Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8551266c-ef98-4dd7-801f-d816ee2eeade.roa
File: 8551266c-ef98-4dd7-801f-d816ee2eeade.roa (raw, json)
Hash identifier: nYNfiEReHe9D7Bfp/IS2f32ACwPgAYxKLuiAHPdd2/o=
Subject key identifier: D2:B7:3D:9F:83:41:1A:37:21:68:DB:DA:5C:0A:7F:5D:41:E3:C8:AD
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1E507E5884EBFCD11FFC3C8854791A1B704B31A7
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8551266c-ef98-4dd7-801f-d816ee2eeade.roa
Signing time: Sat 28 Feb 2026 06:40:37 +0000
ROA not before: Sat 28 Feb 2026 06:40:37 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.176.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:50:7e:58:84:eb:fc:d1:1f:fc:3c:88:54:79:1a:1b:70:4b:31:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 28 06:40:37 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=7720f4ceadcfa9207c805b600346b059b2d632febff746aaeea3f55da41309be, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:63:93:a8:b9:ea:8b:6e:92:5a:37:ba:4d:09:
90:35:bf:cc:20:0f:a5:75:02:8b:10:33:1b:41:a3:
03:1f:bf:41:70:6c:db:d6:12:c0:f3:b1:44:d4:81:
76:ca:3b:48:4f:ac:4d:3e:45:6b:3c:d4:f6:e3:26:
29:d5:47:35:64:be:1c:f7:64:f6:6c:c1:e2:7d:a0:
20:54:fa:4e:e8:35:b5:83:28:e2:be:7c:8a:a1:5e:
0a:c4:e7:c3:ae:ed:4a:78:5f:9c:10:0f:5a:0c:56:
1b:0f:5e:99:67:f5:93:29:34:84:bf:bb:62:51:2e:
d0:aa:25:fb:b5:5b:b7:47:8c:94:d2:99:40:ba:34:
1d:1d:ec:d8:f3:03:c7:02:91:2b:06:54:47:4d:32:
f9:25:4b:e2:4d:4d:75:d9:95:42:95:42:e7:f7:90:
db:9a:32:ab:d1:e0:de:25:32:b0:c2:80:59:cf:6d:
8c:9a:10:73:ca:02:b4:ba:8b:6d:c4:ee:e7:db:eb:
b7:3f:c6:0d:49:a3:f1:ae:c5:9b:4b:c4:ab:57:3a:
0e:c8:9e:a5:e8:97:b9:35:f6:c5:24:b1:17:a6:6e:
16:b1:64:f6:6b:24:01:90:4c:18:87:cd:b0:40:69:
09:a1:63:33:43:f3:72:83:03:dc:7d:92:66:33:5e:
84:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:B7:3D:9F:83:41:1A:37:21:68:DB:DA:5C:0A:7F:5D:41:E3:C8:AD
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8551266c-ef98-4dd7-801f-d816ee2eeade.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.176.0.0/15
Signature Algorithm: sha256WithRSAEncryption
8c:1f:cb:22:df:ee:ec:d8:e3:15:c2:36:63:02:4a:50:61:99:
8d:05:44:82:25:e3:f6:58:07:72:16:a9:e3:a7:e5:1d:9b:83:
0b:77:f8:d3:5c:65:71:49:2a:dd:fd:df:f4:4b:40:64:7a:66:
e8:2d:19:d1:c3:f6:0d:1b:00:29:a0:0e:9b:18:35:75:7c:0d:
f9:00:61:f4:68:8e:fd:06:19:0c:45:a6:c2:69:38:dd:2c:de:
47:37:70:56:3f:80:95:e9:7a:1e:a4:4f:46:80:0c:a9:e5:e3:
bc:88:f3:17:a5:d8:e2:90:06:5e:6f:d9:53:e7:2a:85:85:f2:
20:68:6a:26:71:be:6b:9c:c4:62:40:75:89:41:fe:b3:f4:43:
51:a0:b5:84:90:13:c0:07:cb:27:12:30:ec:e1:a2:0d:c4:48:
f4:21:01:76:d4:54:88:96:8e:80:01:fd:41:97:28:f1:00:62:
df:25:44:8e:6f:40:b3:f6:1c:1f:dd:5a:09:8a:bb:b2:31:15:
6c:5e:c6:97:ec:df:12:d6:24:7d:b0:2a:f7:54:d0:6d:68:99:
b3:0f:df:ab:7f:3d:22:bc:1f:25:47:a0:35:2a:b7:f1:57:e4:
35:d6:a3:97:f8:56:82:04:25:cd:11:08:d2:c6:d8:b0:e2:d9:
f9:62:57:c5
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUHlB+WITr/NEf/DyIVHkaG3BLMacwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMjgwNjQwMzdaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDc3MjBmNGNlYWRjZmE5MjA3YzgwNWI2MDAzNDZiMDU5YjJkNjMyZmViZmY3
NDZhYWVlYTNmNTVkYTQxMzA5YmUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALJjk6i56otuklo3uk0JkDW/zCAPpXUCixAzG0GjAx+/QXBs29YSwPOxRNSB
dso7SE+sTT5FazzU9uMmKdVHNWS+HPdk9mzB4n2gIFT6Tug1tYMo4r58iqFeCsTn
w67tSnhfnBAPWgxWGw9emWf1kyk0hL+7YlEu0Kol+7Vbt0eMlNKZQLo0HR3s2PMD
xwKRKwZUR00y+SVL4k1NddmVQpVC5/eQ25oyq9Hg3iUysMKAWc9tjJoQc8oCtLqL
bcTu59vrtz/GDUmj8a7Fm0vEq1c6DsiepeiXuTX2xSSxF6ZuFrFk9mskAZBMGIfN
sEBpCaFjM0PzcoMD3H2SZjNehBsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTStz2f
g0EaNyFo29pcCn9dQePIrTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODU1MTI2NmMtZWY5OC00ZGQ3LTgwMWYtZDgxNmVlMmVlYWRlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOwMA0G
CSqGSIb3DQEBCwUAA4IBAQCMH8si3+7s2OMVwjZjAkpQYZmNBUSCJeP2WAdyFqnj
p+Udm4MLd/jTXGVxSSrd/d/0S0BkemboLRnRw/YNGwApoA6bGDV1fA35AGH0aI79
BhkMRabCaTjdLN5HN3BWP4CV6XoepE9GgAyp5eO8iPMXpdjikAZeb9lT5yqFhfIg
aGomcb5rnMRiQHWJQf6z9ENRoLWEkBPAB8snEjDs4aINxEj0IQF21FSIlo6AAf1B
lyjxAGLfJUSOb0Cz9hwf3VoJiruyMRVsXsaX7N8S1iR9sCr3VNBtaJmzD9+rfz0i
vB8lR6A1KrfxV+Q11qOX+FaCBCXNEQjSxtiw4tn5YlfF
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:35:10 2026 by rpki-client