Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/81e19e5f-8cac-4cc7-8c10-c589c96920d0.roa
File: 81e19e5f-8cac-4cc7-8c10-c589c96920d0.roa (raw, json)
Hash identifier: MQj9cD4HsEpvfexrAFoT5E7ylYKFXoeKZg9fDfJnGEk=
Subject key identifier: 49:99:43:48:7E:AC:0B:4B:33:81:2C:DF:99:D5:C4:6C:F7:92:91:47
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6FEF84CB5BCE21FC849B867001F72FE552EC7297
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/81e19e5f-8cac-4cc7-8c10-c589c96920d0.roa
Signing time: Wed 20 May 2026 00:50:05 +0000
ROA not before: Wed 20 May 2026 00:50:05 +0000
ROA not after: Tue 18 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.17.1.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:ef:84:cb:5b:ce:21:fc:84:9b:86:70:01:f7:2f:e5:52:ec:72:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 00:50:05 2026 GMT
Not After : Aug 18 23:59:59 2026 GMT
Subject: serialNumber=bdcb080a68ca9bd0bec2746023039a4386a251c55d8dd396a81db5bd27df9550, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:cc:23:94:2f:b3:72:56:7b:77:2a:34:76:1c:
ab:27:3b:1a:4f:c6:be:57:85:3a:d0:c2:2e:8f:e0:
50:86:30:da:52:fc:f7:9d:80:22:70:5f:a3:c6:74:
0f:88:7a:25:7c:3e:e2:26:ef:36:0a:b3:9d:09:4b:
e3:1f:8c:1f:6c:2c:2f:c9:18:04:dc:f5:be:22:6f:
9c:c2:5e:c5:1e:c4:42:cf:32:50:77:ff:63:14:15:
76:fa:32:31:a9:c5:34:43:ec:a8:20:9a:d2:02:84:
b4:42:af:f8:8a:1f:73:31:33:d4:09:6f:48:b0:25:
b3:03:80:f1:f4:13:9d:58:74:2d:6d:16:58:5e:13:
f3:fd:b6:39:23:19:59:94:36:68:af:fd:06:e5:33:
c8:21:45:c3:b8:90:35:c1:87:f7:90:f3:5c:32:ef:
6e:0b:6e:fd:67:70:e6:55:ea:15:14:2d:c1:cb:e8:
8e:07:5f:be:d1:23:1d:dc:ec:b6:bf:5b:09:f8:98:
80:64:2f:5d:08:2c:34:25:b1:09:ea:55:2e:6c:35:
0d:58:59:fd:65:cd:80:bd:04:21:d6:cc:09:34:2a:
e3:63:b1:14:78:29:85:ed:fc:84:1f:e7:0e:17:c1:
58:9c:b4:59:8e:68:ae:f7:bc:4a:4c:cf:41:b3:e2:
2f:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:99:43:48:7E:AC:0B:4B:33:81:2C:DF:99:D5:C4:6C:F7:92:91:47
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/81e19e5f-8cac-4cc7-8c10-c589c96920d0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.17.1.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:0b:7e:f8:5a:ac:98:42:45:60:9c:6b:16:ff:ea:73:b3:ca:
ac:20:44:e5:be:95:db:d3:38:90:28:f9:4e:88:e0:97:97:e6:
0d:72:90:6d:0d:8b:77:22:62:6d:82:dc:40:ce:a6:1c:ee:b3:
33:7a:66:ec:40:4f:4d:ce:98:db:16:b2:cd:54:27:fa:b6:f4:
5c:d4:d1:dc:d9:1a:e3:7f:55:8f:d3:c0:5b:72:b6:e4:24:e8:
73:0d:32:53:6a:ed:92:40:42:b3:35:55:0b:8b:2d:7d:7b:7a:
4c:9e:c3:5d:be:7a:42:df:57:45:32:d1:92:2b:49:f4:1b:94:
34:d0:79:b9:4a:6e:81:93:9c:0e:14:b8:a0:ea:79:7b:ce:48:
d8:e6:03:8f:c8:68:f7:99:42:d3:32:50:fe:88:44:95:70:60:
6d:de:70:d1:54:bf:ef:73:c1:40:24:ff:bc:5d:31:e8:b5:e4:
55:b1:15:63:1a:3d:23:14:ae:73:d9:17:cf:ab:fa:b5:10:50:
b9:6f:45:31:1e:fc:ec:c2:a4:be:99:a2:62:a6:26:59:cf:af:
a7:45:27:84:7e:8f:2c:d2:91:38:75:c4:70:26:b2:1a:26:c8:
c5:76:1a:ab:3f:ff:3a:0b:7c:15:61:9d:e0:63:aa:e4:1b:0c:
98:65:c3:8f
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUb++Ey1vOIfyEm4ZwAfcv5VLscpcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MjAwMDUwMDVaFw0yNjA4MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQGJkY2IwODBhNjhjYTliZDBiZWMyNzQ2MDIzMDM5YTQzODZhMjUxYzU1ZDhk
ZDM5NmE4MWRiNWJkMjdkZjk1NTAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOjMI5Qvs3JWe3cqNHYcqyc7Gk/GvleFOtDCLo/gUIYw2lL8952AInBfo8Z0
D4h6JXw+4ibvNgqznQlL4x+MH2wsL8kYBNz1viJvnMJexR7EQs8yUHf/YxQVdvoy
ManFNEPsqCCa0gKEtEKv+IofczEz1AlvSLAlswOA8fQTnVh0LW0WWF4T8/22OSMZ
WZQ2aK/9BuUzyCFFw7iQNcGH95DzXDLvbgtu/Wdw5lXqFRQtwcvojgdfvtEjHdzs
tr9bCfiYgGQvXQgsNCWxCepVLmw1DVhZ/WXNgL0EIdbMCTQq42OxFHgphe38hB/n
DhfBWJy0WY5orve8SkzPQbPiL5sCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRJmUNI
fqwLSzOBLN+Z1cRs95KRRzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODFlMTllNWYtOGNhYy00Y2M3LThjMTAtYzU4OWM5NjkyMGQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADMRATAN
BgkqhkiG9w0BAQsFAAOCAQEAjwt++FqsmEJFYJxrFv/qc7PKrCBE5b6V29M4kCj5
Tojgl5fmDXKQbQ2LdyJibYLcQM6mHO6zM3pm7EBPTc6Y2xayzVQn+rb0XNTR3Nka
439Vj9PAW3K25CTocw0yU2rtkkBCszVVC4stfXt6TJ7DXb56Qt9XRTLRkitJ9BuU
NNB5uUpugZOcDhS4oOp5e85I2OYDj8ho95lC0zJQ/ohElXBgbd5w0VS/73PBQCT/
vF0x6LXkVbEVYxo9IxSuc9kXz6v6tRBQuW9FMR787MKkvpmiYqYmWc+vp0UnhH6P
LNKROHXEcCayGibIxXYaqz//Ogt8FWGd4GOq5BsMmGXDjw==
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:03:12 2026 by rpki-client