Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8d2d588e-ac05-4633-acba-4d5705f7071e.roa
File: 8d2d588e-ac05-4633-acba-4d5705f7071e.roa (raw, json)
Hash identifier: reGYnpNB7GYvZ7CO/VL12gY3G1bY06uquaUovXp+Nuk=
Subject key identifier: 8D:1A:4E:1C:03:C4:9E:2C:BF:EE:A5:7C:DB:A0:25:62:DE:3E:C2:33
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5DC983EE13DF0922DB539C794CAF7B205A70778F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8d2d588e-ac05-4633-acba-4d5705f7071e.roa
Signing time: Sat 28 Feb 2026 06:40:04 +0000
ROA not before: Sat 28 Feb 2026 06:40:04 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.180.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:c9:83:ee:13:df:09:22:db:53:9c:79:4c:af:7b:20:5a:70:77:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 28 06:40:04 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=0ac1fe00b609695fc320b723a00c63ba5729a15966b24be213e7f06309d2c9eb, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:b1:8b:ac:53:9f:d4:f1:c3:55:03:a0:fd:25:
99:e2:0f:ac:66:4f:24:e1:00:f8:6d:e8:38:2a:44:
bb:0c:97:c0:76:da:40:a4:45:81:74:f3:c9:1e:a9:
3c:cd:a0:45:53:03:f8:b0:eb:d7:1b:6f:83:31:d3:
42:a0:34:e3:18:15:92:6d:72:6b:0b:6b:9c:e9:09:
fc:36:ee:c8:14:85:0d:87:ed:ad:1a:d6:93:b1:7e:
ae:74:b2:f5:af:cc:84:29:17:70:4c:c6:ea:11:15:
d6:0c:d2:6a:65:3e:97:d4:8d:86:da:30:ad:db:3f:
f1:62:cd:84:d5:7a:fc:fb:39:b4:39:1e:98:82:e9:
ae:6f:a3:76:cd:ca:7b:ce:1f:d7:6a:0f:86:f5:44:
61:1c:2d:eb:9a:b4:28:a3:d8:57:10:ab:4d:79:c2:
18:eb:9f:37:28:6f:7d:73:3c:43:a2:35:56:e1:a1:
85:0e:27:3b:2e:b9:b9:f7:f2:1b:96:e8:4c:00:9e:
a1:9e:c7:f3:05:b8:c1:35:0a:57:ee:43:d4:e3:a5:
27:48:7c:e0:cf:71:a5:ee:3d:3e:88:64:fa:79:6d:
e0:93:33:12:a1:f1:90:cc:67:69:91:7f:f6:fd:c6:
4a:9a:1d:13:da:6c:5d:38:68:fc:24:72:e2:3c:ae:
df:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:1A:4E:1C:03:C4:9E:2C:BF:EE:A5:7C:DB:A0:25:62:DE:3E:C2:33
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8d2d588e-ac05-4633-acba-4d5705f7071e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.180.0.0/15
Signature Algorithm: sha256WithRSAEncryption
2b:70:37:9d:0f:dd:b6:9a:89:59:ae:24:f3:29:89:93:ac:cf:
84:f2:09:47:e0:39:11:5e:c2:06:65:82:fd:d5:98:a3:2a:9d:
16:04:03:b5:b4:1e:c6:3e:10:3b:76:41:75:5a:dd:a7:2b:a0:
25:38:c4:9e:e6:00:80:93:91:98:4b:cc:fe:6b:de:8c:42:dc:
c4:e5:87:09:2a:84:2e:44:43:e5:17:a1:a4:5e:2d:40:6d:dd:
bb:c0:4d:d7:ab:c8:b6:a5:3f:7f:bd:10:42:08:a8:1c:4e:3e:
9b:98:ba:82:0f:a9:c3:f2:bb:58:67:3b:5b:46:bf:04:ac:3f:
44:8e:be:0e:fe:72:95:d5:59:74:dd:19:62:cb:9a:78:8d:53:
b3:8c:ea:f2:e5:d0:70:52:7c:4e:c2:7e:f7:ab:5f:03:8b:be:
88:64:fb:4e:c1:4e:b5:5f:f2:db:ae:04:bc:32:5b:2f:37:ff:
88:2a:7e:ee:1f:e9:f9:50:bd:ff:92:88:1f:24:ee:e4:5e:6f:
d6:87:28:1a:e4:40:ae:1e:46:5c:7e:87:13:76:c1:46:a8:c5:
35:44:a1:82:91:fd:f3:9d:42:54:d5:7c:dc:cf:25:ef:09:21:
a3:87:8a:ea:e1:c2:9b:45:e0:b9:f0:f1:e9:d4:e7:d2:fc:cb:
e9:ad:73:84
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUXcmD7hPfCSLbU5x5TK97IFpwd48wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMjgwNjQwMDRaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDBhYzFmZTAwYjYwOTY5NWZjMzIwYjcyM2EwMGM2M2JhNTcyOWExNTk2NmIy
NGJlMjEzZTdmMDYzMDlkMmM5ZWIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN6xi6xTn9Txw1UDoP0lmeIPrGZPJOEA+G3oOCpEuwyXwHbaQKRFgXTzyR6p
PM2gRVMD+LDr1xtvgzHTQqA04xgVkm1yawtrnOkJ/DbuyBSFDYftrRrWk7F+rnSy
9a/MhCkXcEzG6hEV1gzSamU+l9SNhtowrds/8WLNhNV6/Ps5tDkemILprm+jds3K
e84f12oPhvVEYRwt65q0KKPYVxCrTXnCGOufNyhvfXM8Q6I1VuGhhQ4nOy65uffy
G5boTACeoZ7H8wW4wTUKV+5D1OOlJ0h84M9xpe49Pohk+nlt4JMzEqHxkMxnaZF/
9v3GSpodE9psXTho/CRy4jyu3xUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSNGk4c
A8SeLL/upXzboCVi3j7CMzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGQyZDU4OGUtYWMwNS00NjMzLWFjYmEtNGQ1NzA1ZjcwNzFlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATO0MA0G
CSqGSIb3DQEBCwUAA4IBAQArcDedD922molZriTzKYmTrM+E8glH4DkRXsIGZYL9
1ZijKp0WBAO1tB7GPhA7dkF1Wt2nK6AlOMSe5gCAk5GYS8z+a96MQtzE5YcJKoQu
REPlF6GkXi1Abd27wE3Xq8i2pT9/vRBCCKgcTj6bmLqCD6nD8rtYZztbRr8ErD9E
jr4O/nKV1Vl03Rliy5p4jVOzjOry5dBwUnxOwn73q18Di76IZPtOwU61X/LbrgS8
MlsvN/+IKn7uH+n5UL3/kogfJO7kXm/Whyga5ECuHkZcfocTdsFGqMU1RKGCkf3z
nUJU1XzczyXvCSGjh4rq4cKbReC58PHp1OfS/MvprXOE
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:51:20 2026 by rpki-client