Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a02f9994-3943-4a2f-8467-87935bf3bf9e.roa
File: a02f9994-3943-4a2f-8467-87935bf3bf9e.roa (raw, json)
Hash identifier: 71T5LLo2WDdGlPIt2dVoVdHxk5OJ1rtV/Iphdod5Wmk=
Subject key identifier: BE:DF:81:33:E7:B2:D7:9B:10:71:ED:88:62:DE:6E:78:00:1D:CF:D0
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6A0232B5F876E21BDEA10BB0CE3D50838336C976
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a02f9994-3943-4a2f-8467-87935bf3bf9e.roa
Signing time: Tue 19 May 2026 05:50:35 +0000
ROA not before: Tue 19 May 2026 05:50:35 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.69.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:02:32:b5:f8:76:e2:1b:de:a1:0b:b0:ce:3d:50:83:83:36:c9:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 05:50:35 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=8bef4f119cab25a9b32e93d0b0cdaaaf948f72eb686c8469356312b5ad2518c1, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:64:60:cf:94:76:7d:af:6e:c8:5c:0e:71:43:
48:a0:14:2b:0a:60:7d:bb:77:e4:88:4f:d5:ab:98:
34:7e:2b:32:b2:36:60:47:9f:5c:4e:ca:ec:9c:5e:
33:43:ed:7a:c3:2e:52:8a:05:2d:39:33:7b:a8:fb:
29:9a:4d:34:ab:a5:d5:f0:d2:d3:ab:93:45:37:7b:
1f:1d:4f:8e:7a:80:ed:ea:8b:53:c3:a0:43:f0:81:
cc:cc:9d:2e:2a:ad:4d:24:44:03:a3:01:54:7e:b4:
c3:e5:d2:1a:15:bf:55:b4:da:05:9f:ef:6c:fc:03:
6d:75:a9:19:f8:b7:64:2d:fb:5d:c1:93:bf:f4:c6:
dc:8b:db:af:3e:01:4d:3e:65:78:53:d2:96:f4:08:
6d:45:c4:89:69:c4:a9:c3:c0:6e:87:0f:ba:58:67:
d4:c1:71:79:d1:df:22:91:68:08:d4:8d:6f:f2:a1:
1f:e1:28:75:8e:4c:81:40:89:7a:e0:de:03:82:8e:
1c:22:18:b9:80:d7:2c:04:b4:68:74:3e:45:b7:f8:
4e:72:93:03:e0:08:a8:69:55:11:59:81:9e:79:c2:
f8:6b:fb:e6:29:b9:85:ce:c1:b0:3d:c0:2b:43:e9:
61:07:50:33:6b:64:e4:ee:57:ff:d7:c5:95:d2:2b:
f7:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:DF:81:33:E7:B2:D7:9B:10:71:ED:88:62:DE:6E:78:00:1D:CF:D0
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a02f9994-3943-4a2f-8467-87935bf3bf9e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.69.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ae:68:ac:c4:cc:d0:af:48:a5:f5:8c:2b:bd:2d:49:cd:3e:b8:
57:6e:65:c1:d9:51:ed:22:35:10:a8:b5:e7:14:8a:79:28:4f:
06:69:38:99:6f:03:3a:ff:d4:03:9e:dd:c0:d9:8a:e0:93:f8:
45:21:55:e5:6e:8d:89:39:f3:7f:c2:16:76:5c:b2:da:c7:bc:
c6:c6:39:f2:7c:bb:1c:21:e9:99:0c:e1:14:53:ba:85:c9:c0:
bf:cd:54:eb:6b:be:7f:71:e5:e0:ca:d8:c0:93:8d:1b:fb:ef:
30:0e:b6:ef:4e:01:01:e9:fc:c2:04:7b:ba:c9:b7:8b:de:ea:
f3:35:9e:23:56:85:5b:2b:8c:d2:ef:15:17:45:14:c1:02:8c:
a7:3c:40:68:b3:40:fe:42:31:e6:a5:e7:46:c8:8c:65:47:30:
c1:59:73:27:14:78:7e:b6:55:88:45:a4:94:69:98:18:44:13:
c1:c5:4f:25:f5:9a:de:27:33:95:41:31:86:43:73:71:c3:8f:
a3:e7:34:a6:b1:02:ed:ba:7f:f1:5b:ec:35:e7:e8:1c:a6:87:
33:40:b9:b0:e5:f3:00:e4:cb:ae:5d:6a:a7:e4:3c:a8:30:6d:
95:c9:14:d0:c9:40:5d:0a:a5:9a:91:62:a3:7a:6e:af:87:ef:
05:1c:6c:04
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUagIytfh24hveoQuwzj1Qg4M2yXYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNTUwMzVaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDhiZWY0ZjExOWNhYjI1YTliMzJlOTNkMGIwY2RhYWFmOTQ4ZjcyZWI2ODZj
ODQ2OTM1NjMxMmI1YWQyNTE4YzExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANNkYM+Udn2vbshcDnFDSKAUKwpgfbt35IhP1auYNH4rMrI2YEefXE7K7Jxe
M0PtesMuUooFLTkze6j7KZpNNKul1fDS06uTRTd7Hx1PjnqA7eqLU8OgQ/CBzMyd
LiqtTSREA6MBVH60w+XSGhW/VbTaBZ/vbPwDbXWpGfi3ZC37XcGTv/TG3Ivbrz4B
TT5leFPSlvQIbUXEiWnEqcPAbocPulhn1MFxedHfIpFoCNSNb/KhH+EodY5MgUCJ
euDeA4KOHCIYuYDXLAS0aHQ+Rbf4TnKTA+AIqGlVEVmBnnnC+Gv75im5hc7BsD3A
K0PpYQdQM2tk5O5X/9fFldIr94sCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS+34Ez
57LXmxBx7Yhi3m54AB3P0DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YTAyZjk5OTQtMzk0My00YTJmLTg0NjctODc5MzViZjNiZjllLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNFMA0G
CSqGSIb3DQEBCwUAA4IBAQCuaKzEzNCvSKX1jCu9LUnNPrhXbmXB2VHtIjUQqLXn
FIp5KE8GaTiZbwM6/9QDnt3A2Yrgk/hFIVXlbo2JOfN/whZ2XLLax7zGxjnyfLsc
IemZDOEUU7qFycC/zVTra75/ceXgytjAk40b++8wDrbvTgEB6fzCBHu6ybeL3urz
NZ4jVoVbK4zS7xUXRRTBAoynPEBos0D+QjHmpedGyIxlRzDBWXMnFHh+tlWIRaSU
aZgYRBPBxU8l9ZreJzOVQTGGQ3Nxw4+j5zSmsQLtun/xW+w15+gcpoczQLmw5fMA
5MuuXWqn5DyoMG2VyRTQyUBdCqWakWKjem6vh+8FHGwE
-----END CERTIFICATE-----
Generated at Sat Jun 13 11:34:27 2026 by rpki-client