Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/620d46e8-bb13-40cd-8918-677590eaf682.roa
File: 620d46e8-bb13-40cd-8918-677590eaf682.roa (raw, json)
Hash identifier: EG9etioaWGUMlYBX7/V6413w8h06gXI6cV61QW/FBaQ=
Subject key identifier: 0B:75:06:B1:54:B6:91:35:D3:04:D4:9C:84:B8:0D:95:1E:2B:69:C2
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 22C08E3F1E2547CC33B3FA4CC197E53EE4591010
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/620d46e8-bb13-40cd-8918-677590eaf682.roa
Signing time: Tue 19 May 2026 06:00:08 +0000
ROA not before: Tue 19 May 2026 06:00:08 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 14618
IP address blocks: 51.226.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:c0:8e:3f:1e:25:47:cc:33:b3:fa:4c:c1:97:e5:3e:e4:59:10:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 06:00:08 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=67ffc70100fee9726301f94d91ac299ae956d6844d4549171cb928846c9b2e8b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:fa:15:e9:03:ef:3e:c4:52:f3:92:18:ac:fc:
70:3d:5d:24:26:70:cc:2a:5f:f6:d3:a6:96:e4:95:
93:00:3d:ad:24:0c:c3:2f:92:95:eb:32:05:d5:92:
1a:7e:93:44:15:c1:b9:6a:88:73:25:85:50:34:a2:
8f:6b:e7:02:2a:a6:6a:ff:6f:ec:68:5b:a2:54:68:
fa:32:1e:62:09:94:db:dd:36:05:40:11:0f:d6:3f:
2b:59:d2:a5:b3:41:97:d1:d7:e5:a5:10:c5:8a:b3:
bf:bc:30:08:f9:84:e9:8c:c3:5b:53:32:9f:78:9a:
02:5b:a8:d9:32:b7:34:18:09:76:f8:78:66:50:3f:
c8:22:8f:f9:21:be:f4:8a:fb:39:f3:67:db:07:c8:
fd:ac:03:73:95:a5:c4:af:20:32:cc:b3:83:49:ce:
99:48:e6:73:a8:cd:07:f8:3f:8d:3b:ba:59:71:8d:
23:ad:b7:87:25:5f:e9:1f:0e:2b:8f:71:42:01:28:
e2:ef:05:93:01:22:b6:7d:c7:69:c1:32:16:ed:58:
13:53:e0:31:32:6e:26:ba:d9:48:a9:88:17:8f:37:
e1:22:8a:2d:f8:5e:cb:a5:af:0f:de:97:cc:69:d2:
e7:65:16:a6:8b:9e:a9:e2:ca:3b:9c:90:99:51:33:
26:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:75:06:B1:54:B6:91:35:D3:04:D4:9C:84:B8:0D:95:1E:2B:69:C2
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/620d46e8-bb13-40cd-8918-677590eaf682.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.226.0.0/15
Signature Algorithm: sha256WithRSAEncryption
68:f1:62:b0:73:65:f2:04:7e:69:f9:63:cc:a3:42:fa:33:a0:
68:33:42:45:38:28:01:b5:fb:18:de:59:a2:d2:06:9e:5b:d7:
86:bd:31:b8:0b:5a:dd:ee:2d:06:cc:ab:55:32:5c:c3:54:fb:
3e:e5:73:e7:ac:62:fc:9d:b3:e6:11:08:be:23:4d:85:cc:d7:
e0:67:a8:0c:b5:be:9d:fc:e5:d5:27:96:41:97:0c:32:53:bd:
8e:4e:b2:e6:1b:d7:15:2b:a2:3d:66:e2:c6:ec:a7:7b:0d:9b:
0e:2a:53:40:a5:4e:1f:c9:56:aa:a9:67:5c:67:6b:cd:56:b8:
f5:58:2a:27:44:d1:75:e5:22:5d:73:28:cf:ca:41:d1:f4:a2:
4d:07:49:f3:c5:59:a3:74:85:fa:96:0e:3b:d2:7f:c0:15:87:
b8:fe:f2:d4:41:d4:b6:4a:ae:b8:86:32:c7:dd:9e:41:21:fd:
4e:21:2c:fe:12:ae:93:85:ce:52:4e:2c:8f:28:47:53:28:58:
9f:e4:5e:bc:c4:fe:78:4d:48:95:8f:b1:da:ff:b4:5d:d5:e7:
d9:68:41:2e:fc:8a:ea:08:37:06:37:e4:cd:54:c6:e4:cc:b2:
c4:b3:92:b1:fd:46:a7:ee:e5:b9:a3:6e:07:79:4d:a9:a9:4c:
fd:23:a5:8c
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUIsCOPx4lR8wzs/pMwZflPuRZEBAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNjAwMDhaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDY3ZmZjNzAxMDBmZWU5NzI2MzAxZjk0ZDkxYWMyOTlhZTk1NmQ2ODQ0ZDQ1
NDkxNzFjYjkyODg0NmM5YjJlOGIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMj6FekD7z7EUvOSGKz8cD1dJCZwzCpf9tOmluSVkwA9rSQMwy+SlesyBdWS
Gn6TRBXBuWqIcyWFUDSij2vnAiqmav9v7GhbolRo+jIeYgmU2902BUARD9Y/K1nS
pbNBl9HX5aUQxYqzv7wwCPmE6YzDW1Myn3iaAluo2TK3NBgJdvh4ZlA/yCKP+SG+
9Ir7OfNn2wfI/awDc5WlxK8gMsyzg0nOmUjmc6jNB/g/jTu6WXGNI623hyVf6R8O
K49xQgEo4u8FkwEitn3HacEyFu1YE1PgMTJuJrrZSKmIF4834SKKLfhey6WvD96X
zGnS52UWpoueqeLKO5yQmVEzJvcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQLdQax
VLaRNdME1JyEuA2VHitpwjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NjIwZDQ2ZTgtYmIxMy00MGNkLTg5MTgtNjc3NTkwZWFmNjgyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPiMA0G
CSqGSIb3DQEBCwUAA4IBAQBo8WKwc2XyBH5p+WPMo0L6M6BoM0JFOCgBtfsY3lmi
0gaeW9eGvTG4C1rd7i0GzKtVMlzDVPs+5XPnrGL8nbPmEQi+I02FzNfgZ6gMtb6d
/OXVJ5ZBlwwyU72OTrLmG9cVK6I9ZuLG7Kd7DZsOKlNApU4fyVaqqWdcZ2vNVrj1
WConRNF15SJdcyjPykHR9KJNB0nzxVmjdIX6lg470n/AFYe4/vLUQdS2Sq64hjLH
3Z5BIf1OISz+Eq6Thc5STiyPKEdTKFif5F68xP54TUiVj7Ha/7Rd1efZaEEu/Irq
CDcGN+TNVMbkzLLEs5Kx/Uan7uW5o24HeU2pqUz9I6WM
-----END CERTIFICATE-----
Generated at Sat Jun 13 06:43:53 2026 by rpki-client