Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/78e385a6-a7b8-4e63-8222-9119ad4d303f.roa
File: 78e385a6-a7b8-4e63-8222-9119ad4d303f.roa (raw, json)
Hash identifier: zEMqFCeHwfS47slPf6Pdc07rfJo7Y6qrjCQrCCs1ml4=
Subject key identifier: 05:67:FA:6D:CD:9D:17:C4:ED:F5:7B:7E:0F:D9:73:AD:60:F3:B3:27
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 13BB796B11D6987AA655671C2DF3CEB3071D5C8C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/78e385a6-a7b8-4e63-8222-9119ad4d303f.roa
Signing time: Mon 23 Feb 2026 01:00:06 +0000
ROA not before: Mon 23 Feb 2026 01:00:06 +0000
ROA not after: Sun 24 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.118.0.0/15 maxlen: 15
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:bb:79:6b:11:d6:98:7a:a6:55:67:1c:2d:f3:ce:b3:07:1d:5c:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 23 01:00:06 2026 GMT
Not After : May 24 23:59:59 2026 GMT
Subject: serialNumber=9e7bc5dfecfd87fe53051a276f51c08b0d1275c1ecb2df6891781c2a2754c152, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:cd:94:77:ca:0c:ac:f8:b9:41:79:06:93:b9:
17:97:76:0f:e8:49:1e:35:9e:c1:0a:c5:f8:1a:d9:
7f:08:ca:17:7f:ce:17:d7:5b:e0:ed:88:98:be:f6:
f9:d8:d7:7b:e9:15:f1:44:00:af:50:f7:40:e3:ad:
f6:88:05:31:1b:59:70:f0:11:be:6f:8d:c9:b3:d7:
ee:72:34:98:43:8c:b1:95:ab:32:41:b6:ac:d4:e8:
d1:c0:6a:1b:e4:22:73:bf:25:f9:6b:dc:ea:5d:08:
bb:c3:a9:3b:ad:a3:38:90:6a:cf:7e:c3:82:4e:bd:
3e:e5:9e:00:a8:bd:ca:26:dd:b8:f2:b5:10:29:9d:
c1:3e:9b:56:9a:27:82:d5:ac:65:b2:72:0e:25:1e:
ea:54:e6:ae:f4:f6:7c:39:55:75:2e:e4:f3:b4:da:
f2:e2:fc:f0:6f:96:57:18:13:35:2b:9f:5f:03:8e:
3b:7b:17:f1:77:6c:1b:5a:f5:46:85:d6:fe:94:f7:
04:ab:f4:a8:f3:f1:54:4c:45:e2:6a:66:8a:a1:39:
f1:a5:ca:1e:28:fa:e5:2f:42:72:3f:8b:bc:4f:74:
61:cc:de:d6:04:a9:e8:97:d5:0d:4b:d5:f3:d7:28:
5c:3b:a3:d5:39:c2:f0:f1:49:20:53:63:7d:f3:69:
c9:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:67:FA:6D:CD:9D:17:C4:ED:F5:7B:7E:0F:D9:73:AD:60:F3:B3:27
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/78e385a6-a7b8-4e63-8222-9119ad4d303f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.118.0.0/15
Signature Algorithm: sha256WithRSAEncryption
2b:8d:19:c4:78:4e:a8:30:22:c1:b3:53:3f:b2:2f:0e:73:18:
29:22:20:e0:c5:a1:4c:0e:ac:8b:7d:3d:12:a8:ee:56:9e:71:
e3:7b:db:b5:e2:13:3a:79:8e:aa:53:b7:ea:95:b6:58:d0:31:
07:38:1a:b5:1f:6c:fc:5d:32:0b:aa:43:d1:a0:a1:34:31:0d:
30:4b:a0:5a:4f:1a:33:a7:e7:be:a1:37:cc:43:13:5e:f9:e5:
15:4c:1b:bb:74:cb:92:65:76:02:64:73:96:18:47:91:49:db:
d0:ce:bc:bf:1d:3b:c0:1c:83:4d:75:0a:88:e8:f8:85:1a:c5:
eb:4d:27:c5:06:ca:98:29:2c:99:a2:29:cc:e1:d0:98:e4:b3:
2c:fe:f3:58:c1:b0:28:4b:e3:13:1f:2e:67:c8:8f:46:27:05:
46:2a:7a:f8:f1:03:67:68:a0:18:be:47:82:82:1e:5d:e9:c6:
8a:49:b5:5d:ff:bc:cd:3d:46:c1:64:94:e0:2f:36:29:56:22:
ca:b5:9e:85:a6:3f:45:ee:b0:e6:f2:ce:bf:1e:06:82:73:12:
b0:80:10:8e:ad:97:19:0d:2f:1f:13:26:d0:d8:0e:9c:86:1d:
de:8a:2e:bd:63:af:ec:bf:8b:ff:9d:ee:d3:d0:a9:b4:4e:2d:
11:52:b2:9f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUE7t5axHWmHqmVWccLfPOswcdXIwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMjMwMTAwMDZaFw0yNjA1MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDllN2JjNWRmZWNmZDg3ZmU1MzA1MWEyNzZmNTFjMDhiMGQxMjc1YzFlY2Iy
ZGY2ODkxNzgxYzJhMjc1NGMxNTIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN/NlHfKDKz4uUF5BpO5F5d2D+hJHjWewQrF+BrZfwjKF3/OF9db4O2ImL72
+djXe+kV8UQAr1D3QOOt9ogFMRtZcPARvm+NybPX7nI0mEOMsZWrMkG2rNTo0cBq
G+Qic78l+Wvc6l0Iu8OpO62jOJBqz37Dgk69PuWeAKi9yibduPK1ECmdwT6bVpon
gtWsZbJyDiUe6lTmrvT2fDlVdS7k87Ta8uL88G+WVxgTNSufXwOOO3sX8XdsG1r1
RoXW/pT3BKv0qPPxVExF4mpmiqE58aXKHij65S9Ccj+LvE90Ycze1gSp6JfVDUvV
89coXDuj1TnC8PFJIFNjffNpyaECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQFZ/pt
zZ0XxO31e34P2XOtYPOzJzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzhlMzg1YTYtYTdiOC00ZTYzLTgyMjItOTExOWFkNGQzMDNmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATN2MA0G
CSqGSIb3DQEBCwUAA4IBAQArjRnEeE6oMCLBs1M/si8OcxgpIiDgxaFMDqyLfT0S
qO5WnnHje9u14hM6eY6qU7fqlbZY0DEHOBq1H2z8XTILqkPRoKE0MQ0wS6BaTxoz
p+e+oTfMQxNe+eUVTBu7dMuSZXYCZHOWGEeRSdvQzry/HTvAHINNdQqI6PiFGsXr
TSfFBsqYKSyZoinM4dCY5LMs/vNYwbAoS+MTHy5nyI9GJwVGKnr48QNnaKAYvkeC
gh5d6caKSbVd/7zNPUbBZJTgLzYpViLKtZ6Fpj9F7rDm8s6/HgaCcxKwgBCOrZcZ
DS8fEybQ2A6chh3eii69Y6/sv4v/ne7T0Km0Ti0RUrKf
-----END CERTIFICATE-----
Generated at Mon Mar 2 05:16:19 2026 by rpki-client