Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4911793e-4031-4d2f-be54-a38fc617b3c5.roa
File: 4911793e-4031-4d2f-be54-a38fc617b3c5.roa (raw, json)
Hash identifier: n2Hwl2yiWMyehhzLS3PT4VgnoZaMJAi5vV/c7ljW0SA=
Subject key identifier: 04:B6:0E:F7:5B:F1:EE:3E:8D:DD:48:1D:90:00:F6:87:09:2B:F2:15
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0DC4BAB1D210792306114C696A67AA44FDE46BE4
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4911793e-4031-4d2f-be54-a38fc617b3c5.roa
Signing time: Sat 28 Feb 2026 06:30:57 +0000
ROA not before: Sat 28 Feb 2026 06:30:57 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.114.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:c4:ba:b1:d2:10:79:23:06:11:4c:69:6a:67:aa:44:fd:e4:6b:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 28 06:30:57 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=e6eb482fb2f68256c7fe811b83a22d75e9560a80898c213c1d8641200c710f13, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:05:9b:e0:3f:40:a1:40:04:11:b2:de:3c:d9:
ae:74:91:59:be:52:d1:5b:46:3e:4b:4d:2f:c9:e4:
fd:33:2a:bd:3d:c9:6b:f8:71:9d:7b:73:2d:f4:b0:
4e:ab:95:3a:b3:7e:5c:bb:e6:37:b7:8f:b4:17:55:
09:24:b1:51:27:c3:b0:01:f6:cb:04:55:4c:dc:28:
61:49:28:79:17:d7:60:01:38:e4:8c:bc:29:01:f1:
68:46:37:65:38:bb:27:8d:40:b4:fa:16:87:9d:af:
99:92:1f:0f:3b:c1:7b:a2:19:55:95:24:34:f8:d4:
4b:50:25:ff:0d:2e:47:46:25:af:c8:dd:4c:18:8c:
5b:64:05:3f:90:c0:24:00:ab:72:4d:42:6e:0d:cc:
d1:ef:07:f7:74:7e:38:a4:73:61:70:40:ae:62:20:
b6:14:22:8c:0d:6b:31:80:18:ac:4c:69:14:53:3a:
cd:0a:8a:c9:e7:55:83:3a:d9:0a:dd:67:78:76:42:
d9:09:ff:d3:b1:a0:7a:46:b6:58:c9:2e:2a:0f:2c:
29:20:63:e7:b0:58:3a:88:20:68:40:42:67:b0:74:
34:1d:9a:95:e4:76:1e:1e:fd:17:10:97:45:35:7a:
d1:27:a3:12:fb:94:38:6f:12:25:fe:70:ee:28:fa:
02:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:B6:0E:F7:5B:F1:EE:3E:8D:DD:48:1D:90:00:F6:87:09:2B:F2:15
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4911793e-4031-4d2f-be54-a38fc617b3c5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.114.0.0/16
Signature Algorithm: sha256WithRSAEncryption
59:4d:df:5c:fe:cc:95:d5:20:d6:16:46:27:40:94:01:6d:ae:
df:0e:58:9d:a7:74:71:10:5d:be:64:b2:1f:45:7a:ff:52:31:
2d:8f:4f:3c:c8:25:f3:49:bf:7b:c6:c3:36:95:14:2a:44:30:
6c:cb:1d:dd:e8:72:cd:62:91:4c:59:11:98:89:3c:56:30:51:
00:b2:8d:f1:7b:d3:94:80:b9:ee:73:df:cd:4a:c1:17:74:c8:
d7:59:9b:e8:37:e3:15:ba:39:5e:a8:08:62:68:4e:e6:d4:90:
eb:51:88:17:3b:99:58:2c:bd:9c:4f:be:5b:c2:b5:34:b2:08:
ea:05:14:e3:98:dd:8e:f0:f0:3b:09:b1:9a:39:a2:ed:2a:a0:
ca:7b:1a:05:ab:57:45:99:0b:6e:13:ad:99:7e:f2:87:61:45:
06:7c:9f:e4:77:9f:ae:fa:19:6b:a1:19:e8:b8:7c:21:2e:dd:
f2:09:f8:d3:4e:90:87:03:aa:f4:74:85:d5:64:b1:8c:01:03:
b0:eb:7d:af:e0:16:2d:df:f3:39:7a:1d:8b:ca:48:a4:7f:ee:
4c:b8:d4:48:ad:96:eb:14:35:00:11:d9:24:b6:aa:26:66:a8:
7e:16:db:db:5d:f2:53:c1:82:e2:a3:90:7c:5c:b7:00:95:0e:
c6:1f:cb:31
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUDcS6sdIQeSMGEUxpameqRP3ka+QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMjgwNjMwNTdaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGU2ZWI0ODJmYjJmNjgyNTZjN2ZlODExYjgzYTIyZDc1ZTk1NjBhODA4OThj
MjEzYzFkODY0MTIwMGM3MTBmMTMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI4Fm+A/QKFABBGy3jzZrnSRWb5S0VtGPktNL8nk/TMqvT3Ja/hxnXtzLfSw
TquVOrN+XLvmN7ePtBdVCSSxUSfDsAH2ywRVTNwoYUkoeRfXYAE45Iy8KQHxaEY3
ZTi7J41AtPoWh52vmZIfDzvBe6IZVZUkNPjUS1Al/w0uR0Ylr8jdTBiMW2QFP5DA
JACrck1Cbg3M0e8H93R+OKRzYXBArmIgthQijA1rMYAYrExpFFM6zQqKyedVgzrZ
Ct1neHZC2Qn/07Ggeka2WMkuKg8sKSBj57BYOoggaEBCZ7B0NB2aleR2Hh79FxCX
RTV60SejEvuUOG8SJf5w7ij6AuECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQEtg73
W/HuPo3dSB2QAPaHCSvyFTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDkxMTc5M2UtNDAzMS00ZDJmLWJlNTQtYTM4ZmM2MTdiM2M1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNyMA0G
CSqGSIb3DQEBCwUAA4IBAQBZTd9c/syV1SDWFkYnQJQBba7fDlidp3RxEF2+ZLIf
RXr/UjEtj088yCXzSb97xsM2lRQqRDBsyx3d6HLNYpFMWRGYiTxWMFEAso3xe9OU
gLnuc9/NSsEXdMjXWZvoN+MVujleqAhiaE7m1JDrUYgXO5lYLL2cT75bwrU0sgjq
BRTjmN2O8PA7CbGaOaLtKqDKexoFq1dFmQtuE62ZfvKHYUUGfJ/kd5+u+hlroRno
uHwhLt3yCfjTTpCHA6r0dIXVZLGMAQOw632v4BYt3/M5eh2Lykikf+5MuNRIrZbr
FDUAEdkktqomZqh+FtvbXfJTwYLio5B8XLcAlQ7GH8sx
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:32:05 2026 by rpki-client