Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/54f9687d-a273-4060-846b-ce640aca7c79.roa
File: 54f9687d-a273-4060-846b-ce640aca7c79.roa (raw, json)
Hash identifier: C5U5Wti80VPjjZqu01/7e2fqv6RWv4kUO5wWuCVfeVI=
Subject key identifier: 9B:6D:DB:BF:22:5E:19:7F:29:F4:4F:4E:DE:E9:1C:83:9E:20:0E:A1
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4F5B660212FAD6342809E820D23ADEAC334B5109
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/54f9687d-a273-4060-846b-ce640aca7c79.roa
Signing time: Fri 06 Feb 2026 00:40:10 +0000
ROA not before: Fri 06 Feb 2026 00:40:10 +0000
ROA not after: Thu 07 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.44.0.0/14 maxlen: 14
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:5b:66:02:12:fa:d6:34:28:09:e8:20:d2:3a:de:ac:33:4b:51:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 6 00:40:10 2026 GMT
Not After : May 7 23:59:59 2026 GMT
Subject: serialNumber=90acf14815cd9355ba153e937742b7feb2dd54aaaae11f842a7b48ec2e7366fa, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:88:3d:2f:cb:17:17:d4:88:9e:79:51:ea:77:
82:d4:0a:d0:df:b9:67:0a:a2:68:d7:8e:ae:0f:6d:
58:53:8e:18:af:29:b7:2b:3f:07:69:ba:8f:ea:94:
51:84:81:62:93:15:6c:30:76:c3:2d:1b:44:3b:4c:
76:70:71:93:57:1f:64:45:72:39:4a:56:49:62:48:
7e:40:11:85:bd:b2:ce:80:21:7e:df:8f:b2:49:46:
1f:18:ea:5b:6c:1c:e5:f7:38:09:52:d4:76:d9:0c:
5d:63:04:31:f0:74:39:e2:ce:b4:7c:1b:aa:5e:21:
09:4c:5a:14:79:82:8e:78:66:96:e1:7d:9f:e5:c0:
6a:ae:51:c8:68:77:ba:b5:23:83:f8:65:17:c9:da:
b8:ed:ba:1e:d6:b3:3c:88:51:28:b0:14:6e:f6:b0:
8f:83:e1:88:da:86:2c:6a:e9:34:da:fd:1f:34:5e:
8e:4d:43:9f:6a:e0:f7:14:c9:42:6c:e4:51:c4:2f:
79:a6:91:63:9b:2c:ff:77:24:3c:5f:af:03:60:51:
84:54:fb:28:9e:02:6c:d7:f5:94:47:61:86:4e:65:
2d:ba:3f:6b:0c:20:53:47:d2:bb:51:70:f8:36:35:
fc:11:05:bd:9a:e3:49:96:5a:16:26:32:c9:d0:90:
11:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:6D:DB:BF:22:5E:19:7F:29:F4:4F:4E:DE:E9:1C:83:9E:20:0E:A1
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/54f9687d-a273-4060-846b-ce640aca7c79.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.44.0.0/14
Signature Algorithm: sha256WithRSAEncryption
04:9c:24:2f:15:63:ab:65:3e:59:17:27:68:a2:18:a9:0e:4d:
9c:26:7c:c7:ab:84:0a:9a:4b:38:17:64:ec:81:7e:af:31:1c:
10:2f:0d:0d:6b:f0:85:71:d2:6f:25:08:81:dd:3e:9d:2f:6a:
68:23:11:d5:94:89:11:f8:dd:03:19:b1:e9:6d:05:c1:54:71:
68:31:84:0b:fb:8c:8a:cc:86:41:76:6a:1a:9e:9e:6c:0c:63:
21:9c:39:1f:d3:86:4a:e1:7c:e4:d3:ac:ed:61:75:a3:af:e3:
67:9a:2d:e4:d6:06:80:02:b8:3a:24:7e:64:2d:38:7e:1f:98:
8e:89:90:8e:94:2e:40:fa:b3:70:dc:78:f4:3a:28:56:82:de:
bc:0f:dc:c6:0d:69:0a:b7:7a:07:ab:13:12:5b:1c:cf:28:ff:
63:d0:45:2f:17:6e:a1:f5:21:2e:96:90:55:69:88:4c:e5:7f:
7b:4e:32:25:51:df:47:c3:9f:32:b0:e5:c9:9e:74:c0:43:3e:
14:a6:d8:3a:bc:80:af:9c:9a:fe:4b:97:fa:8d:ce:ac:44:ed:
39:5d:78:cd:95:65:62:0d:67:56:7e:bd:4e:ad:ae:a1:fb:f1:
2e:05:17:7c:dd:1e:30:1d:52:09:94:1f:c2:5f:e7:ac:4c:3e:
74:78:bb:60
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUT1tmAhL61jQoCegg0jrerDNLUQkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMDYwMDQwMTBaFw0yNjA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDkwYWNmMTQ4MTVjZDkzNTViYTE1M2U5Mzc3NDJiN2ZlYjJkZDU0YWFhYWUx
MWY4NDJhN2I0OGVjMmU3MzY2ZmExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK+IPS/LFxfUiJ55Uep3gtQK0N+5ZwqiaNeOrg9tWFOOGK8ptys/B2m6j+qU
UYSBYpMVbDB2wy0bRDtMdnBxk1cfZEVyOUpWSWJIfkARhb2yzoAhft+PsklGHxjq
W2wc5fc4CVLUdtkMXWMEMfB0OeLOtHwbql4hCUxaFHmCjnhmluF9n+XAaq5RyGh3
urUjg/hlF8nauO26HtazPIhRKLAUbvawj4PhiNqGLGrpNNr9HzRejk1Dn2rg9xTJ
QmzkUcQveaaRY5ss/3ckPF+vA2BRhFT7KJ4CbNf1lEdhhk5lLbo/awwgU0fSu1Fw
+DY1/BEFvZrjSZZaFiYyydCQEbcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSbbdu/
Il4Zfyn0T07e6RyDniAOoTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTRmOTY4N2QtYTI3My00MDYwLTg0NmItY2U2NDBhY2E3Yzc5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjMsMA0G
CSqGSIb3DQEBCwUAA4IBAQAEnCQvFWOrZT5ZFydoohipDk2cJnzHq4QKmks4F2Ts
gX6vMRwQLw0Na/CFcdJvJQiB3T6dL2poIxHVlIkR+N0DGbHpbQXBVHFoMYQL+4yK
zIZBdmoanp5sDGMhnDkf04ZK4Xzk06ztYXWjr+Nnmi3k1gaAArg6JH5kLTh+H5iO
iZCOlC5A+rNw3Hj0OihWgt68D9zGDWkKt3oHqxMSWxzPKP9j0EUvF26h9SEulpBV
aYhM5X97TjIlUd9Hw58ysOXJnnTAQz4Uptg6vICvnJr+S5f6jc6sRO05XXjNlWVi
DWdWfr1Ora6h+/EuBRd83R4wHVIJlB/CX+esTD50eLtg
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:41:04 2026 by rpki-client