Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5480e32c-3a23-4243-82e3-c7eea059d814.roa
File: 5480e32c-3a23-4243-82e3-c7eea059d814.roa (raw, json)
Hash identifier: t3FWUDjDTmNTT3D1n0iAgZPlODN523yCSWNQfU6LwRg=
Subject key identifier: 6C:09:30:3F:E8:57:75:DF:F3:76:3A:7D:29:C2:60:93:D8:F4:38:8E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5EEE2A416D193FFBE69A5450C5E8D7ADBCCDF465
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5480e32c-3a23-4243-82e3-c7eea059d814.roa
Signing time: Fri 06 Feb 2026 00:40:08 +0000
ROA not before: Fri 06 Feb 2026 00:40:08 +0000
ROA not after: Thu 07 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.92.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:ee:2a:41:6d:19:3f:fb:e6:9a:54:50:c5:e8:d7:ad:bc:cd:f4:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 6 00:40:08 2026 GMT
Not After : May 7 23:59:59 2026 GMT
Subject: serialNumber=705a6515f9a3ccb7f5be658114912ed2529e57074e68a180a206074068719ce9, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:73:69:79:99:72:b5:3e:00:fa:17:c9:f5:fe:
ce:d3:3b:cc:db:ab:c0:63:ce:bb:31:15:78:23:b2:
0b:89:b6:6b:41:ca:52:ea:f6:1c:35:4c:83:e8:27:
59:13:66:52:1f:e1:c8:fd:28:d7:96:a5:fc:58:ca:
3e:c9:f6:de:df:3a:6c:aa:4c:3c:2c:87:a9:b7:be:
e7:c2:76:7a:1a:6d:e9:93:2f:43:56:1d:4d:2d:6e:
69:3c:c9:78:4c:cd:9c:02:7c:3e:17:f0:c6:d0:14:
4e:e3:ae:72:72:ae:58:15:ff:b7:0d:e2:ae:3f:b3:
de:c3:15:3f:3e:cd:3a:c6:aa:d4:6d:ec:6b:be:f9:
35:15:60:dd:95:e4:95:2a:12:c4:a6:65:4a:ee:51:
74:a6:b8:2f:0c:9f:bb:d8:71:f8:4d:ac:80:5d:95:
bd:49:05:47:3c:19:f1:66:e5:04:1c:fb:2b:25:56:
b1:0a:0c:c5:01:38:e5:24:68:2b:44:78:2c:21:38:
0d:62:e8:42:76:97:6a:88:0d:b7:48:b2:cd:89:9f:
0c:21:39:c9:a7:72:28:85:4c:a8:9e:2b:97:cb:2e:
50:b5:8c:87:2d:f2:ac:c8:5c:48:20:49:b9:27:81:
d5:0b:87:9e:fe:de:ca:d6:9d:3b:3d:76:3a:68:48:
8e:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:09:30:3F:E8:57:75:DF:F3:76:3A:7D:29:C2:60:93:D8:F4:38:8E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5480e32c-3a23-4243-82e3-c7eea059d814.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.92.0.0/16
Signature Algorithm: sha256WithRSAEncryption
42:48:9b:f1:cc:dd:6a:a4:2f:d7:bb:ef:f7:f6:49:94:12:04:
25:3b:fb:e6:60:1f:72:b6:06:d4:84:62:ee:d5:f7:b1:72:41:
e3:70:a7:11:0b:a0:e9:36:27:26:2c:e7:b0:1f:57:07:16:5c:
f4:fb:24:18:00:df:8b:c5:d9:22:95:8d:0c:dc:6e:e1:47:23:
95:c0:5f:ab:47:e2:f5:5b:1d:de:02:b4:71:6c:cb:c2:ad:ba:
8b:c4:78:7b:24:56:06:c8:1f:26:b0:5b:48:22:dd:50:5a:94:
77:ba:4d:c6:45:57:af:5c:f3:e7:88:59:5f:f8:8c:c7:fd:2c:
43:55:e0:12:74:53:27:f5:0f:07:13:4d:7d:77:af:f8:1a:4c:
ff:b8:b6:f6:8d:6b:19:fe:fb:e3:90:94:b1:1f:1e:b1:02:b5:
c7:fd:b4:35:6e:cb:cc:2b:84:a0:a7:77:44:05:e5:c0:78:24:
59:88:b5:09:f2:66:9b:46:a5:85:fc:61:85:7c:2f:4a:24:2b:
7c:04:87:7e:92:9a:a4:dc:7b:21:8d:26:fd:b8:2b:80:25:c8:
2e:ce:ab:ea:a9:af:54:67:1b:d7:f9:b3:50:61:e4:8f:c3:cf:
64:fb:2b:b4:e9:b7:e3:29:5c:49:17:36:a7:71:72:a5:c2:e9:
eb:32:3c:6d
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUXu4qQW0ZP/vmmlRQxejXrbzN9GUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMDYwMDQwMDhaFw0yNjA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDcwNWE2NTE1ZjlhM2NjYjdmNWJlNjU4MTE0OTEyZWQyNTI5ZTU3MDc0ZTY4
YTE4MGEyMDYwNzQwNjg3MTljZTkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIJzaXmZcrU+APoXyfX+ztM7zNurwGPOuzEVeCOyC4m2a0HKUur2HDVMg+gn
WRNmUh/hyP0o15al/FjKPsn23t86bKpMPCyHqbe+58J2ehpt6ZMvQ1YdTS1uaTzJ
eEzNnAJ8PhfwxtAUTuOucnKuWBX/tw3irj+z3sMVPz7NOsaq1G3sa775NRVg3ZXk
lSoSxKZlSu5RdKa4Lwyfu9hx+E2sgF2VvUkFRzwZ8WblBBz7KyVWsQoMxQE45SRo
K0R4LCE4DWLoQnaXaogNt0iyzYmfDCE5yadyKIVMqJ4rl8suULWMhy3yrMhcSCBJ
uSeB1QuHnv7eytadOz12OmhIjm0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRsCTA/
6Fd13/N2On0pwmCT2PQ4jjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTQ4MGUzMmMtM2EyMy00MjQzLTgyZTMtYzdlZWEwNTlkODE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNcMA0G
CSqGSIb3DQEBCwUAA4IBAQBCSJvxzN1qpC/Xu+/39kmUEgQlO/vmYB9ytgbUhGLu
1fexckHjcKcRC6DpNicmLOewH1cHFlz0+yQYAN+LxdkilY0M3G7hRyOVwF+rR+L1
Wx3eArRxbMvCrbqLxHh7JFYGyB8msFtIIt1QWpR3uk3GRVevXPPniFlf+IzH/SxD
VeASdFMn9Q8HE019d6/4Gkz/uLb2jWsZ/vvjkJSxHx6xArXH/bQ1bsvMK4Sgp3dE
BeXAeCRZiLUJ8mabRqWF/GGFfC9KJCt8BId+kpqk3HshjSb9uCuAJcguzqvqqa9U
ZxvX+bNQYeSPw89k+yu06bfjKVxJFzancXKlwunrMjxt
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:52:31 2026 by rpki-client