Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/620d46e8-bb13-40cd-8918-677590eaf682.roa
File: 620d46e8-bb13-40cd-8918-677590eaf682.roa (raw, json)
Hash identifier: S0yibBIzPEzGogCmmx70u2Toin+kYwvOYp0I45/YJZA=
Subject key identifier: 4E:E9:5E:1A:4A:0D:7C:68:B3:B2:72:B5:CC:01:CD:DC:07:2E:9F:50
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 46B83ED9FBFE93A4D630EC89F828E09FFE9EEC6A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/620d46e8-bb13-40cd-8918-677590eaf682.roa
Signing time: Sat 28 Feb 2026 06:40:47 +0000
ROA not before: Sat 28 Feb 2026 06:40:47 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 14618
IP address blocks: 51.226.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:b8:3e:d9:fb:fe:93:a4:d6:30:ec:89:f8:28:e0:9f:fe:9e:ec:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 28 06:40:47 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=c5f2a52f50b6f452d3e55141cb0863b71aecd02b5e22a3574de64f6bc79ec9b4, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:f4:9b:1e:ed:7e:48:6c:93:d4:b3:55:23:96:
40:f1:47:ce:0e:a8:9b:c9:81:60:2c:4f:ca:4e:58:
2b:ef:2d:60:57:8d:da:2f:de:f7:42:1a:92:be:50:
9e:65:d6:2e:de:7a:4c:43:7e:dc:55:80:78:3f:40:
2b:23:68:8d:10:d1:94:59:4d:65:b4:55:ec:e5:52:
8c:39:24:01:44:f4:47:2f:39:0e:62:d9:85:ca:43:
c9:98:0e:08:a8:4e:f3:19:e0:5c:93:39:ff:55:74:
b5:83:63:7f:b4:d2:f9:c9:70:5c:34:79:78:fe:8a:
f6:29:5f:19:68:0b:b1:2d:ca:66:df:a8:14:da:08:
92:fd:19:a7:98:22:8d:88:71:2f:29:27:90:53:69:
28:ac:32:19:1a:54:c3:9e:a5:e8:80:08:3a:44:1c:
21:10:4b:60:86:35:de:b1:32:b3:c2:2c:7c:f5:32:
ce:e8:65:59:7c:89:f5:35:39:bf:2b:23:bb:1a:20:
8e:86:85:07:a3:1d:6a:63:76:55:95:08:47:f3:00:
93:32:2c:72:0f:3d:b7:91:ed:52:62:00:f9:ca:fe:
14:b5:15:de:41:a5:e7:b1:bf:a3:0e:53:79:b8:eb:
46:04:01:6a:7f:48:28:f6:58:87:ac:5a:b3:2d:30:
e4:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:E9:5E:1A:4A:0D:7C:68:B3:B2:72:B5:CC:01:CD:DC:07:2E:9F:50
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/620d46e8-bb13-40cd-8918-677590eaf682.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.226.0.0/15
Signature Algorithm: sha256WithRSAEncryption
d7:68:1c:1a:b9:65:cb:5e:1c:0c:b2:ce:9a:1a:93:45:2c:39:
7f:09:ce:da:d2:34:6f:47:8c:b0:98:4d:eb:0b:d0:10:23:ae:
f1:8c:32:f6:fd:1c:b8:09:20:1a:48:81:db:41:bf:ba:84:35:
a1:bb:83:6f:fe:6c:28:6d:7a:e5:a5:33:f3:1c:43:66:6f:31:
3e:6c:dd:bd:cd:85:72:28:b4:20:e0:f5:cc:76:72:79:1b:3d:
b8:ba:40:81:81:5b:0a:62:7a:2f:50:90:b6:b8:45:39:c2:cc:
ea:29:25:8b:f3:44:d2:d5:85:6d:27:9b:f5:a0:5f:98:a1:6f:
e4:d7:aa:28:a4:94:4f:e2:8c:18:83:34:0b:48:94:ae:99:e3:
58:97:f3:7e:99:fe:f4:b6:d7:74:2e:10:c3:90:db:b1:56:16:
6f:12:82:82:2a:34:36:fc:d6:49:63:a8:c8:5c:c3:ab:22:a4:
e5:58:78:53:5e:9e:df:83:2a:fc:52:dc:41:24:79:ba:6c:c7:
a0:9b:42:e6:91:e4:8c:19:28:7e:5e:76:18:b3:09:38:30:8d:
d9:50:ef:be:89:5c:d8:39:2c:74:e1:0c:8d:06:31:8a:ec:90:
3a:39:5f:91:3b:52:ed:dc:e2:e4:3b:e5:86:a4:d1:58:5c:8e:
16:d0:c1:33
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIURrg+2fv+k6TWMOyJ+Cjgn/6e7GowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMjgwNjQwNDdaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGM1ZjJhNTJmNTBiNmY0NTJkM2U1NTE0MWNiMDg2M2I3MWFlY2QwMmI1ZTIy
YTM1NzRkZTY0ZjZiYzc5ZWM5YjQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJz0mx7tfkhsk9SzVSOWQPFHzg6om8mBYCxPyk5YK+8tYFeN2i/e90Iakr5Q
nmXWLt56TEN+3FWAeD9AKyNojRDRlFlNZbRV7OVSjDkkAUT0Ry85DmLZhcpDyZgO
CKhO8xngXJM5/1V0tYNjf7TS+clwXDR5eP6K9ilfGWgLsS3KZt+oFNoIkv0Zp5gi
jYhxLyknkFNpKKwyGRpUw56l6IAIOkQcIRBLYIY13rEys8IsfPUyzuhlWXyJ9TU5
vysjuxogjoaFB6MdamN2VZUIR/MAkzIscg89t5HtUmIA+cr+FLUV3kGl57G/ow5T
ebjrRgQBan9IKPZYh6xasy0w5CkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRO6V4a
Sg18aLOycrXMAc3cBy6fUDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NjIwZDQ2ZTgtYmIxMy00MGNkLTg5MTgtNjc3NTkwZWFmNjgyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPiMA0G
CSqGSIb3DQEBCwUAA4IBAQDXaBwauWXLXhwMss6aGpNFLDl/Cc7a0jRvR4ywmE3r
C9AQI67xjDL2/Ry4CSAaSIHbQb+6hDWhu4Nv/mwobXrlpTPzHENmbzE+bN29zYVy
KLQg4PXMdnJ5Gz24ukCBgVsKYnovUJC2uEU5wszqKSWL80TS1YVtJ5v1oF+YoW/k
16oopJRP4owYgzQLSJSumeNYl/N+mf70ttd0LhDDkNuxVhZvEoKCKjQ2/NZJY6jI
XMOrIqTlWHhTXp7fgyr8UtxBJHm6bMegm0LmkeSMGSh+XnYYswk4MI3ZUO++iVzY
OSx04QyNBjGK7JA6OV+RO1Lt3OLkO+WGpNFYXI4W0MEz
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:50:08 2026 by rpki-client