Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/993731a0-abe8-41b9-bad3-ce7852d4f117.roa
File: 993731a0-abe8-41b9-bad3-ce7852d4f117.roa (raw, json)
Hash identifier: sxSniOeXiJFXvO2pjeFuG/LHGdWngh/mPpxvfTKPL5Q=
Subject key identifier: F1:E7:83:5E:B0:61:3D:86:9F:2F:8D:49:88:37:91:54:A3:0A:F6:3C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 51C55D716A4FC9A629E644624EEC204D35DC7959
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/993731a0-abe8-41b9-bad3-ce7852d4f117.roa
Signing time: Tue 19 May 2026 05:40:08 +0000
ROA not before: Tue 19 May 2026 05:40:08 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.34.0.0/15 maxlen: 15
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:c5:5d:71:6a:4f:c9:a6:29:e6:44:62:4e:ec:20:4d:35:dc:79:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 05:40:08 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=84c86f5715534b682b10eb882f1fc7f29a9a5ac0fc8b4735a36ea6c77124b1b2, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:24:a3:c5:68:04:1c:8e:f3:d8:23:59:a5:14:
07:16:35:2b:d9:d2:93:e0:12:4a:5a:9c:a6:21:57:
74:31:5d:7d:e0:d9:0a:f7:2e:9b:6d:1c:54:7f:91:
c0:6a:a1:cc:ba:92:a3:ed:b9:62:00:82:8a:4c:a8:
e1:42:47:70:56:22:21:b9:c1:d6:c9:34:d7:15:e4:
4c:8c:ce:da:f4:a8:97:72:b6:25:8e:5c:a2:ab:04:
25:1c:28:0e:c3:5d:17:d5:c2:f6:11:8f:2d:91:1d:
15:74:15:7f:83:87:c4:35:e3:bd:37:f8:c5:7b:4b:
90:83:0e:5b:8f:62:55:e9:22:45:28:9b:85:f8:f9:
45:c3:70:6e:b1:ee:35:41:32:42:e3:ed:a9:fb:55:
5f:57:6e:46:7f:6e:1b:9c:25:c3:88:6c:96:db:e8:
ca:9e:95:2a:c8:3d:d0:3c:45:b4:b3:7b:2c:5f:92:
58:55:56:21:0a:76:ab:fc:10:72:9a:d7:26:2b:82:
3e:b2:df:4e:08:c2:1a:0d:49:50:21:53:66:36:80:
00:b0:fa:aa:4e:81:bc:9b:ec:a6:76:ce:8b:c5:3f:
61:28:b2:cf:45:10:22:0a:2b:93:e7:06:a7:aa:7c:
6d:a2:76:8f:b8:b9:bd:b4:c5:a8:ca:10:3c:63:d4:
b9:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:E7:83:5E:B0:61:3D:86:9F:2F:8D:49:88:37:91:54:A3:0A:F6:3C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/993731a0-abe8-41b9-bad3-ce7852d4f117.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.34.0.0/15
Signature Algorithm: sha256WithRSAEncryption
67:3b:72:98:3c:89:69:e7:bc:9a:16:0e:e8:ad:67:94:23:ef:
df:6d:71:bf:6e:7a:69:a6:e0:22:5c:fa:7d:1d:0f:4d:ad:d9:
7b:cb:99:0f:7d:47:08:69:24:5d:2c:57:9f:79:22:2c:c6:ac:
e9:fd:68:49:59:20:bf:19:8d:ea:3e:1f:ab:ac:a5:02:69:05:
50:5e:b4:2e:0e:5c:b7:98:aa:0a:ae:39:22:0c:fc:04:dd:aa:
fd:50:5a:77:67:93:ee:6b:99:f7:4c:27:4f:dd:3d:44:84:48:
3b:a8:28:12:64:5f:7b:68:fa:ca:38:fd:06:35:d7:62:a7:6f:
4b:bc:17:c3:39:96:4c:a2:b5:f4:dc:e1:69:f9:69:51:d4:46:
b7:b4:e1:7e:22:59:39:ea:64:8c:3e:c3:51:95:c4:3a:92:2d:
98:a5:88:02:c4:35:e3:ba:2d:67:96:dc:e9:f1:0b:e4:4c:f9:
cf:f6:ae:eb:e6:12:39:0e:43:05:9f:07:df:1d:68:7d:3f:73:
75:11:71:30:92:fd:c5:50:75:6b:ab:5d:55:78:58:54:31:85:
77:8d:82:46:8c:cb:b7:93:ae:a8:17:b3:8c:48:0a:00:5e:d5:
e2:6b:cf:35:e2:ff:02:a9:dc:1b:c1:f8:2f:46:43:4e:21:1d:
45:f6:ef:e5
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUUcVdcWpPyaYp5kRiTuwgTTXceVkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNTQwMDhaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDg0Yzg2ZjU3MTU1MzRiNjgyYjEwZWI4ODJmMWZjN2YyOWE5YTVhYzBmYzhi
NDczNWEzNmVhNmM3NzEyNGIxYjIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMUko8VoBByO89gjWaUUBxY1K9nSk+ASSlqcpiFXdDFdfeDZCvcum20cVH+R
wGqhzLqSo+25YgCCikyo4UJHcFYiIbnB1sk01xXkTIzO2vSol3K2JY5coqsEJRwo
DsNdF9XC9hGPLZEdFXQVf4OHxDXjvTf4xXtLkIMOW49iVekiRSibhfj5RcNwbrHu
NUEyQuPtqftVX1duRn9uG5wlw4hsltvoyp6VKsg90DxFtLN7LF+SWFVWIQp2q/wQ
cprXJiuCPrLfTgjCGg1JUCFTZjaAALD6qk6BvJvspnbOi8U/YSiyz0UQIgork+cG
p6p8baJ2j7i5vbTFqMoQPGPUuQ8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTx54Ne
sGE9hp8vjUmIN5FUowr2PDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OTkzNzMxYTAtYWJlOC00MWI5LWJhZDMtY2U3ODUyZDRmMTE3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATMiMA0G
CSqGSIb3DQEBCwUAA4IBAQBnO3KYPIlp57yaFg7orWeUI+/fbXG/bnpppuAiXPp9
HQ9Nrdl7y5kPfUcIaSRdLFefeSIsxqzp/WhJWSC/GY3qPh+rrKUCaQVQXrQuDly3
mKoKrjkiDPwE3ar9UFp3Z5Pua5n3TCdP3T1EhEg7qCgSZF97aPrKOP0GNddip29L
vBfDOZZMorX03OFp+WlR1Ea3tOF+Ilk56mSMPsNRlcQ6ki2YpYgCxDXjui1nltzp
8QvkTPnP9q7r5hI5DkMFnwffHWh9P3N1EXEwkv3FUHVrq11VeFhUMYV3jYJGjMu3
k66oF7OMSAoAXtXia8814v8CqdwbwfgvRkNOIR1F9u/l
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:02:42 2026 by rpki-client