Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/63e023f1-83fd-412f-8365-33afe1ac80af.roa
File: 63e023f1-83fd-412f-8365-33afe1ac80af.roa (raw, json)
Hash identifier: bfOp//iDxS/TvImuMI6FY+wd+liIskDgZoUw4llQM2g=
Subject key identifier: 5D:92:43:93:52:53:F9:2E:03:62:AD:E8:C4:C4:E2:E9:4E:85:0E:C0
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 33CC4D01BA1DD23C1B526B774D6205AF8E0E6A54
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/63e023f1-83fd-412f-8365-33afe1ac80af.roa
Signing time: Tue 19 May 2026 06:00:51 +0000
ROA not before: Tue 19 May 2026 06:00:51 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.160.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 17 Jun 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:cc:4d:01:ba:1d:d2:3c:1b:52:6b:77:4d:62:05:af:8e:0e:6a:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 06:00:51 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=54714eb10824080a79e01b726609e2ec7bd5a1621a2533e0200054c6967bf665, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:61:f2:d5:65:6f:24:81:31:21:6c:3f:00:93:
87:38:4f:92:27:26:bc:28:f2:21:38:dc:64:a8:37:
23:00:11:6e:f0:3d:0f:41:96:03:c6:76:5a:a3:b9:
bd:1e:f1:09:94:d8:fc:52:c8:65:89:4f:97:f0:19:
4b:a4:60:4e:80:9c:cf:57:10:6d:da:2f:5e:a5:74:
af:e3:d2:47:ad:e2:a6:2b:9b:65:13:74:04:af:7f:
84:a5:93:9a:65:52:83:42:f5:e4:a9:2e:25:92:5c:
fd:cb:59:be:5e:26:05:b8:97:53:5a:18:32:46:26:
dd:62:cc:53:01:fb:d8:5c:06:59:5d:35:ac:63:71:
d7:db:36:3f:b4:5a:a4:d6:fa:eb:53:ce:68:5d:87:
ad:c3:ba:c8:40:13:91:cd:6a:92:9b:7d:71:9d:8a:
1c:62:a1:75:9b:33:80:c5:43:36:32:3c:40:57:8d:
9e:96:28:97:43:00:f9:08:bd:3d:49:65:7b:d3:87:
d5:f0:2a:cf:9c:31:b3:af:81:9c:8f:63:6d:71:47:
8c:1b:e5:f1:fa:be:db:ed:db:b1:40:1b:31:6c:72:
3f:88:e2:c2:90:4e:af:de:62:8b:03:01:99:3c:78:
00:86:db:ec:70:09:3f:ea:17:61:a7:ae:8d:50:22:
0c:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:92:43:93:52:53:F9:2E:03:62:AD:E8:C4:C4:E2:E9:4E:85:0E:C0
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/63e023f1-83fd-412f-8365-33afe1ac80af.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.160.0.0/16
Signature Algorithm: sha256WithRSAEncryption
af:0d:df:54:6d:dd:0e:d9:ea:cc:a0:a9:82:cf:59:17:a9:0f:
32:b7:3d:5b:22:3a:6e:93:d3:7b:99:db:30:85:8b:bf:d0:cd:
4f:8f:f1:ee:9b:1d:c8:09:e3:3e:80:86:8a:17:79:61:47:9d:
e8:45:fb:fd:cc:b2:b2:0d:5b:e3:9d:ab:20:29:1a:22:20:e4:
c2:32:ba:26:7c:15:ac:75:37:c8:28:5a:32:93:b9:9e:44:51:
ce:3b:03:1c:6f:d9:d8:41:db:e8:e4:86:76:cd:9a:33:23:c7:
dd:ee:9b:5d:9c:09:56:a3:4d:ad:45:30:8c:c7:4d:85:10:dd:
bc:99:96:69:82:3f:b0:ae:60:c2:ce:07:95:4e:56:4f:67:c2:
e4:cd:60:8b:ca:03:a6:f3:8b:55:f1:84:0f:09:86:18:62:fa:
4e:60:8a:b1:70:b0:96:a3:d9:09:48:ba:53:01:26:2a:3e:3c:
5a:d1:64:f2:a6:6e:74:67:e9:5c:3a:21:84:ad:12:9b:10:f7:
88:1a:7c:dc:1b:e9:69:5d:b9:4f:26:b4:b9:a1:22:0d:33:60:
64:09:4a:c5:c4:3c:79:f0:72:ca:97:4f:43:49:17:c7:e3:10:
4a:ae:6e:69:88:1f:77:28:2d:6b:2f:d8:52:c2:de:3b:32:aa:
3e:94:7a:03
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUM8xNAbod0jwbUmt3TWIFr44OalQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNjAwNTFaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDU0NzE0ZWIxMDgyNDA4MGE3OWUwMWI3MjY2MDllMmVjN2JkNWExNjIxYTI1
MzNlMDIwMDA1NGM2OTY3YmY2NjUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIVh8tVlbySBMSFsPwCThzhPkicmvCjyITjcZKg3IwARbvA9D0GWA8Z2WqO5
vR7xCZTY/FLIZYlPl/AZS6RgToCcz1cQbdovXqV0r+PSR63ipiubZRN0BK9/hKWT
mmVSg0L15KkuJZJc/ctZvl4mBbiXU1oYMkYm3WLMUwH72FwGWV01rGNx19s2P7Ra
pNb661POaF2HrcO6yEATkc1qkpt9cZ2KHGKhdZszgMVDNjI8QFeNnpYol0MA+Qi9
PUlle9OH1fAqz5wxs6+BnI9jbXFHjBvl8fq+2+3bsUAbMWxyP4jiwpBOr95iiwMB
mTx4AIbb7HAJP+oXYaeujVAiDGsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRdkkOT
UlP5LgNirejExOLpToUOwDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NjNlMDIzZjEtODNmZC00MTJmLTgzNjUtMzNhZmUxYWM4MGFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOgMA0G
CSqGSIb3DQEBCwUAA4IBAQCvDd9Ubd0O2erMoKmCz1kXqQ8ytz1bIjpuk9N7mdsw
hYu/0M1Pj/Humx3ICeM+gIaKF3lhR53oRfv9zLKyDVvjnasgKRoiIOTCMromfBWs
dTfIKFoyk7meRFHOOwMcb9nYQdvo5IZ2zZozI8fd7ptdnAlWo02tRTCMx02FEN28
mZZpgj+wrmDCzgeVTlZPZ8LkzWCLygOm84tV8YQPCYYYYvpOYIqxcLCWo9kJSLpT
ASYqPjxa0WTypm50Z+lcOiGErRKbEPeIGnzcG+lpXblPJrS5oSINM2BkCUrFxDx5
8HLKl09DSRfH4xBKrm5piB93KC1rL9hSwt47Mqo+lHoD
-----END CERTIFICATE-----
Generated at Wed Jun 17 08:41:46 2026 by rpki-client