Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/993731a0-abe8-41b9-bad3-ce7852d4f117.roa
File: 993731a0-abe8-41b9-bad3-ce7852d4f117.roa (raw, json)
Hash identifier: B6Lw1QQS87XeMyLsCcnuWYKIowAbl5WVVA7NG9sihtc=
Subject key identifier: 88:13:18:4B:58:67:D1:99:BC:C8:FC:9E:ED:27:8A:46:E8:9F:CF:6D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 32A918E8E1A69F7B131DC93BCFA1CCFB95FE18BC
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/993731a0-abe8-41b9-bad3-ce7852d4f117.roa
Signing time: Sat 28 Feb 2026 06:30:59 +0000
ROA not before: Sat 28 Feb 2026 06:30:59 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.34.0.0/15 maxlen: 15
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:a9:18:e8:e1:a6:9f:7b:13:1d:c9:3b:cf:a1:cc:fb:95:fe:18:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 28 06:30:59 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=4ba25f0ac5c6fd956873a79556498a2d4b4ba9ca3fbbe461455323e3659b2798, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:b7:ad:65:6d:50:9b:9d:58:29:86:6c:6f:06:
f4:ec:a5:8d:78:60:e1:a9:3e:25:55:8f:70:4d:e6:
55:c8:8a:fb:d5:e7:96:ed:60:cc:1d:44:44:4e:43:
3a:b8:a3:a8:96:1d:f1:49:b2:32:72:6f:e2:af:76:
b9:0a:a8:de:12:5d:b9:73:ed:0e:2c:ca:d6:2c:0c:
92:f6:a8:19:2e:77:05:6a:66:23:75:5c:d9:62:64:
2c:43:bf:14:39:ff:2b:23:e4:de:7e:07:78:de:f2:
91:00:c5:1a:b8:84:2b:f8:84:2d:c8:f6:c8:d0:dc:
c6:c0:2e:d8:66:df:29:2c:50:b5:d3:84:ab:68:8c:
19:72:92:5a:61:3c:da:05:93:38:c9:ce:c8:dc:72:
99:8a:f3:87:f5:3a:18:2f:24:b4:27:9f:df:54:6c:
38:20:01:e7:0e:56:07:be:63:08:b8:a5:64:1d:4f:
8a:ca:d5:d3:a5:06:91:bd:e5:03:ef:27:aa:59:cf:
86:31:cc:9e:92:5f:0c:63:20:52:3f:9c:ff:f4:c7:
b7:98:79:96:89:d8:09:95:46:ef:1c:b4:04:14:d9:
47:2e:90:40:75:27:1d:e0:ee:98:f0:44:e1:76:68:
35:bb:08:ab:35:a3:90:67:63:c1:9a:5b:23:b9:ae:
be:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:13:18:4B:58:67:D1:99:BC:C8:FC:9E:ED:27:8A:46:E8:9F:CF:6D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/993731a0-abe8-41b9-bad3-ce7852d4f117.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.34.0.0/15
Signature Algorithm: sha256WithRSAEncryption
97:5d:73:38:85:ff:30:80:b6:cc:e7:b4:e2:a8:73:a3:e4:31:
db:67:2f:b0:74:99:c4:79:bf:dc:17:0d:31:3b:58:e0:5f:44:
a7:9c:4a:a9:27:0d:13:11:3b:b3:a5:e6:cc:c4:92:1a:8e:5b:
3b:7d:d4:b6:1d:a7:15:86:1e:59:0f:3e:fa:cd:70:54:da:9d:
63:22:3e:ca:db:57:0e:ae:8b:fc:1a:ab:a9:1a:6b:c1:30:8a:
d8:d0:d0:12:d1:a1:47:ea:d1:ab:0b:29:26:2f:dc:37:72:81:
a2:19:2b:f4:c0:c0:a9:e7:00:0c:66:ce:71:11:1a:86:59:4a:
c3:98:3f:a1:32:b4:8b:e7:38:19:c2:af:a6:c7:62:de:aa:db:
ba:83:f8:29:b7:31:15:12:7c:c1:76:a3:83:e9:a0:a0:54:f4:
b8:0e:68:e8:3c:01:71:02:52:36:22:8c:be:61:85:99:00:5f:
7e:0a:a7:ee:5a:74:cd:06:4a:d7:44:3f:eb:e8:01:f0:21:8d:
53:70:90:09:35:5c:2a:f1:5d:10:87:d7:be:3a:24:a5:fb:72:
fd:53:da:1b:f1:1f:16:a3:cf:a5:1f:d1:a3:9f:1c:a0:57:bd:
2e:dd:7a:9e:a6:90:bf:6b:67:6f:3c:f3:5f:bf:43:e5:e3:1f:
ba:47:67:b3
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUMqkY6OGmn3sTHck7z6HM+5X+GLwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMjgwNjMwNTlaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDRiYTI1ZjBhYzVjNmZkOTU2ODczYTc5NTU2NDk4YTJkNGI0YmE5Y2EzZmJi
ZTQ2MTQ1NTMyM2UzNjU5YjI3OTgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJi3rWVtUJudWCmGbG8G9OyljXhg4ak+JVWPcE3mVciK+9Xnlu1gzB1ERE5D
OrijqJYd8UmyMnJv4q92uQqo3hJduXPtDizK1iwMkvaoGS53BWpmI3Vc2WJkLEO/
FDn/KyPk3n4HeN7ykQDFGriEK/iELcj2yNDcxsAu2GbfKSxQtdOEq2iMGXKSWmE8
2gWTOMnOyNxymYrzh/U6GC8ktCef31RsOCAB5w5WB75jCLilZB1PisrV06UGkb3l
A+8nqlnPhjHMnpJfDGMgUj+c//THt5h5lonYCZVG7xy0BBTZRy6QQHUnHeDumPBE
4XZoNbsIqzWjkGdjwZpbI7muvkkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSIExhL
WGfRmbzI/J7tJ4pG6J/PbTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OTkzNzMxYTAtYWJlOC00MWI5LWJhZDMtY2U3ODUyZDRmMTE3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATMiMA0G
CSqGSIb3DQEBCwUAA4IBAQCXXXM4hf8wgLbM57TiqHOj5DHbZy+wdJnEeb/cFw0x
O1jgX0SnnEqpJw0TETuzpebMxJIajls7fdS2HacVhh5ZDz76zXBU2p1jIj7K21cO
rov8GqupGmvBMIrY0NAS0aFH6tGrCykmL9w3coGiGSv0wMCp5wAMZs5xERqGWUrD
mD+hMrSL5zgZwq+mx2Leqtu6g/gptzEVEnzBdqOD6aCgVPS4DmjoPAFxAlI2Ioy+
YYWZAF9+CqfuWnTNBkrXRD/r6AHwIY1TcJAJNVwq8V0Qh9e+OiSl+3L9U9ob8R8W
o8+lH9GjnxygV70u3XqeppC/a2dvPPNfv0Pl4x+6R2ez
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:40:13 2026 by rpki-client