Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9eb7dfb3-5cb3-484a-b550-418fc540ea28.roa
File: 9eb7dfb3-5cb3-484a-b550-418fc540ea28.roa (raw, json)
Hash identifier: QiVrx529PWu5AeuHJuJxRPADULcKtxk91hZsCQFxd6o=
Subject key identifier: CD:A1:15:ED:36:17:53:5E:08:01:E9:05:66:CD:55:0C:27:66:34:F5
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 31E6C2248EA896ECE80B18EF989C6C4B5C321A04
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9eb7dfb3-5cb3-484a-b550-418fc540ea28.roa
Signing time: Sat 28 Feb 2026 06:40:20 +0000
ROA not before: Sat 28 Feb 2026 06:40:20 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.50.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:e6:c2:24:8e:a8:96:ec:e8:0b:18:ef:98:9c:6c:4b:5c:32:1a:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 28 06:40:20 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=1249f6b8cb90e457f455fea226db61a8d7beb125d4de5256c3ef1d49cc404d7b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:42:b4:26:93:6f:46:20:52:f4:39:dc:24:70:
35:2c:53:a1:8e:6f:58:14:11:0a:90:70:d1:bc:a2:
0a:5c:ca:e4:62:59:6d:2e:4a:64:e0:00:90:cc:c5:
66:6c:5d:05:6f:0e:bc:79:30:78:28:37:d8:b8:36:
5d:0c:4d:16:ee:11:ad:a5:8a:b1:b0:0c:bd:21:23:
33:4c:45:10:b4:cd:8c:18:70:81:99:0f:f9:58:bf:
94:8e:2c:49:78:9c:1b:a0:1d:05:6c:da:1c:20:03:
b5:68:9a:a5:64:08:68:d6:8d:3d:46:72:f3:c3:3c:
b4:f3:cd:84:a8:be:60:f3:b9:ed:64:fe:30:27:0e:
6f:83:f8:f1:ed:5b:b8:55:6d:74:c3:9e:c3:ce:03:
7f:15:c6:63:ff:6d:46:b3:2c:5c:e1:d9:51:e3:1f:
27:c5:65:3b:49:3f:c2:e3:af:8c:60:52:81:7c:f8:
55:8d:e7:44:6e:4c:79:41:78:cb:fe:e2:3f:76:00:
65:c7:c0:31:8b:dd:f2:53:99:52:a7:1f:11:c6:3a:
10:f8:e1:0c:c8:b0:bb:6c:c7:db:09:66:71:7b:ed:
fd:1b:ad:80:09:b8:f8:0b:c9:56:75:f8:4a:57:94:
12:9a:3e:32:2a:ae:ec:2f:14:a2:e1:b3:7e:00:69:
9e:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:A1:15:ED:36:17:53:5E:08:01:E9:05:66:CD:55:0C:27:66:34:F5
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9eb7dfb3-5cb3-484a-b550-418fc540ea28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.50.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6a:e2:25:ac:cf:eb:34:7d:13:2b:49:4b:da:cd:4d:e1:71:a2:
63:7c:61:d7:f0:38:e3:a8:53:14:91:21:40:04:69:bc:95:6e:
30:07:cc:2a:ed:12:f4:73:02:d4:49:05:5e:25:b6:4f:6f:f6:
8d:59:50:44:c4:27:85:66:aa:87:28:a2:15:40:41:48:09:29:
e8:0e:4b:13:a1:b6:7c:37:7d:a5:35:d7:9a:ed:61:0b:3c:47:
12:b0:79:a8:b5:40:24:c0:8c:c8:22:c6:1c:34:55:1b:40:9c:
50:3d:23:11:84:5b:7d:e0:84:de:b7:1a:a8:75:84:93:31:6a:
8b:94:bf:0b:27:2c:d2:6a:bb:2c:8e:c8:b1:a7:e1:be:f8:72:
2f:ec:2f:06:81:99:4f:92:00:fe:52:9f:b1:67:a1:f3:d4:c3:
56:81:c0:96:29:9a:72:16:22:64:f9:8a:27:00:26:eb:16:50:
01:20:d0:7f:9b:01:0f:7f:86:6a:e1:30:2c:e6:aa:5b:cf:8b:
cb:55:41:6e:16:78:11:f8:aa:49:fa:ef:b7:56:23:51:41:90:
95:79:33:e8:64:42:63:e2:70:aa:48:53:12:e6:1e:bf:1d:bb:
d6:c6:b3:fc:a5:db:80:2b:48:b2:57:9a:2b:7e:dd:9b:6d:50:
1c:50:c8:90
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUMebCJI6oluzoCxjvmJxsS1wyGgQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMjgwNjQwMjBaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDEyNDlmNmI4Y2I5MGU0NTdmNDU1ZmVhMjI2ZGI2MWE4ZDdiZWIxMjVkNGRl
NTI1NmMzZWYxZDQ5Y2M0MDRkN2IxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJtCtCaTb0YgUvQ53CRwNSxToY5vWBQRCpBw0byiClzK5GJZbS5KZOAAkMzF
ZmxdBW8OvHkweCg32Lg2XQxNFu4RraWKsbAMvSEjM0xFELTNjBhwgZkP+Vi/lI4s
SXicG6AdBWzaHCADtWiapWQIaNaNPUZy88M8tPPNhKi+YPO57WT+MCcOb4P48e1b
uFVtdMOew84DfxXGY/9tRrMsXOHZUeMfJ8VlO0k/wuOvjGBSgXz4VY3nRG5MeUF4
y/7iP3YAZcfAMYvd8lOZUqcfEcY6EPjhDMiwu2zH2wlmcXvt/RutgAm4+AvJVnX4
SleUEpo+Miqu7C8UouGzfgBpnlkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTNoRXt
NhdTXggB6QVmzVUMJ2Y09TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWViN2RmYjMtNWNiMy00ODRhLWI1NTAtNDE4ZmM1NDBlYTI4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMyMA0G
CSqGSIb3DQEBCwUAA4IBAQBq4iWsz+s0fRMrSUvazU3hcaJjfGHX8DjjqFMUkSFA
BGm8lW4wB8wq7RL0cwLUSQVeJbZPb/aNWVBExCeFZqqHKKIVQEFICSnoDksTobZ8
N32lNdea7WELPEcSsHmotUAkwIzIIsYcNFUbQJxQPSMRhFt94ITetxqodYSTMWqL
lL8LJyzSarssjsixp+G++HIv7C8GgZlPkgD+Up+xZ6Hz1MNWgcCWKZpyFiJk+Yon
ACbrFlABINB/mwEPf4Zq4TAs5qpbz4vLVUFuFngR+KpJ+u+3ViNRQZCVeTPoZEJj
4nCqSFMS5h6/HbvWxrP8pduAK0iyV5orft2bbVAcUMiQ
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:26:38 2026 by rpki-client