Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8dcd1031-0c8d-4ee4-9563-57ddb63e1678.roa
File: 8dcd1031-0c8d-4ee4-9563-57ddb63e1678.roa (raw, json)
Hash identifier: FFlqf5s0D0JP2IFYP6B1l/ah5g++9M3mSFny5J2PTIg=
Subject key identifier: 53:D2:93:6F:36:01:1A:7D:91:26:C6:CD:38:65:E8:38:F5:74:59:D5
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7F82537F58896967B58B7634CE9CD429DD66275D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8dcd1031-0c8d-4ee4-9563-57ddb63e1678.roa
Signing time: Sat 28 Feb 2026 06:40:47 +0000
ROA not before: Sat 28 Feb 2026 06:40:47 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.226.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:82:53:7f:58:89:69:67:b5:8b:76:34:ce:9c:d4:29:dd:66:27:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 28 06:40:47 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=2b44d8b9ca07594cb367f3dac4d66247969e395fb91035c3537185469b99133d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:ee:26:d8:58:4b:4a:73:2c:a2:d1:3e:b8:54:
c1:0d:d7:13:91:df:75:e9:e2:d3:af:27:74:3f:2d:
73:2c:8b:b3:ce:b6:e6:96:57:8f:30:9c:a5:7a:0a:
a4:00:4f:a5:26:04:81:a6:47:e2:e0:8f:44:a9:db:
c2:bd:19:82:c3:16:29:12:04:62:28:4d:6a:c3:97:
e6:c1:c5:7e:80:1f:88:19:a0:74:60:cc:7f:e1:25:
23:7c:81:fb:98:1e:00:a2:25:c5:d8:a4:f1:7f:04:
70:5c:8d:b4:f1:16:4e:6b:e2:9c:b2:bc:89:85:9d:
1c:d2:36:8e:a0:fa:64:df:b0:d8:04:29:f4:2d:4d:
51:d0:38:fb:33:3e:0b:71:bf:54:24:e8:02:87:49:
5f:9d:0f:dd:3a:b2:a7:8b:e1:d0:32:e2:7d:e8:cc:
26:59:7f:68:23:05:59:f4:46:17:aa:3c:09:bb:af:
90:dd:f8:7e:8f:8d:83:90:65:c1:ab:05:eb:e4:5f:
82:01:05:5a:73:a4:34:92:51:c2:ef:22:0f:68:4f:
88:30:4b:e2:ef:9a:65:8a:82:04:43:24:11:8b:69:
43:ac:7a:2a:6b:00:8f:43:8c:ca:7f:3c:8c:02:8e:
40:09:c2:16:85:b2:a0:e8:49:87:cc:10:a6:1a:d0:
82:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:D2:93:6F:36:01:1A:7D:91:26:C6:CD:38:65:E8:38:F5:74:59:D5
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8dcd1031-0c8d-4ee4-9563-57ddb63e1678.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.226.0.0/15
Signature Algorithm: sha256WithRSAEncryption
66:6b:09:4a:f2:10:3a:d5:08:32:dd:41:81:0c:12:b1:40:65:
be:05:90:c3:45:ad:50:c5:e1:a0:96:28:e4:97:3c:09:a0:ac:
76:2e:ae:8c:8f:22:f6:f3:dd:1d:88:0c:a6:5e:18:1f:48:88:
99:fb:41:7f:3b:2b:8f:30:1e:12:04:7e:71:a7:2a:ed:34:7b:
63:e8:e4:7a:5a:58:1b:aa:4a:fd:76:64:1a:c5:4d:33:1c:28:
d5:a3:6c:40:2e:de:8b:4d:1f:2f:f9:21:94:ff:85:50:16:3c:
a8:28:e3:c4:23:ca:c5:58:18:5c:db:d3:1d:16:47:83:70:06:
91:bb:81:cd:d3:db:d8:ba:08:a1:5b:a6:95:19:70:a7:f9:1c:
71:9c:d8:40:08:ff:a1:c2:ba:7b:5c:f0:1e:08:72:68:28:b9:
e9:aa:13:f6:d1:7c:e7:64:8e:0e:0e:23:1f:66:6b:49:e6:66:
98:13:bd:2e:d2:12:e3:f5:91:20:8b:73:5b:e2:cb:62:84:09:
af:44:87:5b:c7:fd:4d:98:d1:4e:77:f7:49:01:fe:24:80:64:
b5:b5:4b:b1:cd:07:0f:ca:7a:0b:45:cd:2f:f4:21:ef:85:56:
e1:89:70:69:7f:82:2d:1d:1a:18:71:64:3e:d4:a4:83:21:b5:
38:c4:6e:5f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUf4JTf1iJaWe1i3Y0zpzUKd1mJ10wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMjgwNjQwNDdaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDJiNDRkOGI5Y2EwNzU5NGNiMzY3ZjNkYWM0ZDY2MjQ3OTY5ZTM5NWZiOTEw
MzVjMzUzNzE4NTQ2OWI5OTEzM2QxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKzuJthYS0pzLKLRPrhUwQ3XE5Hfdeni068ndD8tcyyLs8625pZXjzCcpXoK
pABPpSYEgaZH4uCPRKnbwr0ZgsMWKRIEYihNasOX5sHFfoAfiBmgdGDMf+ElI3yB
+5geAKIlxdik8X8EcFyNtPEWTmvinLK8iYWdHNI2jqD6ZN+w2AQp9C1NUdA4+zM+
C3G/VCToAodJX50P3Tqyp4vh0DLifejMJll/aCMFWfRGF6o8CbuvkN34fo+Ng5Bl
wasF6+RfggEFWnOkNJJRwu8iD2hPiDBL4u+aZYqCBEMkEYtpQ6x6KmsAj0OMyn88
jAKOQAnCFoWyoOhJh8wQphrQgo0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRT0pNv
NgEafZEmxs04Zeg49XRZ1TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGRjZDEwMzEtMGM4ZC00ZWU0LTk1NjMtNTdkZGI2M2UxNjc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPiMA0G
CSqGSIb3DQEBCwUAA4IBAQBmawlK8hA61Qgy3UGBDBKxQGW+BZDDRa1QxeGglijk
lzwJoKx2Lq6MjyL2890diAymXhgfSIiZ+0F/OyuPMB4SBH5xpyrtNHtj6OR6Wlgb
qkr9dmQaxU0zHCjVo2xALt6LTR8v+SGU/4VQFjyoKOPEI8rFWBhc29MdFkeDcAaR
u4HN09vYugihW6aVGXCn+RxxnNhACP+hwrp7XPAeCHJoKLnpqhP20XznZI4ODiMf
ZmtJ5maYE70u0hLj9ZEgi3Nb4stihAmvRIdbx/1NmNFOd/dJAf4kgGS1tUuxzQcP
ynoLRc0v9CHvhVbhiXBpf4ItHRoYcWQ+1KSDIbU4xG5f
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:48:35 2026 by rpki-client