Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/60c89335-41cc-407d-8ffe-34cda7e66bb7.roa
File: 60c89335-41cc-407d-8ffe-34cda7e66bb7.roa (raw, json)
Hash identifier: SBH7HYTCs5ywFufHg0fOT6TdutuOfK5CnI8KQCVvMhM=
Subject key identifier: 01:2B:3B:39:61:18:15:BC:DA:73:F7:34:5A:4B:21:39:37:5A:3C:37
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3A2E717064B562D311A40EE11C8B21F9404609D9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/60c89335-41cc-407d-8ffe-34cda7e66bb7.roa
Signing time: Fri 06 Feb 2026 00:40:06 +0000
ROA not before: Fri 06 Feb 2026 00:40:06 +0000
ROA not after: Thu 07 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.96.0.0/14 maxlen: 14
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:2e:71:70:64:b5:62:d3:11:a4:0e:e1:1c:8b:21:f9:40:46:09:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 6 00:40:06 2026 GMT
Not After : May 7 23:59:59 2026 GMT
Subject: serialNumber=50c7d621891cd78c1377a4f6f31fce48c5ba0fa109538202351675fc6f6a0846, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:5c:d1:a9:10:64:af:63:5b:55:28:8f:21:21:
0c:9b:d5:8b:be:0f:8f:4d:eb:7f:0a:b0:4c:2f:84:
82:03:19:d0:83:4b:86:f7:5f:83:25:3a:95:27:68:
00:a6:c0:6c:86:94:12:5f:a4:ed:c1:6b:13:26:a7:
cd:74:4b:1f:d1:5f:f2:7f:fa:7d:41:0f:69:59:a2:
d5:71:2e:d5:ca:85:22:ff:a8:d8:d5:12:09:85:5d:
54:74:ec:6b:73:df:5a:1e:53:30:b1:de:02:1b:92:
57:8b:f5:3b:9a:17:86:da:90:1b:d1:c3:bd:f6:b4:
1f:97:48:17:73:33:a5:e8:2d:e5:e8:5b:ee:2f:f9:
77:56:15:db:17:09:e5:07:dd:34:1c:e2:98:63:5e:
c9:0d:d6:b7:1a:45:71:13:4a:39:d0:2c:bf:c8:b9:
74:67:86:4e:a5:7d:99:64:68:2e:93:e9:71:49:75:
d9:e1:6b:84:16:d3:6c:2a:e2:3d:cb:1a:3d:32:ff:
30:c9:a9:26:5d:35:c6:c1:06:07:f9:23:c4:bf:64:
13:aa:4d:c4:3d:ca:70:58:59:37:40:56:c5:03:7a:
6b:27:ad:01:97:43:1d:b9:1e:c1:9d:2b:75:42:6f:
3c:25:df:fa:a3:46:89:66:6f:82:ee:97:24:2a:ef:
c1:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:2B:3B:39:61:18:15:BC:DA:73:F7:34:5A:4B:21:39:37:5A:3C:37
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/60c89335-41cc-407d-8ffe-34cda7e66bb7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.96.0.0/14
Signature Algorithm: sha256WithRSAEncryption
27:e1:88:65:fa:f6:a3:22:c6:87:2a:43:0f:24:00:0e:45:e3:
c9:f6:e6:ea:61:e6:77:da:63:dd:94:74:1b:a4:ba:6b:b2:29:
81:39:4b:9c:9c:f8:c6:76:0f:98:69:a1:f3:30:04:8a:36:30:
5c:3b:13:9d:47:c4:46:2f:7a:9b:4d:3a:1e:66:e1:3e:7d:aa:
de:c0:84:8b:71:ab:91:02:a8:eb:1c:85:37:4d:7a:83:bc:aa:
66:0a:86:aa:f0:25:51:34:75:ce:eb:f7:13:b9:eb:09:59:36:
86:e0:09:49:75:08:33:51:55:67:f3:ec:c6:ce:1c:df:07:31:
5f:eb:1c:06:c2:f9:fa:82:d2:56:7b:da:68:cd:f0:60:37:7c:
99:6b:65:71:a3:03:41:0c:99:b8:8e:7f:72:a2:d7:22:58:53:
4e:b2:0b:b0:5e:5e:ad:53:9a:72:5a:0b:45:b6:3e:57:11:50:
19:e9:94:64:96:fc:85:c4:cc:66:6f:d9:bc:46:0e:5f:2d:7c:
4f:a8:fb:79:1f:2a:17:1e:18:23:53:14:ff:c6:0c:8d:a0:d9:
15:2c:fb:42:98:8e:6c:95:d5:9d:b4:ba:91:15:80:03:fb:cd:
56:0a:97:de:88:60:d1:f2:72:ee:e2:d3:d7:6e:43:54:ed:e9:
a6:c2:cc:84
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUOi5xcGS1YtMRpA7hHIsh+UBGCdkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMDYwMDQwMDZaFw0yNjA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDUwYzdkNjIxODkxY2Q3OGMxMzc3YTRmNmYzMWZjZTQ4YzViYTBmYTEwOTUz
ODIwMjM1MTY3NWZjNmY2YTA4NDYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMZc0akQZK9jW1UojyEhDJvVi74Pj03rfwqwTC+EggMZ0INLhvdfgyU6lSdo
AKbAbIaUEl+k7cFrEyanzXRLH9Ff8n/6fUEPaVmi1XEu1cqFIv+o2NUSCYVdVHTs
a3PfWh5TMLHeAhuSV4v1O5oXhtqQG9HDvfa0H5dIF3Mzpegt5ehb7i/5d1YV2xcJ
5QfdNBzimGNeyQ3WtxpFcRNKOdAsv8i5dGeGTqV9mWRoLpPpcUl12eFrhBbTbCri
PcsaPTL/MMmpJl01xsEGB/kjxL9kE6pNxD3KcFhZN0BWxQN6ayetAZdDHbkewZ0r
dUJvPCXf+qNGiWZvgu6XJCrvwVUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQBKzs5
YRgVvNpz9zRaSyE5N1o8NzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NjBjODkzMzUtNDFjYy00MDdkLThmZmUtMzRjZGE3ZTY2YmI3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjNgMA0G
CSqGSIb3DQEBCwUAA4IBAQAn4Yhl+vajIsaHKkMPJAAORePJ9ubqYeZ32mPdlHQb
pLprsimBOUucnPjGdg+YaaHzMASKNjBcOxOdR8RGL3qbTToeZuE+farewISLcauR
AqjrHIU3TXqDvKpmCoaq8CVRNHXO6/cTuesJWTaG4AlJdQgzUVVn8+zGzhzfBzFf
6xwGwvn6gtJWe9pozfBgN3yZa2VxowNBDJm4jn9yotciWFNOsguwXl6tU5pyWgtF
tj5XEVAZ6ZRklvyFxMxmb9m8Rg5fLXxPqPt5HyoXHhgjUxT/xgyNoNkVLPtCmI5s
ldWdtLqRFYAD+81WCpfeiGDR8nLu4tPXbkNU7emmwsyE
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:27:14 2026 by rpki-client