Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4f9d3c39-ae76-4f22-9df9-c6501acbcc84.roa
File: 4f9d3c39-ae76-4f22-9df9-c6501acbcc84.roa (raw, json)
Hash identifier: ur864Wmv2kbTJLAmxqWeEPoZblFu0VAZi0wBzaN5gCY=
Subject key identifier: 18:2B:3E:97:6E:33:51:1C:3E:9E:CF:1E:AC:4B:A2:76:C0:9E:E6:9B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5F0F317115EA464D48BAEA5B4B15D87D9C752F06
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4f9d3c39-ae76-4f22-9df9-c6501acbcc84.roa
Signing time: Sun 01 Mar 2026 01:00:10 +0000
ROA not before: Sun 01 Mar 2026 01:00:10 +0000
ROA not after: Sat 30 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.88.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:0f:31:71:15:ea:46:4d:48:ba:ea:5b:4b:15:d8:7d:9c:75:2f:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 1 01:00:10 2026 GMT
Not After : May 30 23:59:59 2026 GMT
Subject: serialNumber=7ae902b18a8a86fb5514f6f80f4c39d52b78f471bc88126dba935c5cd38ea97b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:3d:d3:25:ca:86:df:8b:a9:49:f1:28:4e:6a:
86:73:58:de:05:ed:6e:99:1f:dd:c7:d3:2e:5a:95:
aa:44:53:15:aa:e9:7c:6d:28:92:5c:1c:b7:2f:51:
47:46:06:2c:4a:5e:5f:97:a3:40:a2:ab:26:a6:7c:
1b:03:c4:43:d6:3a:e1:20:4e:43:30:67:68:90:7b:
01:27:08:e6:9d:00:f5:82:04:93:fe:8d:34:21:21:
91:20:d6:05:f2:70:3b:e5:17:a8:e4:c6:74:3f:58:
dc:06:d7:f9:90:d8:50:c4:48:3c:1d:1a:72:80:4c:
cb:33:ed:43:71:66:e3:ed:57:a4:48:a2:c3:07:eb:
f0:8a:6a:89:b0:45:80:ac:e1:39:06:22:82:24:80:
f7:4f:9d:e5:c5:13:f2:67:87:2b:0e:6e:48:ef:e9:
80:35:f4:54:ee:b2:8a:22:10:37:e9:c7:48:7a:87:
54:aa:62:6a:b8:b2:af:e8:a0:e1:17:21:2a:7f:2a:
14:fb:d8:0f:7c:db:a4:c4:03:3a:34:11:11:41:bf:
79:2a:5e:b2:60:0e:f6:eb:ab:a9:54:92:6e:5b:8e:
a9:ac:0c:71:62:d2:5f:d8:dd:07:7f:e1:89:92:8a:
af:4a:f6:85:ba:c8:32:ce:2f:20:75:6f:b1:ce:08:
ba:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:2B:3E:97:6E:33:51:1C:3E:9E:CF:1E:AC:4B:A2:76:C0:9E:E6:9B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4f9d3c39-ae76-4f22-9df9-c6501acbcc84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.88.0/21
Signature Algorithm: sha256WithRSAEncryption
5b:f5:9a:47:7f:66:70:c0:e7:ad:71:c3:63:f7:dc:76:cb:c6:
49:ad:ad:18:98:4e:c7:5d:bc:9b:9d:b4:67:92:8f:47:ac:8c:
23:eb:c2:d3:fe:cf:96:cd:3c:da:51:82:88:9b:e5:c6:63:b7:
7b:9b:f4:5e:c9:b8:75:cc:22:8d:18:7b:7c:2c:53:59:df:1a:
6c:88:09:7b:a0:9e:2e:5d:25:a7:f7:17:8f:42:75:58:87:27:
8b:4e:9f:9e:24:87:d6:d2:c7:df:a9:f1:7d:f7:e0:7a:8d:3b:
a8:de:08:a0:52:d5:b7:63:f3:5f:32:86:86:64:1a:fd:71:fb:
22:48:53:eb:26:ab:bc:0f:13:7f:c2:ff:69:9a:9a:c0:91:5e:
32:d2:41:64:9a:80:5e:62:8a:b0:a2:72:11:72:38:17:0f:73:
94:fa:c1:c7:91:7a:79:13:8b:00:86:f2:9e:f9:62:0f:62:43:
d5:5c:aa:bf:69:b1:f5:fe:f8:1a:64:22:f2:6e:e3:b0:d0:8b:
fe:25:60:aa:c9:75:21:d4:82:f5:91:e1:ec:f3:37:7a:0d:26:
a1:16:aa:67:ef:a2:44:d3:4f:41:ec:6c:9e:af:b1:9d:b5:3b:
13:68:5c:29:61:75:ec:12:69:4b:1f:bf:e0:44:22:8a:ae:55:
c2:fd:83:21
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUXw8xcRXqRk1IuupbSxXYfZx1LwYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAzMDEwMTAwMTBaFw0yNjA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDdhZTkwMmIxOGE4YTg2ZmI1NTE0ZjZmODBmNGMzOWQ1MmI3OGY0NzFiYzg4
MTI2ZGJhOTM1YzVjZDM4ZWE5N2IxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM090yXKht+LqUnxKE5qhnNY3gXtbpkf3cfTLlqVqkRTFarpfG0oklwcty9R
R0YGLEpeX5ejQKKrJqZ8GwPEQ9Y64SBOQzBnaJB7AScI5p0A9YIEk/6NNCEhkSDW
BfJwO+UXqOTGdD9Y3AbX+ZDYUMRIPB0acoBMyzPtQ3Fm4+1XpEiiwwfr8IpqibBF
gKzhOQYigiSA90+d5cUT8meHKw5uSO/pgDX0VO6yiiIQN+nHSHqHVKpiariyr+ig
4RchKn8qFPvYD3zbpMQDOjQREUG/eSpesmAO9uurqVSSbluOqawMcWLSX9jdB3/h
iZKKr0r2hbrIMs4vIHVvsc4IupUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQYKz6X
bjNRHD6ezx6sS6J2wJ7mmzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NGY5ZDNjMzktYWU3Ni00ZjIyLTlkZjktYzY1MDFhY2JjYzg0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzMAWDAN
BgkqhkiG9w0BAQsFAAOCAQEAW/WaR39mcMDnrXHDY/fcdsvGSa2tGJhOx128m520
Z5KPR6yMI+vC0/7Pls082lGCiJvlxmO3e5v0Xsm4dcwijRh7fCxTWd8abIgJe6Ce
Ll0lp/cXj0J1WIcni06fniSH1tLH36nxfffgeo07qN4IoFLVt2PzXzKGhmQa/XH7
IkhT6yarvA8Tf8L/aZqawJFeMtJBZJqAXmKKsKJyEXI4Fw9zlPrBx5F6eROLAIby
nvliD2JD1Vyqv2mx9f74GmQi8m7jsNCL/iVgqsl1IdSC9ZHh7PM3eg0moRaqZ++i
RNNPQexsnq+xnbU7E2hcKWF17BJpSx+/4EQiiq5Vwv2DIQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:01:21 2026 by rpki-client