:
62:f7:12:be:30:a5:cd:04:83:d8:eb:b2:3c:d4:2f:
01:bf:4b:3f:c0:90:e2:e1:88:95:42:1b:99:d4:2e:
51:a8:95:03:1a:fa:7d:e6:3b:61:99:a7:9c:d6:b3:
7c:b7:70:63:b6:42:7a:f7:85:4d:4e:07:0e:19:de:
b4:3e:8e:76:16:18:9e:bc:56:c6:dc:7a:bb:99:bb:
2c:7e:c4:65:bc:db:8d:ce:4d:31:01:f9:9c:4c:11:
75:5c:96:71:fe:3b:b1:92:62:ab:a9:ba:92:5f:4e:
ab:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:09:24:A9:D7:F2:F6:04:22:78:8E:FD:AB:DF:67:45:D2:54:19:8A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/46eb8bb9-8a91-491d-8f3f-9cc4afcf5ecd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.108.0.0/16
Signature Algorithm: sha256WithRSAEncryption
11:08:61:e4:60:ae:a7:18:ae:a4:21:22:f4:df:3c:d6:f7:93:
21:b8:11:71:dc:b0:f6:5a:49:7e:62:6a:84:cf:86:d7:c7:55:
74:c9:a9:2a:3e:b7:c2:e9:35:9c:57:64:de:f9:6d:dc:22:5a:
69:38:18:e5:b8:a8:26:32:f6:28:4a:23:d6:2e:6e:3d:84:49:
47:5d:72:af:43:a2:65:bd:8e:c6:af:8d:b2:f0:9e:01:73:4e:
12:47:60:2e:8d:07:ad:ad:22:4c:2b:01:5a:25:ac:81:26:66:
c6:b6:09:81:0e:9d:3d:ae:03:53:5c:be:71:b2:e0:18:97:3d:
8a:c2:55:4a:83:b5:e5:89:6d:2e:7f:5a:d8:8b:c3:fa:2c:68:
4c:6f:fd:d3:3c:da:65:a7:36:9e:f1:cd:88:0a:b7:d3:35:89:
2e:38:a5:f2:41:09:d2:1e:b8:5d:bc:d1:22:b7:5b:7e:32:19:
e7:8c:48:b2:e0:40:45:b0:82:9d:1b:0f:9c:93:64:75:22:85:
ad:8f:04:f0:2a:7e:e2:5d:a6:9b:65:39:a1:97:f0:0e:52:cc:
6d:ab:23:34:12:19:a5:96:40:42:5c:26:87:5c:c3:bf:3c:e6:
34:b1:8a:21:76:6b:96:50:51:82:95:bb:00:e8:f7:c5:8b:bc:
73:15:b4:5b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUdDllNwmzO6N70KKdLG8dSfX0foEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMTMxNTMwMTJaFw0yNjA1MTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDM0MTc1MjM1MTA4NzcwMzAxMjZjMjNlYjExM2M1NmFkNGVmNGIyZDM2MzI2
YzYwNTM1MDMyNGRlMTAyMmQxNDgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ3rXOapVunSVTMnQ76RPNVSaG72/P5ifEZVaTtTT4S3UcOzcEVWc+VbOvy8
byZ16oWCqDPPOujbStbpyW0OEbvR/ijGp73Oz4mX06kf1YSw1KQ9LebIC4u9UiOW
ZFhQsAuLwVeb5uaxB96ntWu2XH5BJWFmAuhlUQo9/Mc+Q64lhI6VBFr/cMVKQa7r
FPHb5T5AfpniYvcSvjClzQSD2OuyPNQvAb9LP8CQ4uGIlUIbmdQuUaiVAxr6feY7
YZmnnNazfLdwY7ZCeveFTU4HDhnetD6OdhYYnrxWxtx6u5m7LH7EZbzbjc5NMQH5
nEwRdVyWcf47sZJiq6m6kl9Oq0ECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRcCSSp
1/L2BCJ4jv2r32dF0lQZijAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDZlYjhiYjktOGE5MS00OTFkLThmM2YtOWNjNGFmY2Y1ZWNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNsMA0G
CSqGSIb3DQEBCwUAA4IBAQARCGHkYK6nGK6kISL03zzW95MhuBFx3LD2Wkl+YmqE
z4bXx1V0yakqPrfC6TWcV2Te+W3cIlppOBjluKgmMvYoSiPWLm49hElHXXKvQ6Jl
vY7Gr42y8J4Bc04SR2AujQetrSJMKwFaJayBJmbGtgmBDp09rgNTXL5xsuAYlz2K
wlVKg7XliW0uf1rYi8P6LGhMb/3TPNplpzae8c2ICrfTNYkuOKXyQQnSHrhdvNEi
t1t+MhnnjEiy4EBFsIKdGw+ck2R1IoWtjwTwKn7iXaabZTmhl/AOUsxtqyM0Ehml
lkBCXCaHXMO/POY0sYohdmuWUFGClbsA6PfFi7xzFbRb
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:42:12 2026 by rpki-client