Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9ebfa348-5910-4667-b4db-cfb5bb3acbc8.roa
File: 9ebfa348-5910-4667-b4db-cfb5bb3acbc8.roa (raw, json)
Hash identifier: fRTB2CeIwqd4SxYUOBBbtu+PPYZWz25XDaxk6746hFc=
Subject key identifier: B8:A9:68:35:30:96:8B:7F:C0:8B:7C:1C:7E:74:ED:79:87:CA:68:05
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 71933053AB341158C434F52166ED44A429A9023F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9ebfa348-5910-4667-b4db-cfb5bb3acbc8.roa
Signing time: Sat 28 Feb 2026 06:40:24 +0000
ROA not before: Sat 28 Feb 2026 06:40:24 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.188.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:93:30:53:ab:34:11:58:c4:34:f5:21:66:ed:44:a4:29:a9:02:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 28 06:40:24 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=f1aaa0cfbb43470934c79f888fa449c7e5d9bf9da930212d5e08d66642baef1f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:66:51:8b:99:ca:cc:52:8f:ff:7a:c8:7d:56:
7b:f3:75:53:8e:f8:39:31:7e:d0:8e:65:65:29:ae:
49:1f:6c:1a:a2:61:f9:99:11:0f:c1:71:0f:23:0e:
69:fe:c9:ee:98:c5:94:bc:9c:5c:27:08:f8:e6:52:
29:ef:cd:86:e9:3f:75:c0:b2:8b:0f:8b:75:c6:6c:
b1:d5:08:d6:73:86:fa:1a:45:0a:7a:33:d5:7a:93:
97:25:00:d8:73:67:c5:af:03:04:ec:ae:aa:02:d0:
98:a9:ef:94:c5:2d:5d:20:94:cd:35:d6:0c:5a:f2:
af:15:54:df:09:f6:04:c0:51:87:51:cd:87:08:17:
c9:9d:cd:aa:ef:49:db:56:64:bd:37:7a:4f:ac:f6:
44:fd:1a:5f:7c:c3:6a:03:f8:04:ca:56:6f:3f:50:
8a:29:7d:dd:dd:a8:57:b5:8b:ca:00:a4:cb:ed:c6:
71:1e:39:e0:e4:bf:55:7f:03:81:d4:43:79:40:9b:
04:f1:21:fd:aa:bc:b8:b9:44:50:88:26:e8:34:12:
c0:4c:58:c1:29:7f:d3:d4:73:75:a4:46:45:9e:47:
ca:83:f9:81:a2:e8:d5:50:b9:a0:28:6c:d5:47:44:
0f:94:a7:b4:35:76:b6:e2:34:a2:02:1b:4a:35:5d:
ab:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:A9:68:35:30:96:8B:7F:C0:8B:7C:1C:7E:74:ED:79:87:CA:68:05
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9ebfa348-5910-4667-b4db-cfb5bb3acbc8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.188.0.0/15
Signature Algorithm: sha256WithRSAEncryption
8c:bc:f2:9a:64:ea:07:97:0c:94:cd:16:1a:fe:ff:45:76:fd:
87:a9:a0:56:ab:67:76:7c:77:bc:db:b3:3d:d9:f3:f5:74:7f:
c1:53:e4:b1:e7:f0:7f:9e:c7:fe:36:fb:7f:39:37:4f:96:13:
e1:30:2f:d4:a2:29:d8:d7:67:de:03:c9:88:a6:c2:37:50:96:
20:29:c7:71:2b:c1:0b:6f:40:58:7f:db:bb:f7:01:f5:a8:ad:
6a:46:f0:84:aa:07:3c:79:c2:99:06:f7:11:4a:35:de:d2:17:
01:65:7d:c8:d8:41:75:51:bd:f8:2e:3e:c9:cb:08:1c:69:c4:
f1:af:e0:e4:6c:26:f9:a3:bc:78:9b:9a:ac:27:5f:db:f8:70:
70:06:d9:94:cf:e6:07:da:f7:e1:df:b4:87:92:1f:59:1f:34:
49:87:c1:16:7c:8a:de:c3:51:e9:a7:2b:5d:8e:45:e1:d6:9d:
34:85:b8:7d:50:b9:bd:7b:b0:44:14:00:7e:c6:96:0c:f2:c9:
cb:26:38:44:0a:ae:bb:2a:bd:df:80:6e:63:6e:90:e0:64:3d:
28:4c:62:11:74:81:ca:26:81:22:54:40:f8:64:93:eb:87:a4:
87:06:ec:5c:cd:d0:1f:d6:0c:83:83:fe:a5:5e:05:ad:3a:3d:
ca:46:94:c9
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUcZMwU6s0EVjENPUhZu1EpCmpAj8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMjgwNjQwMjRaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGYxYWFhMGNmYmI0MzQ3MDkzNGM3OWY4ODhmYTQ0OWM3ZTVkOWJmOWRhOTMw
MjEyZDVlMDhkNjY2NDJiYWVmMWYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKxmUYuZysxSj/96yH1We/N1U474OTF+0I5lZSmuSR9sGqJh+ZkRD8FxDyMO
af7J7pjFlLycXCcI+OZSKe/Nhuk/dcCyiw+LdcZssdUI1nOG+hpFCnoz1XqTlyUA
2HNnxa8DBOyuqgLQmKnvlMUtXSCUzTXWDFryrxVU3wn2BMBRh1HNhwgXyZ3Nqu9J
21ZkvTd6T6z2RP0aX3zDagP4BMpWbz9Qiil93d2oV7WLygCky+3GcR454OS/VX8D
gdRDeUCbBPEh/aq8uLlEUIgm6DQSwExYwSl/09RzdaRGRZ5HyoP5gaLo1VC5oChs
1UdED5SntDV2tuI0ogIbSjVdq2UCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS4qWg1
MJaLf8CLfBx+dO15h8poBTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWViZmEzNDgtNTkxMC00NjY3LWI0ZGItY2ZiNWJiM2FjYmM4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATO8MA0G
CSqGSIb3DQEBCwUAA4IBAQCMvPKaZOoHlwyUzRYa/v9Fdv2HqaBWq2d2fHe827M9
2fP1dH/BU+Sx5/B/nsf+Nvt/OTdPlhPhMC/UoinY12feA8mIpsI3UJYgKcdxK8EL
b0BYf9u79wH1qK1qRvCEqgc8ecKZBvcRSjXe0hcBZX3I2EF1Ub34Lj7JywgcacTx
r+DkbCb5o7x4m5qsJ1/b+HBwBtmUz+YH2vfh37SHkh9ZHzRJh8EWfIrew1Hppytd
jkXh1p00hbh9ULm9e7BEFAB+xpYM8snLJjhECq67Kr3fgG5jbpDgZD0oTGIRdIHK
JoEiVED4ZJPrh6SHBuxczdAf1gyDg/6lXgWtOj3KRpTJ
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:20:54 2026 by rpki-client