Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/85620864-b6e3-4aeb-8798-74669cc5226c.roa
File: 85620864-b6e3-4aeb-8798-74669cc5226c.roa (raw, json)
Hash identifier: cLvtD3ckr4AwVoD7i7JyU0+iZ1doEvn5GccI2dwdouY=
Subject key identifier: C0:BB:12:FE:9B:C0:25:8B:F1:33:37:55:A2:76:E9:AC:89:74:92:82
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 130DAB15B4747E22A261A6C7ED8348449F5B5CF8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/85620864-b6e3-4aeb-8798-74669cc5226c.roa
Signing time: Sat 28 Feb 2026 06:40:05 +0000
ROA not before: Sat 28 Feb 2026 06:40:05 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 14618
IP address blocks: 51.202.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:0d:ab:15:b4:74:7e:22:a2:61:a6:c7:ed:83:48:44:9f:5b:5c:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 28 06:40:05 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=924e15c37fd8fd1ffc8d53dec3d68b7048c0162a1e92788576b34f6a21d87497, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:05:da:51:68:13:41:4d:15:a5:35:53:eb:f1:
49:82:69:88:f4:a2:74:26:c2:5c:83:11:e9:ac:df:
4a:f4:80:7f:31:4a:13:49:85:a5:0d:48:37:15:5f:
42:a8:b5:f3:2d:61:27:05:d4:d3:1b:bd:de:e4:64:
dd:91:1e:56:43:1d:8e:cb:3c:5f:a6:f0:05:d8:0e:
93:32:1a:3d:c8:b7:8f:2a:2f:d0:38:2a:cb:45:94:
a2:22:65:18:dd:ef:1c:ce:69:88:26:5f:17:4b:ca:
d8:ef:e4:3b:c5:ac:21:ba:16:63:81:75:b2:fe:08:
2b:e4:04:4c:84:40:68:9a:76:9c:5b:5e:42:de:c6:
8f:5c:80:71:f4:84:d5:dd:fb:01:d9:67:30:01:16:
db:ad:4a:cb:26:bd:fc:57:a6:c7:db:71:09:71:f4:
27:5e:d6:e3:dd:4b:5b:35:95:64:ba:0f:4a:91:49:
0d:e2:fa:d5:b4:c2:90:f4:2f:0d:6f:9e:f2:ca:c0:
68:6b:27:9c:0b:d1:09:d1:8d:4f:98:0f:3e:c7:f9:
3e:6b:6e:66:ba:32:86:c0:fb:01:6e:02:4c:14:9f:
8e:20:75:72:e1:63:1f:a1:b3:17:5a:3e:54:7f:66:
7f:33:93:74:ac:7c:36:1a:40:ca:36:af:73:9b:6f:
64:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:BB:12:FE:9B:C0:25:8B:F1:33:37:55:A2:76:E9:AC:89:74:92:82
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/85620864-b6e3-4aeb-8798-74669cc5226c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.202.0.0/15
Signature Algorithm: sha256WithRSAEncryption
a6:9e:36:9c:77:43:22:9e:ba:18:c1:14:49:67:35:33:0b:2c:
9a:97:57:10:fc:d1:a4:4b:f5:98:e8:9a:da:9e:61:5c:d0:f7:
8e:47:15:c2:87:a1:74:d5:60:c8:d6:b7:db:8e:d4:db:2b:56:
58:7c:91:f0:42:c8:37:4f:ef:38:64:cf:ff:fb:59:58:da:25:
21:46:0f:48:41:99:e3:4b:da:78:b9:3a:20:b3:1e:36:dc:3a:
a2:de:52:15:b2:cf:47:8f:21:d2:3b:73:67:21:d8:87:a3:f3:
03:ed:3b:34:08:07:c5:0f:e6:1d:1b:27:82:fd:f2:cf:05:3d:
51:7b:ac:76:f7:95:13:c2:db:ee:22:f5:25:7a:65:01:39:d8:
e0:ca:d4:a1:4d:1d:9a:74:5c:81:9c:b6:38:1e:e2:3e:3c:c5:
1d:88:45:f7:86:75:d7:2f:88:bf:29:d0:e8:f0:f7:52:a6:d0:
88:89:3d:a9:28:cd:1e:ca:b6:05:df:07:81:99:53:69:43:a3:
c0:a9:b1:3a:6c:67:1e:9c:46:92:1c:83:69:63:21:f9:8c:e2:
7d:b1:21:72:02:d5:b6:6c:2e:fc:e6:87:7c:09:5e:50:b4:67:
e7:0d:d8:7f:82:7d:e8:76:eb:aa:c9:9a:8b:ba:11:c3:d1:87:
c6:55:81:21
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUEw2rFbR0fiKiYabH7YNIRJ9bXPgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMjgwNjQwMDVaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDkyNGUxNWMzN2ZkOGZkMWZmYzhkNTNkZWMzZDY4YjcwNDhjMDE2MmExZTky
Nzg4NTc2YjM0ZjZhMjFkODc0OTcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMQF2lFoE0FNFaU1U+vxSYJpiPSidCbCXIMR6azfSvSAfzFKE0mFpQ1INxVf
Qqi18y1hJwXU0xu93uRk3ZEeVkMdjss8X6bwBdgOkzIaPci3jyov0Dgqy0WUoiJl
GN3vHM5piCZfF0vK2O/kO8WsIboWY4F1sv4IK+QETIRAaJp2nFteQt7Gj1yAcfSE
1d37AdlnMAEW261Kyya9/Femx9txCXH0J17W491LWzWVZLoPSpFJDeL61bTCkPQv
DW+e8srAaGsnnAvRCdGNT5gPPsf5PmtuZroyhsD7AW4CTBSfjiB1cuFjH6GzF1o+
VH9mfzOTdKx8NhpAyjavc5tvZOUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTAuxL+
m8Ali/EzN1WidumsiXSSgjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODU2MjA4NjQtYjZlMy00YWViLTg3OTgtNzQ2NjljYzUyMjZjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPKMA0G
CSqGSIb3DQEBCwUAA4IBAQCmnjacd0MinroYwRRJZzUzCyyal1cQ/NGkS/WY6Jra
nmFc0PeORxXCh6F01WDI1rfbjtTbK1ZYfJHwQsg3T+84ZM//+1lY2iUhRg9IQZnj
S9p4uTogsx423Dqi3lIVss9HjyHSO3NnIdiHo/MD7Ts0CAfFD+YdGyeC/fLPBT1R
e6x295UTwtvuIvUlemUBOdjgytShTR2adFyBnLY4HuI+PMUdiEX3hnXXL4i/KdDo
8PdSptCIiT2pKM0eyrYF3weBmVNpQ6PAqbE6bGcenEaSHINpYyH5jOJ9sSFyAtW2
bC785od8CV5QtGfnDdh/gn3oduuqyZqLuhHD0YfGVYEh
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:57:32 2026 by rpki-client