Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9adb83e6-fa36-47fa-b5be-856fd7247898.roa
File: 9adb83e6-fa36-47fa-b5be-856fd7247898.roa (raw, json)
Hash identifier: tWyLDwF3JX8Pt500ku1+vKythISuZTQOe/AWMeL3pQA=
Subject key identifier: B4:79:B7:05:36:EF:67:17:6E:6F:2A:87:A7:78:2A:EC:E5:7B:35:C9
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0E6075E9158E79A51E0EE25F15D283C57C0C6A69
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9adb83e6-fa36-47fa-b5be-856fd7247898.roa
Signing time: Wed 20 May 2026 00:50:04 +0000
ROA not before: Wed 20 May 2026 00:50:04 +0000
ROA not after: Tue 18 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.16.104.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:60:75:e9:15:8e:79:a5:1e:0e:e2:5f:15:d2:83:c5:7c:0c:6a:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 00:50:04 2026 GMT
Not After : Aug 18 23:59:59 2026 GMT
Subject: serialNumber=311a8b2e8c2af41438121bd7d09c4f1f218c9120476f5ff846f242ff89aed6d0, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:58:8b:75:14:c9:82:9c:22:78:d3:c2:7d:f9:
54:4b:d7:03:1a:99:7e:a0:ea:6b:81:9b:cc:98:c2:
10:d4:98:fb:03:88:58:b4:67:8d:35:cd:fe:f7:a2:
92:72:08:27:09:30:98:04:95:7a:2c:8f:cd:c1:99:
cc:56:92:74:40:20:05:f6:92:5c:a1:ba:3f:06:ab:
fd:f6:dd:69:8b:5f:c5:b9:23:81:a0:0b:ee:69:b4:
07:56:d2:d2:b1:02:83:b3:97:21:c3:1e:22:bc:c5:
6c:43:24:d3:b2:2b:fa:e2:5b:2d:b2:93:6c:64:98:
0a:6c:56:54:fd:75:13:31:0a:f0:24:f7:f9:bd:b4:
83:99:4a:6b:3d:c2:b3:df:92:67:3e:89:8c:9a:28:
6d:26:f2:56:62:ad:2e:2d:98:2b:3b:0d:f6:fc:9d:
7c:06:78:65:41:62:fc:ca:e7:49:58:57:3a:79:1a:
71:2f:5a:4a:4b:76:7c:df:e2:9b:3d:10:ec:ae:ef:
79:eb:88:ad:cd:73:76:35:d2:82:b0:36:e1:55:65:
f1:8e:3e:05:e2:e5:9f:ff:8b:6b:87:3a:ee:98:e0:
57:82:4e:55:ee:0d:67:90:9f:4f:8b:d0:6d:17:20:
d9:14:c6:ad:13:3f:a7:12:bf:a2:16:d0:a4:79:8b:
12:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:79:B7:05:36:EF:67:17:6E:6F:2A:87:A7:78:2A:EC:E5:7B:35:C9
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9adb83e6-fa36-47fa-b5be-856fd7247898.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.16.104.0/23
Signature Algorithm: sha256WithRSAEncryption
cd:8b:c5:f0:a6:b5:75:40:ef:d8:a2:16:97:23:39:5f:b4:3a:
e7:33:d9:2a:44:83:d5:4a:b6:15:c2:40:ae:ef:2d:de:28:47:
57:5c:73:7d:02:af:4f:73:71:83:cd:56:20:bd:37:0c:8e:49:
c3:4a:06:28:db:92:88:20:ff:23:a8:3e:9b:65:fc:1d:57:bc:
12:3b:64:ed:25:9b:b7:c0:88:34:0b:da:9a:39:71:9a:54:6c:
bf:2e:e3:8c:e1:5d:37:7c:26:b2:d7:d1:86:e3:ae:0f:9c:12:
f3:cb:8d:54:76:49:1b:ed:a8:a5:1f:a1:65:96:b2:0f:a6:22:
50:98:44:40:d3:f5:fe:90:db:f1:0d:08:33:a1:08:2c:16:db:
f2:47:03:6f:eb:a6:f8:7b:54:af:f0:a3:19:c0:aa:6e:57:d7:
cd:fe:9b:1c:9b:7b:65:4d:37:b9:4a:a6:09:f0:47:76:36:4c:
2b:ff:70:d0:c5:64:1f:55:db:6a:7f:71:52:87:a4:86:97:e9:
62:62:50:19:5a:ea:7c:42:3b:56:e7:92:aa:a4:d8:c8:89:f3:
a3:6c:4b:1b:2f:90:1d:94:f1:44:2f:7f:41:e4:22:98:7c:f7:
31:ef:fb:50:45:ca:93:d2:44:b3:b7:30:2b:b5:ef:95:61:0b:
1f:39:e8:7b
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUDmB16RWOeaUeDuJfFdKDxXwMamkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MjAwMDUwMDRaFw0yNjA4MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDMxMWE4YjJlOGMyYWY0MTQzODEyMWJkN2QwOWM0ZjFmMjE4YzkxMjA0NzZm
NWZmODQ2ZjI0MmZmODlhZWQ2ZDAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM9Yi3UUyYKcInjTwn35VEvXAxqZfqDqa4GbzJjCENSY+wOIWLRnjTXN/vei
knIIJwkwmASVeiyPzcGZzFaSdEAgBfaSXKG6Pwar/fbdaYtfxbkjgaAL7mm0B1bS
0rECg7OXIcMeIrzFbEMk07Ir+uJbLbKTbGSYCmxWVP11EzEK8CT3+b20g5lKaz3C
s9+SZz6JjJoobSbyVmKtLi2YKzsN9vydfAZ4ZUFi/MrnSVhXOnkacS9aSkt2fN/i
mz0Q7K7veeuIrc1zdjXSgrA24VVl8Y4+BeLln/+La4c67pjgV4JOVe4NZ5CfT4vQ
bRcg2RTGrRM/pxK/ohbQpHmLEjMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBS0ebcF
Nu9nF25vKoeneCrs5Xs1yTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWFkYjgzZTYtZmEzNi00N2ZhLWI1YmUtODU2ZmQ3MjQ3ODk4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEATMQaDAN
BgkqhkiG9w0BAQsFAAOCAQEAzYvF8Ka1dUDv2KIWlyM5X7Q65zPZKkSD1Uq2FcJA
ru8t3ihHV1xzfQKvT3Nxg81WIL03DI5Jw0oGKNuSiCD/I6g+m2X8HVe8Ejtk7SWb
t8CINAvamjlxmlRsvy7jjOFdN3wmstfRhuOuD5wS88uNVHZJG+2opR+hZZayD6Yi
UJhEQNP1/pDb8Q0IM6EILBbb8kcDb+um+HtUr/CjGcCqblfXzf6bHJt7ZU03uUqm
CfBHdjZMK/9w0MVkH1Xban9xUoekhpfpYmJQGVrqfEI7VueSqqTYyInzo2xLGy+Q
HZTxRC9/QeQimHz3Me/7UEXKk9JEs7cwK7XvlWELHznoew==
-----END CERTIFICATE-----
Generated at Sat Jun 13 12:42:41 2026 by rpki-client