Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4a35eec8-470f-4ad0-852b-9006065bbbb0.roa
File: 4a35eec8-470f-4ad0-852b-9006065bbbb0.roa (raw, json)
Hash identifier: 0YM+gGgZVP4DtnENOZQVR9u+w/xrzYy4WqzwKOiuojQ=
Subject key identifier: 19:60:17:F2:F7:2E:DC:B9:23:C0:EE:A2:72:62:4D:66:A4:B1:8E:65
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7632B127A3C11DF1228DE08AB0B7C003F5080A17
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4a35eec8-470f-4ad0-852b-9006065bbbb0.roa
Signing time: Sat 28 Feb 2026 06:40:17 +0000
ROA not before: Sat 28 Feb 2026 06:40:17 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 14618
IP address blocks: 51.166.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:32:b1:27:a3:c1:1d:f1:22:8d:e0:8a:b0:b7:c0:03:f5:08:0a:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 28 06:40:17 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=30068e822f46841bb252667bf3c8d30ab20d9024dbf07e7980f8404a9ca5b17e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:f0:a1:93:37:1c:d6:94:99:75:89:37:12:d3:
f7:57:98:0f:ef:9d:45:04:eb:4a:6e:a8:4f:99:41:
52:ad:e0:85:02:14:bc:a6:9f:68:86:d2:4a:3f:48:
51:71:f5:be:63:1e:d0:82:e5:e2:89:fb:7d:f0:07:
a1:71:e2:40:dc:b5:d0:2b:d8:ce:52:5f:1b:e1:64:
a1:fd:7e:db:82:a7:88:4c:a8:d9:8c:45:b3:74:8d:
e1:f3:11:70:de:81:35:b4:e1:0e:d5:77:8b:36:d2:
b9:c8:1d:d0:fb:96:60:98:7b:79:bb:86:01:b1:a8:
29:65:47:ba:ca:b2:44:57:bf:f5:30:7d:a0:89:48:
66:12:36:ec:e0:da:47:85:c3:a2:e5:40:51:bf:48:
48:e9:dc:4a:f3:43:aa:dc:6a:a1:91:a4:b6:85:2f:
9a:51:42:25:ce:2e:80:f8:7b:4d:8c:1d:cf:60:a3:
c9:9f:e1:c7:17:51:6f:4a:54:4e:60:8b:d8:b3:46:
c1:45:a9:b7:82:83:90:5d:af:df:56:10:be:fc:6d:
3c:f7:b9:71:e5:07:3c:5f:0f:bf:29:0c:5d:f5:f3:
89:05:2a:01:f9:b2:b1:42:f4:42:15:d9:7d:47:52:
5a:21:40:da:ab:a2:ab:82:f0:69:a1:1a:d9:3f:d5:
8c:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:60:17:F2:F7:2E:DC:B9:23:C0:EE:A2:72:62:4D:66:A4:B1:8E:65
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4a35eec8-470f-4ad0-852b-9006065bbbb0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.166.0.0/15
Signature Algorithm: sha256WithRSAEncryption
01:b5:62:60:bf:e9:0f:cd:1a:c1:d9:12:cd:d6:0c:d6:4a:ba:
70:eb:d6:ca:da:c1:81:ec:4e:44:00:82:91:10:ee:c6:6b:21:
0e:73:aa:76:fa:a0:e9:9d:97:95:d8:57:a0:2d:be:a9:7a:62:
b0:86:cb:55:c2:60:d5:2a:e2:31:41:bb:0e:b3:25:a7:9c:80:
93:09:04:39:ef:61:f7:34:7a:9a:d4:a2:0e:60:6b:48:b6:a2:
79:dc:dd:86:7a:5f:87:47:c6:37:26:5b:88:3f:05:b2:77:de:
24:6c:c6:2a:37:b0:21:85:d7:6a:ed:77:77:c8:4d:8a:33:7e:
65:83:ab:94:64:21:b0:68:c7:89:23:22:54:ed:aa:f3:20:74:
8c:dc:10:00:6c:b0:a6:13:71:da:c4:40:48:67:86:cd:45:47:
91:c4:da:61:64:44:94:ff:1a:47:46:7a:c5:f1:28:e8:c5:74:
56:99:e5:d6:5c:19:e6:59:83:1f:4f:96:55:d3:d5:df:39:76:
cb:48:4d:ed:2e:10:36:dc:c4:ce:48:e4:83:a0:62:65:90:73:
3b:b4:a0:6f:21:e7:a5:be:5b:7a:c9:ee:95:31:93:c7:7e:d0:
1d:ed:50:d3:45:89:b2:66:bb:c9:83:01:27:81:d1:90:ab:c8:
b7:7c:5e:fc
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUdjKxJ6PBHfEijeCKsLfAA/UIChcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMjgwNjQwMTdaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDMwMDY4ZTgyMmY0Njg0MWJiMjUyNjY3YmYzYzhkMzBhYjIwZDkwMjRkYmYw
N2U3OTgwZjg0MDRhOWNhNWIxN2UxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM/woZM3HNaUmXWJNxLT91eYD++dRQTrSm6oT5lBUq3ghQIUvKafaIbSSj9I
UXH1vmMe0ILl4on7ffAHoXHiQNy10CvYzlJfG+Fkof1+24KniEyo2YxFs3SN4fMR
cN6BNbThDtV3izbSucgd0PuWYJh7ebuGAbGoKWVHusqyRFe/9TB9oIlIZhI27ODa
R4XDouVAUb9ISOncSvNDqtxqoZGktoUvmlFCJc4ugPh7TYwdz2CjyZ/hxxdRb0pU
TmCL2LNGwUWpt4KDkF2v31YQvvxtPPe5ceUHPF8PvykMXfXziQUqAfmysUL0QhXZ
fUdSWiFA2quiq4LwaaEa2T/VjMMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQZYBfy
9y7cuSPA7qJyYk1mpLGOZTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NGEzNWVlYzgtNDcwZi00YWQwLTg1MmItOTAwNjA2NWJiYmIwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOmMA0G
CSqGSIb3DQEBCwUAA4IBAQABtWJgv+kPzRrB2RLN1gzWSrpw69bK2sGB7E5EAIKR
EO7GayEOc6p2+qDpnZeV2FegLb6pemKwhstVwmDVKuIxQbsOsyWnnICTCQQ572H3
NHqa1KIOYGtItqJ53N2Gel+HR8Y3JluIPwWyd94kbMYqN7Ahhddq7Xd3yE2KM35l
g6uUZCGwaMeJIyJU7arzIHSM3BAAbLCmE3HaxEBIZ4bNRUeRxNphZESU/xpHRnrF
8SjoxXRWmeXWXBnmWYMfT5ZV09XfOXbLSE3tLhA23MTOSOSDoGJlkHM7tKBvIeel
vlt6ye6VMZPHftAd7VDTRYmyZrvJgwEngdGQq8i3fF78
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:50:26 2026 by rpki-client