Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8c7710c7-6ab8-4545-b04c-0bbeaa573eae.roa
File: 8c7710c7-6ab8-4545-b04c-0bbeaa573eae.roa (raw, json)
Hash identifier: /MxUaiCDCEBEDxHXduRruYg5RAiKJbITuf2Gg8tlNns=
Subject key identifier: D4:EC:42:0A:7C:9C:45:F3:9B:F1:14:DE:A1:76:27:0C:5E:FB:B5:81
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 48006AC9B5021AA902DB72AA85D4955E990A2FF9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8c7710c7-6ab8-4545-b04c-0bbeaa573eae.roa
Signing time: Sun 01 Mar 2026 01:00:31 +0000
ROA not before: Sun 01 Mar 2026 01:00:31 +0000
ROA not after: Sat 30 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.112.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:00:6a:c9:b5:02:1a:a9:02:db:72:aa:85:d4:95:5e:99:0a:2f:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 1 01:00:31 2026 GMT
Not After : May 30 23:59:59 2026 GMT
Subject: serialNumber=515590a57109cd939ddc4b23ecda6ad3551b4dd61715bbe0e22ffbc22d883117, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:a3:ce:90:38:2d:20:2d:5c:4c:fd:3c:f6:01:
8c:04:88:65:3d:48:57:0c:4c:a0:df:9d:ae:bc:37:
c2:60:d2:3a:26:5f:e8:ab:39:4e:1a:c2:ff:d4:6b:
f7:3a:a2:ca:68:4e:2e:85:b2:35:d9:76:68:de:4d:
5b:b4:95:d0:07:26:bf:ea:93:c9:bd:64:2d:9c:72:
9d:a1:83:c0:d7:52:6a:22:35:ae:05:7f:f3:dd:46:
91:51:cd:8f:2b:66:1f:93:ee:5f:5f:12:4e:6f:43:
dc:bf:e4:70:bd:2b:e1:fe:26:95:dd:71:67:a1:43:
14:ef:25:24:ec:4c:95:08:2b:28:11:3f:f5:37:82:
dc:93:20:5e:e8:d3:42:4b:1e:52:e4:f3:3d:05:ce:
20:6e:6e:4c:89:aa:22:26:43:00:79:01:69:5b:37:
89:c2:e9:8e:58:23:c4:66:8c:e9:59:51:54:13:a6:
8c:44:8d:a2:d9:93:4a:aa:48:70:a4:f2:c7:95:86:
ac:c3:4b:ff:a7:02:6e:2a:da:ce:8c:5d:8d:67:86:
31:39:21:8e:72:91:4e:64:2a:e9:4e:77:5f:12:c2:
2a:f2:c4:01:88:1c:ea:d5:15:1f:2d:cb:2f:7e:0a:
78:ac:c6:34:03:02:8c:8e:d0:79:26:6f:eb:11:e0:
3c:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:EC:42:0A:7C:9C:45:F3:9B:F1:14:DE:A1:76:27:0C:5E:FB:B5:81
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8c7710c7-6ab8-4545-b04c-0bbeaa573eae.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.112.0.0/16
Signature Algorithm: sha256WithRSAEncryption
d1:33:c6:c4:17:57:3b:08:cd:01:42:a5:71:6a:84:de:5d:77:
23:f4:3c:37:e9:2d:de:24:78:25:26:06:a9:d9:61:f8:aa:2d:
1d:56:dd:ad:49:3e:2f:43:5d:59:02:1e:dd:54:04:6a:9e:f2:
cb:16:3b:e7:8a:53:f1:25:b6:ea:0d:9e:24:15:8a:e7:0e:93:
da:b4:84:ed:a0:ce:50:20:b4:71:4f:89:b0:b2:59:e8:61:89:
62:23:3f:02:af:01:db:de:b0:ba:86:20:8e:2b:c8:1c:88:8c:
59:c6:d2:58:74:cf:59:92:db:23:19:22:e2:fa:55:8d:36:1c:
71:8c:1e:9e:c5:3e:80:dd:2e:2a:28:e5:5d:71:c3:b8:2e:5a:
f3:d5:da:25:25:83:76:5b:13:85:50:2d:d6:c7:aa:74:51:3f:
d9:7f:5b:49:c2:e6:cf:fb:f6:64:f3:9a:6f:9e:4d:4c:cc:ab:
e0:a4:da:dd:a4:1e:bf:e2:83:0f:4c:ff:0a:31:e2:c0:08:32:
ee:3d:0b:d2:8d:fd:09:a8:8b:80:15:b9:d7:1e:ca:9f:d7:56:
8a:ad:48:2c:6c:55:89:0a:b8:50:43:c9:97:fb:f1:b9:21:a3:
da:b1:47:47:26:a3:1c:d5:d9:1b:5a:92:dd:03:95:60:78:ed:
b8:bb:2c:c9
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUSABqybUCGqkC23KqhdSVXpkKL/kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAzMDEwMTAwMzFaFw0yNjA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDUxNTU5MGE1NzEwOWNkOTM5ZGRjNGIyM2VjZGE2YWQzNTUxYjRkZDYxNzE1
YmJlMGUyMmZmYmMyMmQ4ODMxMTcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANajzpA4LSAtXEz9PPYBjASIZT1IVwxMoN+drrw3wmDSOiZf6Ks5ThrC/9Rr
9zqiymhOLoWyNdl2aN5NW7SV0Acmv+qTyb1kLZxynaGDwNdSaiI1rgV/891GkVHN
jytmH5PuX18STm9D3L/kcL0r4f4mld1xZ6FDFO8lJOxMlQgrKBE/9TeC3JMgXujT
QkseUuTzPQXOIG5uTImqIiZDAHkBaVs3icLpjlgjxGaM6VlRVBOmjESNotmTSqpI
cKTyx5WGrMNL/6cCbirazoxdjWeGMTkhjnKRTmQq6U53XxLCKvLEAYgc6tUVHy3L
L34KeKzGNAMCjI7QeSZv6xHgPJkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTU7EIK
fJxF85vxFN6hdicMXvu1gTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGM3NzEwYzctNmFiOC00NTQ1LWIwNGMtMGJiZWFhNTczZWFlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNwMA0G
CSqGSIb3DQEBCwUAA4IBAQDRM8bEF1c7CM0BQqVxaoTeXXcj9Dw36S3eJHglJgap
2WH4qi0dVt2tST4vQ11ZAh7dVARqnvLLFjvnilPxJbbqDZ4kFYrnDpPatITtoM5Q
ILRxT4mwslnoYYliIz8CrwHb3rC6hiCOK8gciIxZxtJYdM9ZktsjGSLi+lWNNhxx
jB6exT6A3S4qKOVdccO4Llrz1dolJYN2WxOFUC3Wx6p0UT/Zf1tJwubP+/Zk85pv
nk1MzKvgpNrdpB6/4oMPTP8KMeLACDLuPQvSjf0JqIuAFbnXHsqf11aKrUgsbFWJ
CrhQQ8mX+/G5IaPasUdHJqMc1dkbWpLdA5VgeO24uyzJ
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:27:51 2026 by rpki-client