Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/85056db0-2868-4547-8893-66ae7ad101d4.roa
File: 85056db0-2868-4547-8893-66ae7ad101d4.roa (raw, json)
Hash identifier: iwidfQar1JRafQ7UNlninsqt97aa8FxF6BIL06b3CpQ=
Subject key identifier: 4E:A0:F6:A2:6B:43:F4:58:E8:94:37:A9:EA:85:48:8D:08:29:FD:E2
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 18BE32E6E6E70873586F5871C8F0D0A471284ECD
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/85056db0-2868-4547-8893-66ae7ad101d4.roa
Signing time: Sat 28 Feb 2026 06:30:54 +0000
ROA not before: Sat 28 Feb 2026 06:30:54 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.90.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:be:32:e6:e6:e7:08:73:58:6f:58:71:c8:f0:d0:a4:71:28:4e:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 28 06:30:54 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=dfbe24a26eccffd6e5936a39757410e84abc89c29eae26a32dd729f10f44ed07, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:e4:75:17:20:f7:62:0d:d0:86:4b:0f:d5:41:
1a:b5:75:3e:ac:f2:f2:ad:8a:3c:0c:e9:75:88:c2:
95:72:6e:c9:5f:41:27:84:38:79:48:57:22:a0:11:
d1:49:b2:73:8f:36:17:14:d2:7e:e6:e2:d3:e1:92:
27:be:4b:c4:d7:00:cf:8f:64:c6:e6:93:14:6f:ac:
c6:f5:e5:38:be:db:b3:42:da:43:7b:bb:a6:6e:f5:
99:5c:d1:70:c4:7d:94:4f:45:62:31:7b:1e:00:3c:
23:e4:8a:68:f5:4c:7b:c2:a6:1d:ef:3e:5b:44:78:
e8:86:f7:e3:ab:75:a5:3a:9d:33:a7:4d:b6:17:40:
05:56:5c:6d:33:5c:ac:68:8e:e3:13:3d:3c:7b:33:
0e:e1:63:e4:1f:bc:5e:8a:e6:fd:aa:99:92:ec:e5:
30:85:b7:65:1b:70:7c:19:42:ae:db:d8:d3:8d:6e:
73:eb:60:a1:38:b1:b6:3d:c1:4b:fd:b8:59:f2:bc:
32:34:72:1f:12:75:97:56:d5:43:b4:d5:21:bf:08:
2c:16:26:13:ff:21:03:ff:1d:a3:d5:d2:18:5d:20:
91:0e:8f:c7:33:ae:aa:9f:2e:c2:b8:a8:68:0c:53:
32:07:2d:40:9c:15:f4:c4:a1:76:ae:d1:fb:04:bb:
6f:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:A0:F6:A2:6B:43:F4:58:E8:94:37:A9:EA:85:48:8D:08:29:FD:E2
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/85056db0-2868-4547-8893-66ae7ad101d4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.90.0.0/16
Signature Algorithm: sha256WithRSAEncryption
88:9b:20:5b:3b:b7:d8:48:91:45:2e:32:ef:84:19:9c:35:f8:
f3:1e:57:79:85:72:24:da:79:19:6a:16:47:b9:35:70:90:73:
0c:91:0e:07:d8:5c:e1:b4:9b:87:16:69:1e:09:6e:51:36:80:
15:ff:a4:88:2b:fd:7a:83:ce:38:78:2c:a4:ff:08:d6:17:1b:
4d:9e:c3:9c:3e:68:b1:81:29:9a:de:32:6e:56:00:1b:be:69:
a1:93:fc:64:c0:f1:ad:84:96:c7:0c:8e:8a:8f:02:b1:f8:c9:
bf:b1:7c:f4:16:a1:b2:03:d3:11:c5:9f:a2:b8:35:98:d2:dc:
32:d4:46:5f:52:b4:74:9a:9e:2e:c6:04:56:66:ad:e0:1c:07:
05:a7:5f:72:83:52:8b:66:1e:0c:7d:a5:81:4c:76:0b:4d:82:
6c:b3:04:6b:7a:50:db:1d:0b:a7:52:fc:dc:83:87:0f:c2:8c:
67:81:b7:d2:19:75:cd:61:da:06:92:d7:f9:d9:92:05:3c:86:
d0:31:5b:f9:03:e8:08:75:5b:f8:c8:c5:9d:89:7f:d8:36:be:
37:6a:ea:f8:12:f7:1f:3a:4b:8b:c0:70:86:c2:8b:46:1b:00:
79:f5:a0:71:8d:9a:e1:b2:1e:49:52:fc:10:6f:be:8d:34:6a:
f9:10:a1:36
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUGL4y5ubnCHNYb1hxyPDQpHEoTs0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMjgwNjMwNTRaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGRmYmUyNGEyNmVjY2ZmZDZlNTkzNmEzOTc1NzQxMGU4NGFiYzg5YzI5ZWFl
MjZhMzJkZDcyOWYxMGY0NGVkMDcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANbkdRcg92IN0IZLD9VBGrV1Pqzy8q2KPAzpdYjClXJuyV9BJ4Q4eUhXIqAR
0Umyc482FxTSfubi0+GSJ75LxNcAz49kxuaTFG+sxvXlOL7bs0LaQ3u7pm71mVzR
cMR9lE9FYjF7HgA8I+SKaPVMe8KmHe8+W0R46Ib346t1pTqdM6dNthdABVZcbTNc
rGiO4xM9PHszDuFj5B+8Xorm/aqZkuzlMIW3ZRtwfBlCrtvY041uc+tgoTixtj3B
S/24WfK8MjRyHxJ1l1bVQ7TVIb8ILBYmE/8hA/8do9XSGF0gkQ6PxzOuqp8uwrio
aAxTMgctQJwV9MShdq7R+wS7b7MCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBROoPai
a0P0WOiUN6nqhUiNCCn94jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODUwNTZkYjAtMjg2OC00NTQ3LTg4OTMtNjZhZTdhZDEwMWQ0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNaMA0G
CSqGSIb3DQEBCwUAA4IBAQCImyBbO7fYSJFFLjLvhBmcNfjzHld5hXIk2nkZahZH
uTVwkHMMkQ4H2FzhtJuHFmkeCW5RNoAV/6SIK/16g844eCyk/wjWFxtNnsOcPmix
gSma3jJuVgAbvmmhk/xkwPGthJbHDI6KjwKx+Mm/sXz0FqGyA9MRxZ+iuDWY0twy
1EZfUrR0mp4uxgRWZq3gHAcFp19yg1KLZh4MfaWBTHYLTYJsswRrelDbHQunUvzc
g4cPwoxngbfSGXXNYdoGktf52ZIFPIbQMVv5A+gIdVv4yMWdiX/YNr43aur4Evcf
OkuLwHCGwotGGwB59aBxjZrhsh5JUvwQb76NNGr5EKE2
-----END CERTIFICATE-----
Generated at Mon Mar 2 15:49:48 2026 by rpki-client