Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/96060ba0-0bb4-49bc-8bf6-4a1495ffddf4.roa
File: 96060ba0-0bb4-49bc-8bf6-4a1495ffddf4.roa (raw, json)
Hash identifier: vabvydnF9swI9e+nqcIJX3T+FVDX6OZmS05BvMYo6b0=
Subject key identifier: AF:F5:5D:51:BF:04:65:D8:70:2C:CF:74:6E:B4:F1:BD:F6:0D:60:F2
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 691065004EDDCD9B0E47CACC9341C625C83F0524
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/96060ba0-0bb4-49bc-8bf6-4a1495ffddf4.roa
Signing time: Fri 06 Feb 2026 00:40:28 +0000
ROA not before: Fri 06 Feb 2026 00:40:28 +0000
ROA not after: Thu 07 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.20.0.0/14 maxlen: 14
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:10:65:00:4e:dd:cd:9b:0e:47:ca:cc:93:41:c6:25:c8:3f:05:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 6 00:40:28 2026 GMT
Not After : May 7 23:59:59 2026 GMT
Subject: serialNumber=d44fbae4cef9baae96973338a02ab0f549342a55d0682eba1604e2f1363e309b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:37:bd:5c:97:68:15:54:a7:e1:e5:35:59:fa:
9b:79:fa:4e:5e:34:64:ea:23:5d:65:6c:8d:b3:86:
63:9b:9e:36:60:f0:98:7a:80:f2:7f:0c:e8:24:60:
b3:49:58:a9:dc:cd:cc:0b:6f:ed:0c:e4:f1:c8:9e:
d9:19:84:bc:fc:aa:4a:71:57:d7:ee:1e:be:85:de:
a5:5d:cb:aa:32:42:fc:a5:87:8d:61:7d:7e:28:53:
6f:33:a2:eb:f0:3c:ad:c3:b0:da:bc:7e:fe:00:41:
5c:aa:d1:9d:04:02:e5:ad:90:a9:38:d0:66:0f:e8:
09:79:a4:92:7d:d5:5d:50:51:16:1d:30:21:6f:a7:
42:3c:44:ba:a4:1d:45:c8:65:fd:e2:6f:75:72:1e:
ca:3a:bf:32:9f:7a:db:0a:b9:a6:ea:56:e6:72:f8:
07:39:bd:18:6b:eb:81:54:6e:0b:92:c8:30:d1:3d:
b5:cf:f6:f6:75:a4:5c:83:32:c8:27:c9:b1:9d:a1:
52:c0:f7:3d:d6:6c:ea:19:82:b3:27:61:78:d7:44:
8e:c2:98:49:22:af:89:56:8f:7a:09:60:0b:11:47:
6b:15:ce:79:f9:c3:62:11:d8:00:d4:d4:51:b4:31:
73:7e:0b:32:f3:6d:4d:b0:a4:42:a0:86:d3:a6:75:
2f:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:F5:5D:51:BF:04:65:D8:70:2C:CF:74:6E:B4:F1:BD:F6:0D:60:F2
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/96060ba0-0bb4-49bc-8bf6-4a1495ffddf4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.20.0.0/14
Signature Algorithm: sha256WithRSAEncryption
1c:e3:13:81:97:2f:11:7a:93:7f:90:b7:0a:0f:1f:b8:57:75:
63:9c:75:51:8a:04:29:d9:3d:32:a7:0b:06:cf:e4:71:52:75:
a7:a3:f0:5f:56:0d:92:20:ae:10:db:6b:bd:8c:d0:9b:bc:4a:
24:65:5f:68:c9:21:a2:93:72:bf:49:24:17:d5:9e:ff:d4:45:
6d:d2:cd:b3:0c:f4:95:fa:be:f1:f8:3d:de:13:f6:3c:0f:bf:
6c:29:2f:74:83:3b:42:4e:72:93:f5:46:7a:bd:cd:86:c9:3e:
8d:0c:bd:c7:44:21:ba:4c:7a:3b:47:16:50:35:9c:e1:52:3d:
7f:39:8a:f9:23:54:84:41:b9:57:f4:0c:75:49:f0:b6:b3:46:
e1:e4:13:61:03:bd:fd:72:f1:6e:9b:86:2c:af:24:0f:3c:92:
a1:ed:90:b0:32:40:c7:d8:4a:6d:fa:f1:e5:bd:ab:c0:12:9c:
59:43:4d:6c:69:da:75:c0:f7:bf:5a:e5:c5:6c:fd:7a:62:e4:
fd:14:b8:bd:2a:51:5c:d2:c7:21:07:18:9d:88:27:a2:7b:7e:
a0:7c:f8:1c:12:0d:36:88:2f:01:73:21:10:10:26:29:2c:48:
9c:c3:35:ed:99:e0:a0:2a:a2:fc:2e:e2:62:07:74:6a:42:54:
8d:e9:f9:0d
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUaRBlAE7dzZsOR8rMk0HGJcg/BSQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMDYwMDQwMjhaFw0yNjA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ0NGZiYWU0Y2VmOWJhYWU5Njk3MzMzOGEwMmFiMGY1NDkzNDJhNTVkMDY4
MmViYTE2MDRlMmYxMzYzZTMwOWIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL43vVyXaBVUp+HlNVn6m3n6Tl40ZOojXWVsjbOGY5ueNmDwmHqA8n8M6CRg
s0lYqdzNzAtv7Qzk8cie2RmEvPyqSnFX1+4evoXepV3LqjJC/KWHjWF9fihTbzOi
6/A8rcOw2rx+/gBBXKrRnQQC5a2QqTjQZg/oCXmkkn3VXVBRFh0wIW+nQjxEuqQd
Rchl/eJvdXIeyjq/Mp962wq5pupW5nL4Bzm9GGvrgVRuC5LIMNE9tc/29nWkXIMy
yCfJsZ2hUsD3PdZs6hmCsydheNdEjsKYSSKviVaPeglgCxFHaxXOefnDYhHYANTU
UbQxc34LMvNtTbCkQqCG06Z1L6cCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSv9V1R
vwRl2HAsz3RutPG99g1g8jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OTYwNjBiYTAtMGJiNC00OWJjLThiZjYtNGExNDk1ZmZkZGY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjMUMA0G
CSqGSIb3DQEBCwUAA4IBAQAc4xOBly8RepN/kLcKDx+4V3VjnHVRigQp2T0ypwsG
z+RxUnWno/BfVg2SIK4Q22u9jNCbvEokZV9oySGik3K/SSQX1Z7/1EVt0s2zDPSV
+r7x+D3eE/Y8D79sKS90gztCTnKT9UZ6vc2GyT6NDL3HRCG6THo7RxZQNZzhUj1/
OYr5I1SEQblX9Ax1SfC2s0bh5BNhA739cvFum4YsryQPPJKh7ZCwMkDH2Ept+vHl
vavAEpxZQ01sadp1wPe/WuXFbP16YuT9FLi9KlFc0schBxidiCeie36gfPgcEg02
iC8BcyEQECYpLEicwzXtmeCgKqL8LuJiB3RqQlSN6fkN
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:55:02 2026 by rpki-client