Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/676cc479-c956-49aa-8372-560fd674c62c.roa
File: 676cc479-c956-49aa-8372-560fd674c62c.roa (raw, json)
Hash identifier: x9oHTW9hTaCpH0eOuJW43zuIrOWxT2VgzBfBU4ppRr0=
Subject key identifier: 05:08:5C:06:50:52:5A:10:BE:5D:33:06:82:A7:8E:0F:7C:CA:B5:8E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7139BC7454E9EDFA5D3870E95F1F85576F410A2F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/676cc479-c956-49aa-8372-560fd674c62c.roa
Signing time: Fri 06 Feb 2026 00:40:25 +0000
ROA not before: Fri 06 Feb 2026 00:40:25 +0000
ROA not after: Thu 07 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.20.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:39:bc:74:54:e9:ed:fa:5d:38:70:e9:5f:1f:85:57:6f:41:0a:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 6 00:40:25 2026 GMT
Not After : May 7 23:59:59 2026 GMT
Subject: serialNumber=40c944d74fcd53aa0845c5f62c1273de2c0c672cd5e72767a9f5a076254371ba, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:ed:ce:84:e2:c9:99:b1:83:e3:12:42:52:0e:
e7:2e:3a:a3:87:87:66:a2:02:74:46:07:70:dc:0c:
e0:ee:bb:f1:af:87:dd:39:3d:7d:75:9d:5f:8c:19:
10:af:19:04:a9:52:64:7b:3d:77:74:c5:7f:c0:fc:
3f:47:41:47:10:63:31:02:17:fa:82:84:fb:c8:f1:
d0:0f:e7:9b:11:3e:f4:9e:62:42:bb:df:ed:0b:df:
41:0e:80:c1:bd:c2:0c:68:5f:4f:17:ef:c0:b5:ac:
2f:de:6d:43:d1:61:3a:e1:7d:cb:46:b0:e2:42:21:
47:03:79:38:c5:fc:b4:1b:7c:02:53:4f:6e:2d:c7:
e2:60:94:66:41:d0:4a:50:9d:59:fd:c4:34:dd:7d:
f9:c6:4e:b7:c5:9b:45:69:91:00:fd:2c:2c:c6:3f:
14:91:bd:0f:88:47:73:a8:e7:c6:83:8a:f6:82:b4:
9f:f2:bd:65:ba:85:90:02:b8:97:84:71:9b:7f:38:
ca:19:99:50:2f:12:50:37:82:cf:c4:4d:3d:a3:c3:
4a:4c:8a:4e:2b:ed:77:b3:af:11:2c:4d:2b:e8:a1:
2f:30:64:d6:ff:d0:2c:ab:3b:2b:de:0e:bf:88:33:
28:90:93:e6:6a:74:b2:7a:a3:4b:e4:eb:d7:f3:08:
10:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:08:5C:06:50:52:5A:10:BE:5D:33:06:82:A7:8E:0F:7C:CA:B5:8E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/676cc479-c956-49aa-8372-560fd674c62c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.20.0.0/16
Signature Algorithm: sha256WithRSAEncryption
d2:c0:db:a8:56:0a:c0:9b:81:9a:82:05:f0:00:26:d8:85:ec:
98:7f:be:9a:02:c0:a0:3d:20:0f:bf:e7:f0:c6:d8:e0:7b:a8:
d8:90:2c:d4:5d:73:47:6b:50:1e:a5:82:21:fb:90:6e:43:3e:
fc:e9:e3:b7:d2:0f:0c:de:d7:5e:83:05:35:35:2b:f3:4e:6b:
dc:79:28:7c:a0:0f:b3:48:36:c2:ee:ac:d9:ce:3f:e7:46:7e:
63:0d:46:82:44:85:49:09:e7:1e:3c:c5:92:9c:a0:12:78:12:
c0:2b:16:0a:79:ef:9e:12:80:91:ad:74:bc:cc:69:c2:93:04:
33:aa:55:aa:e1:9a:14:2e:2a:54:33:48:dc:d1:6a:1a:0d:b7:
e8:6f:c1:0d:ea:35:04:7c:73:45:9a:ba:65:57:3e:84:53:cd:
44:2d:50:44:f0:17:5d:6d:6d:b9:26:c7:da:56:8c:36:bd:68:
85:60:bd:f1:74:ac:cb:9c:f7:80:dc:c4:92:e1:b4:80:4b:95:
1e:77:3b:fb:d5:c0:21:a4:af:ca:ce:00:04:32:ac:09:a4:a5:
af:90:26:f2:d3:aa:0e:70:ef:2f:45:64:ac:9c:24:34:ed:ec:
7e:82:d1:47:ad:03:e9:2e:ba:be:d2:31:34:9d:34:5d:68:d4:
f4:ef:39:81
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUcTm8dFTp7fpdOHDpXx+FV29BCi8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMDYwMDQwMjVaFw0yNjA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDQwYzk0NGQ3NGZjZDUzYWEwODQ1YzVmNjJjMTI3M2RlMmMwYzY3MmNkNWU3
Mjc2N2E5ZjVhMDc2MjU0MzcxYmExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAODtzoTiyZmxg+MSQlIO5y46o4eHZqICdEYHcNwM4O678a+H3Tk9fXWdX4wZ
EK8ZBKlSZHs9d3TFf8D8P0dBRxBjMQIX+oKE+8jx0A/nmxE+9J5iQrvf7QvfQQ6A
wb3CDGhfTxfvwLWsL95tQ9FhOuF9y0aw4kIhRwN5OMX8tBt8AlNPbi3H4mCUZkHQ
SlCdWf3ENN19+cZOt8WbRWmRAP0sLMY/FJG9D4hHc6jnxoOK9oK0n/K9ZbqFkAK4
l4Rxm384yhmZUC8SUDeCz8RNPaPDSkyKTivtd7OvESxNK+ihLzBk1v/QLKs7K94O
v4gzKJCT5mp0snqjS+Tr1/MIEIkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQFCFwG
UFJaEL5dMwaCp44PfMq1jjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Njc2Y2M0NzktYzk1Ni00OWFhLTgzNzItNTYwZmQ2NzRjNjJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMUMA0G
CSqGSIb3DQEBCwUAA4IBAQDSwNuoVgrAm4GaggXwACbYheyYf76aAsCgPSAPv+fw
xtjge6jYkCzUXXNHa1AepYIh+5BuQz786eO30g8M3tdegwU1NSvzTmvceSh8oA+z
SDbC7qzZzj/nRn5jDUaCRIVJCecePMWSnKASeBLAKxYKee+eEoCRrXS8zGnCkwQz
qlWq4ZoULipUM0jc0WoaDbfob8EN6jUEfHNFmrplVz6EU81ELVBE8BddbW25Jsfa
Vow2vWiFYL3xdKzLnPeA3MSS4bSAS5Uedzv71cAhpK/KzgAEMqwJpKWvkCby06oO
cO8vRWSsnCQ07ex+gtFHrQPpLrq+0jE0nTRdaNT07zmB
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:23:31 2026 by rpki-client