Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8d2d588e-ac05-4633-acba-4d5705f7071e.roa
File: 8d2d588e-ac05-4633-acba-4d5705f7071e.roa (raw, json)
Hash identifier: PchCFOVOt4J5jJcQNyI1PqKq0Fe/64mJ4E/li0OQIEk=
Subject key identifier: 41:E5:44:63:FA:E4:7A:E9:42:52:60:22:D1:7E:9F:CD:FC:35:F3:F2
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 52288F8FB34268A53051AD4FA6345A7091A801D8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8d2d588e-ac05-4633-acba-4d5705f7071e.roa
Signing time: Tue 19 May 2026 06:00:50 +0000
ROA not before: Tue 19 May 2026 06:00:50 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.180.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:28:8f:8f:b3:42:68:a5:30:51:ad:4f:a6:34:5a:70:91:a8:01:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 06:00:50 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=c7a5f6790a65d43a57ce49d17eeb1f4d9d159e585f0a43b80b50e86d20760f46, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:0b:29:b5:20:e1:6d:d8:49:0b:d5:89:16:4a:
00:c0:5b:dc:4d:0a:64:95:eb:1f:67:d2:64:bb:62:
21:4d:6c:94:f1:47:86:e2:10:fa:e1:39:c7:6c:c2:
96:23:cb:b1:5a:55:00:b5:6e:e6:ac:5f:62:4b:8d:
2a:5d:6e:98:32:58:f9:3d:81:58:90:fd:98:25:d5:
93:4b:21:c8:12:68:34:53:09:fa:79:ab:d5:c1:c9:
a4:7e:7a:01:10:4e:0c:51:c5:e7:9b:a2:d5:10:d9:
91:db:b0:24:78:e7:73:f2:cb:c5:1a:9a:8f:39:05:
9c:45:62:b8:26:22:41:8d:ab:84:56:15:26:9a:1b:
fe:c3:65:ea:84:39:0c:74:4f:2e:17:8a:ae:eb:4a:
0e:6e:a4:29:7a:54:48:6c:0e:cc:80:e3:c0:df:69:
53:01:70:b5:8f:cd:92:42:ab:33:6d:ed:c7:95:99:
3e:9c:fa:9f:57:f3:04:63:6e:ee:26:4d:a1:fb:b5:
b1:7c:49:bd:ea:34:af:7c:37:19:4f:12:2f:d6:fc:
97:58:7b:dd:ed:8c:2f:a5:79:7d:a3:95:ee:61:56:
c2:f1:88:b1:75:25:72:f4:6e:11:00:3c:b5:22:e2:
f0:23:c6:76:c2:3b:a9:93:c6:a0:78:f8:01:58:39:
96:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:E5:44:63:FA:E4:7A:E9:42:52:60:22:D1:7E:9F:CD:FC:35:F3:F2
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8d2d588e-ac05-4633-acba-4d5705f7071e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.180.0.0/15
Signature Algorithm: sha256WithRSAEncryption
29:5e:4c:7e:86:82:10:b2:dd:60:26:40:57:91:ff:8d:0b:6d:
4c:08:cd:dc:27:66:a3:79:1d:e7:9c:01:d9:c8:15:23:88:f2:
cd:06:88:2c:e5:d7:80:c6:1b:8a:11:6a:d6:1e:2b:5b:e6:b7:
cd:66:48:f5:a3:f9:b9:6b:60:10:fb:b9:6a:9a:08:90:03:29:
1b:5c:94:ea:60:b7:bb:ae:ef:03:03:0f:ad:d2:c2:87:a8:61:
e2:40:57:8e:27:f2:6d:b2:f2:8e:23:f6:6a:33:92:1c:18:77:
f5:5e:46:61:be:62:89:11:27:ad:45:00:e8:87:52:52:eb:a0:
7e:cc:7c:c9:0a:a0:ff:b2:bb:0b:44:61:64:50:fb:5a:20:18:
73:a2:57:48:c3:00:d1:dd:09:1b:df:6e:d1:d9:84:9d:d3:bd:
f2:4f:70:b1:30:8d:ac:9d:71:54:55:4b:74:65:17:f6:36:2e:
24:69:63:86:ed:04:4f:1b:e3:d0:27:00:12:11:5b:98:6c:0b:
f4:df:11:33:4b:60:c5:7f:7b:67:ee:0e:59:51:41:61:6d:dd:
97:da:ec:b2:f8:b6:4c:20:21:b2:05:97:b8:4f:15:23:74:14:
14:79:74:1b:14:9f:75:cc:75:c6:ac:ac:68:d4:cf:12:1d:da:
63:10:c2:f5
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUUiiPj7NCaKUwUa1PpjRacJGoAdgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNjAwNTBaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGM3YTVmNjc5MGE2NWQ0M2E1N2NlNDlkMTdlZWIxZjRkOWQxNTllNTg1ZjBh
NDNiODBiNTBlODZkMjA3NjBmNDYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK0LKbUg4W3YSQvViRZKAMBb3E0KZJXrH2fSZLtiIU1slPFHhuIQ+uE5x2zC
liPLsVpVALVu5qxfYkuNKl1umDJY+T2BWJD9mCXVk0shyBJoNFMJ+nmr1cHJpH56
ARBODFHF55ui1RDZkduwJHjnc/LLxRqajzkFnEViuCYiQY2rhFYVJpob/sNl6oQ5
DHRPLheKrutKDm6kKXpUSGwOzIDjwN9pUwFwtY/NkkKrM23tx5WZPpz6n1fzBGNu
7iZNofu1sXxJveo0r3w3GU8SL9b8l1h73e2ML6V5faOV7mFWwvGIsXUlcvRuEQA8
tSLi8CPGdsI7qZPGoHj4AVg5lnUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRB5URj
+uR66UJSYCLRfp/N/DXz8jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGQyZDU4OGUtYWMwNS00NjMzLWFjYmEtNGQ1NzA1ZjcwNzFlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATO0MA0G
CSqGSIb3DQEBCwUAA4IBAQApXkx+hoIQst1gJkBXkf+NC21MCM3cJ2ajeR3nnAHZ
yBUjiPLNBogs5deAxhuKEWrWHitb5rfNZkj1o/m5a2AQ+7lqmgiQAykbXJTqYLe7
ru8DAw+t0sKHqGHiQFeOJ/JtsvKOI/ZqM5IcGHf1XkZhvmKJESetRQDoh1JS66B+
zHzJCqD/srsLRGFkUPtaIBhzoldIwwDR3Qkb327R2YSd073yT3CxMI2snXFUVUt0
ZRf2Ni4kaWOG7QRPG+PQJwASEVuYbAv03xEzS2DFf3tn7g5ZUUFhbd2X2uyy+LZM
ICGyBZe4TxUjdBQUeXQbFJ91zHXGrKxo1M8SHdpjEML1
-----END CERTIFICATE-----
Generated at Sat Jun 13 13:42:56 2026 by rpki-client