Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6252e9a3-4fdc-4c43-b91b-deb58ca2dd7c.roa
File: 6252e9a3-4fdc-4c43-b91b-deb58ca2dd7c.roa (raw, json)
Hash identifier: 0Z7pN/kWMHwy6cBr6suQNzzf/AtdSNeQ2+Ri2b1LOK0=
Subject key identifier: D0:87:9F:F1:C0:85:68:36:29:F1:D8:F0:2D:98:2F:54:5B:93:BD:89
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 32B465C317B4763BE3CE04911A15389B647EADA3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6252e9a3-4fdc-4c43-b91b-deb58ca2dd7c.roa
Signing time: Fri 06 Feb 2026 00:40:10 +0000
ROA not before: Fri 06 Feb 2026 00:40:10 +0000
ROA not after: Thu 07 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.46.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:b4:65:c3:17:b4:76:3b:e3:ce:04:91:1a:15:38:9b:64:7e:ad:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 6 00:40:10 2026 GMT
Not After : May 7 23:59:59 2026 GMT
Subject: serialNumber=7872b267cf6544310e9a6085d0899b713bf77b785a24156eca29e67f0fdd9e30, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:3e:cb:5d:eb:c6:bc:e5:d6:eb:b6:a7:f4:8d:
5e:cd:45:82:c7:33:f9:b6:79:de:70:a2:ad:32:5f:
b3:29:7b:bb:59:7c:84:09:14:9a:61:a5:7b:90:0e:
fc:eb:82:b5:aa:b3:9f:eb:2a:65:15:1f:a6:81:71:
1b:b9:f5:ae:a5:b3:20:20:f1:d5:79:09:91:ea:4c:
9f:24:3f:29:81:9d:84:2a:57:c0:3d:24:bb:3e:38:
ab:1c:3a:b2:4a:43:66:4b:ff:ae:cb:ec:29:6a:72:
a3:49:a1:d0:08:6f:71:37:4b:f2:ab:ee:dd:65:3e:
0d:3c:62:f7:00:96:80:b3:72:ff:24:0a:1b:aa:3f:
b2:44:62:4b:21:e3:0f:46:9d:a4:cd:1d:63:e1:97:
90:ab:57:1d:88:46:04:be:c0:81:d2:c0:a5:79:ff:
64:1d:a5:70:fa:f5:12:2c:33:40:15:7d:a3:93:2a:
21:01:85:15:57:27:8f:40:66:ca:31:6e:4d:2a:b7:
1c:76:ef:39:26:7c:c1:f0:c7:af:cf:75:63:95:b9:
8a:dd:5f:e8:67:07:1c:5f:b4:cd:2e:ed:b2:47:a1:
06:17:dd:47:6e:9c:29:d8:02:ca:88:99:ae:a4:76:
53:b3:27:ad:60:24:6d:95:2b:2d:00:39:c2:c2:10:
75:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:87:9F:F1:C0:85:68:36:29:F1:D8:F0:2D:98:2F:54:5B:93:BD:89
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6252e9a3-4fdc-4c43-b91b-deb58ca2dd7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.46.0.0/15
Signature Algorithm: sha256WithRSAEncryption
ac:d2:98:9e:12:62:c8:b3:a8:9c:30:05:b6:77:e6:b1:f6:b5:
d6:87:20:6a:ce:4c:eb:0c:3f:d4:c0:e2:d8:ba:fc:83:04:73:
c6:ed:c1:3f:e6:b5:0d:da:3e:c7:c3:72:1b:0d:28:f5:ab:f4:
b0:f0:34:4a:b5:a1:47:00:ed:0d:e6:d2:fd:8e:23:71:3a:78:
24:5a:33:e9:de:c7:1b:9f:80:ee:60:5a:36:46:17:f3:ce:ac:
ac:41:85:42:ac:ee:7e:ff:18:e5:47:59:f4:72:88:4c:a1:21:
d3:0a:cc:89:c1:63:64:f9:38:9d:ac:8b:ab:d1:25:98:21:45:
4f:ba:b6:2d:92:48:e9:5f:36:19:16:39:96:53:59:ae:45:7d:
cc:49:9c:dd:08:75:e5:30:0e:e6:92:72:09:8f:a4:37:18:46:
97:65:c2:58:98:38:e2:46:29:56:10:2d:84:9d:16:bd:c3:0c:
c9:2f:0c:92:31:7a:dd:a9:e1:57:90:95:ad:7c:b2:eb:31:dd:
cc:42:61:fa:7b:5d:9c:93:83:92:ae:5f:f2:76:c5:64:81:8c:
17:d3:0e:96:74:5f:4e:14:15:70:dd:7f:01:a1:46:a4:29:c3:
b7:63:bc:53:3b:d3:23:86:96:8d:46:ac:7c:ba:aa:fe:79:11:
c8:cc:7f:07
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUMrRlwxe0djvjzgSRGhU4m2R+raMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMDYwMDQwMTBaFw0yNjA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDc4NzJiMjY3Y2Y2NTQ0MzEwZTlhNjA4NWQwODk5YjcxM2JmNzdiNzg1YTI0
MTU2ZWNhMjllNjdmMGZkZDllMzAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKk+y13rxrzl1uu2p/SNXs1Fgscz+bZ53nCirTJfsyl7u1l8hAkUmmGle5AO
/OuCtaqzn+sqZRUfpoFxG7n1rqWzICDx1XkJkepMnyQ/KYGdhCpXwD0kuz44qxw6
skpDZkv/rsvsKWpyo0mh0AhvcTdL8qvu3WU+DTxi9wCWgLNy/yQKG6o/skRiSyHj
D0adpM0dY+GXkKtXHYhGBL7AgdLApXn/ZB2lcPr1EiwzQBV9o5MqIQGFFVcnj0Bm
yjFuTSq3HHbvOSZ8wfDHr891Y5W5it1f6GcHHF+0zS7tskehBhfdR26cKdgCyoiZ
rqR2U7MnrWAkbZUrLQA5wsIQdcsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTQh5/x
wIVoNinx2PAtmC9UW5O9iTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NjI1MmU5YTMtNGZkYy00YzQzLWI5MWItZGViNThjYTJkZDdjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATMuMA0G
CSqGSIb3DQEBCwUAA4IBAQCs0pieEmLIs6icMAW2d+ax9rXWhyBqzkzrDD/UwOLY
uvyDBHPG7cE/5rUN2j7Hw3IbDSj1q/Sw8DRKtaFHAO0N5tL9jiNxOngkWjPp3scb
n4DuYFo2RhfzzqysQYVCrO5+/xjlR1n0cohMoSHTCsyJwWNk+TidrIur0SWYIUVP
urYtkkjpXzYZFjmWU1muRX3MSZzdCHXlMA7mknIJj6Q3GEaXZcJYmDjiRilWEC2E
nRa9wwzJLwySMXrdqeFXkJWtfLLrMd3MQmH6e12ck4OSrl/ydsVkgYwX0w6WdF9O
FBVw3X8BoUakKcO3Y7xTO9MjhpaNRqx8uqr+eRHIzH8H
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:30:08 2026 by rpki-client