Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/81e19e5f-8cac-4cc7-8c10-c589c96920d0.roa
File: 81e19e5f-8cac-4cc7-8c10-c589c96920d0.roa (raw, json)
Hash identifier: JZp9QIZXap7cvbVw1JiH49bz5APIrsop3ZKUZbnzPH8=
Subject key identifier: 5A:7B:42:8C:07:13:B2:D1:62:09:EA:1B:FE:AD:D8:98:16:43:63:84
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1E143CA2CBF9303AA3222E75F507FBF3FB5FD980
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/81e19e5f-8cac-4cc7-8c10-c589c96920d0.roa
Signing time: Sun 01 Mar 2026 01:00:07 +0000
ROA not before: Sun 01 Mar 2026 01:00:07 +0000
ROA not after: Sat 30 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.17.1.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:14:3c:a2:cb:f9:30:3a:a3:22:2e:75:f5:07:fb:f3:fb:5f:d9:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 1 01:00:07 2026 GMT
Not After : May 30 23:59:59 2026 GMT
Subject: serialNumber=866e8e3da845431ab70988e59b41babbecaeb0804cea85506cff35ba554a44c0, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:2e:83:2e:d7:3e:60:29:2b:1e:3d:89:7b:4d:
87:91:a3:03:ac:5a:f4:03:f0:eb:e0:78:08:91:a4:
92:bf:a1:44:81:2f:dd:4a:4a:df:17:fd:bb:63:c5:
1f:b8:1d:85:d7:39:f4:a3:51:bd:46:2e:6c:d6:7d:
89:77:9a:72:81:fe:f9:56:ac:9d:a7:3f:8a:1a:42:
d4:2c:f3:5d:ec:92:8d:69:8c:b2:a2:af:c3:3d:0c:
29:66:06:ac:ec:c5:b6:2a:70:83:03:2e:f2:b9:0d:
12:5b:1b:61:00:71:02:7c:f2:44:75:86:19:54:b7:
c7:36:da:bd:d9:e2:ef:db:bf:e5:04:1c:d2:0d:e7:
0f:40:b5:3d:bf:43:98:74:0e:27:92:d6:2d:5f:b2:
0c:2f:46:cf:44:5f:e7:9a:63:38:a1:84:52:a8:67:
c7:a6:e1:2c:22:20:68:66:00:53:28:2b:76:24:fd:
80:68:a2:47:d1:24:75:65:c1:fd:30:20:32:e4:3b:
e7:6c:a1:e3:cb:81:ff:cd:ca:51:36:69:b7:0a:a6:
14:ae:b5:b4:18:2d:bd:5a:8d:dc:e3:bd:41:ec:73:
11:37:69:ca:ee:b7:15:fa:4b:09:31:2d:c3:94:73:
4e:49:b9:0e:a1:99:9f:a7:ed:fb:ee:67:9f:ef:d7:
b6:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:7B:42:8C:07:13:B2:D1:62:09:EA:1B:FE:AD:D8:98:16:43:63:84
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/81e19e5f-8cac-4cc7-8c10-c589c96920d0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.17.1.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:7c:26:a4:ca:82:c3:3c:0f:a9:4d:ea:2c:39:dc:21:16:f5:
eb:65:73:97:ca:2a:d5:a0:97:64:b4:84:a2:c0:e9:c7:1f:79:
b5:22:7f:d9:12:f4:3e:04:86:c3:c2:e4:6e:ef:ab:9c:36:2d:
67:0f:db:4d:b1:97:21:05:63:fd:dd:4b:c2:6d:df:d9:74:b3:
fc:37:46:93:28:a9:31:aa:eb:3e:40:a2:0d:22:d4:2d:a6:72:
d5:34:72:e7:1c:b4:16:28:44:3c:40:22:0c:e8:06:d4:9f:77:
db:a6:1a:22:fa:7c:8c:41:d0:53:d6:4b:60:be:ef:76:30:ef:
65:bf:e3:70:92:30:82:9b:b4:9d:1b:3a:f7:cb:32:63:f8:0e:
ed:9c:8b:6c:ac:09:a7:1a:5d:88:ec:38:2d:2d:1a:72:c8:72:
55:7d:87:79:a6:10:ce:2a:63:3f:ed:08:38:32:90:e3:9d:7b:
22:1b:85:b7:b5:4c:33:c2:a1:10:aa:81:8a:ab:26:83:b9:01:
ab:f6:56:33:84:ef:26:cc:3b:00:9a:ea:57:59:90:0c:6f:9c:
e0:29:84:f0:ab:b5:d8:50:3c:23:3d:0c:69:bb:a7:62:50:62:
2f:50:73:1e:6b:e5:e0:16:dd:fb:f6:61:9b:9d:13:b4:17:5d:
2c:b9:ca:0d
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUHhQ8osv5MDqjIi519Qf78/tf2YAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAzMDEwMTAwMDdaFw0yNjA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDg2NmU4ZTNkYTg0NTQzMWFiNzA5ODhlNTliNDFiYWJiZWNhZWIwODA0Y2Vh
ODU1MDZjZmYzNWJhNTU0YTQ0YzAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI4ugy7XPmApKx49iXtNh5GjA6xa9APw6+B4CJGkkr+hRIEv3UpK3xf9u2PF
H7gdhdc59KNRvUYubNZ9iXeacoH++Vasnac/ihpC1CzzXeySjWmMsqKvwz0MKWYG
rOzFtipwgwMu8rkNElsbYQBxAnzyRHWGGVS3xzbavdni79u/5QQc0g3nD0C1Pb9D
mHQOJ5LWLV+yDC9Gz0Rf55pjOKGEUqhnx6bhLCIgaGYAUygrdiT9gGiiR9EkdWXB
/TAgMuQ752yh48uB/83KUTZptwqmFK61tBgtvVqN3OO9QexzETdpyu63FfpLCTEt
w5RzTkm5DqGZn6ft++5nn+/XtqMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRae0KM
BxOy0WIJ6hv+rdiYFkNjhDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODFlMTllNWYtOGNhYy00Y2M3LThjMTAtYzU4OWM5NjkyMGQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADMRATAN
BgkqhkiG9w0BAQsFAAOCAQEACnwmpMqCwzwPqU3qLDncIRb162Vzl8oq1aCXZLSE
osDpxx95tSJ/2RL0PgSGw8Lkbu+rnDYtZw/bTbGXIQVj/d1Lwm3f2XSz/DdGkyip
MarrPkCiDSLULaZy1TRy5xy0FihEPEAiDOgG1J9326YaIvp8jEHQU9ZLYL7vdjDv
Zb/jcJIwgpu0nRs698syY/gO7ZyLbKwJpxpdiOw4LS0acshyVX2HeaYQzipjP+0I
ODKQ4517IhuFt7VMM8KhEKqBiqsmg7kBq/ZWM4TvJsw7AJrqV1mQDG+c4CmE8Ku1
2FA8Iz0MabunYlBiL1BzHmvl4Bbd+/Zhm50TtBddLLnKDQ==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:48:24 2026 by rpki-client