Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a2d10e7d-a784-476d-9df5-f7efeb55cf39.roa
File: a2d10e7d-a784-476d-9df5-f7efeb55cf39.roa (raw, json)
Hash identifier: hgWH1MhP/9UagOWCsbvz4EzmiJcaLUV8EGxi3aiVRx8=
Subject key identifier: 33:FB:EB:93:7A:71:9D:9B:00:F7:0C:4B:5A:16:B6:A5:E6:18:AD:7D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0D437E5665A291BCAF2473D5D8C84B97BCBB4F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a2d10e7d-a784-476d-9df5-f7efeb55cf39.roa
Signing time: Fri 13 Feb 2026 15:30:36 +0000
ROA not before: Fri 13 Feb 2026 15:30:36 +0000
ROA not after: Thu 14 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.206.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:43:7e:56:65:a2:91:bc:af:24:73:d5:d8:c8:4b:97:bc:bb:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 13 15:30:36 2026 GMT
Not After : May 14 23:59:59 2026 GMT
Subject: serialNumber=13dd0d168a9e3586322abf31b63d3f2fa8ae70a502b9b6698d78e89c978b6d40, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:18:a9:d7:b4:07:2e:c3:2e:71:0d:35:81:43:
3b:e6:a5:ec:66:1b:ac:b2:d2:f8:02:05:b3:b3:fb:
0c:6a:7d:c6:d3:61:69:9d:83:4e:7a:a1:8b:6f:e5:
cf:70:2f:71:4e:ad:34:14:47:26:69:fc:dd:5b:2c:
78:41:8a:be:cd:3d:23:bf:d6:c4:b5:be:c6:ee:50:
28:f4:66:c1:b2:18:fd:ce:ae:1c:82:1b:2f:ed:99:
b8:16:29:07:77:cf:1b:fe:0a:c8:0f:35:ce:3c:e8:
e4:61:ca:84:9d:93:0d:ce:05:19:06:03:4b:75:38:
21:ac:d2:ae:4b:1c:51:62:91:e1:81:96:88:60:09:
a7:99:40:42:85:36:76:75:2f:97:6b:52:ef:9c:e2:
a9:5f:25:fb:d6:a6:d7:3f:5c:ae:1e:91:d6:f5:7d:
5d:b2:14:27:68:c6:b4:27:97:d7:e9:7b:8d:9b:ab:
3b:57:40:51:78:0c:16:99:82:a0:e2:9c:c3:16:a3:
53:e9:3d:12:66:b4:29:7c:b7:c6:6b:d9:4a:7a:b9:
8f:bc:d1:17:47:48:88:34:81:1e:28:bc:57:ec:31:
cd:66:33:b7:ce:7c:8b:35:b3:1f:2e:14:cb:2a:7c:
da:71:f4:76:d1:54:bf:84:c4:c4:e8:99:e9:b9:e4:
d4:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:FB:EB:93:7A:71:9D:9B:00:F7:0C:4B:5A:16:B6:A5:E6:18:AD:7D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a2d10e7d-a784-476d-9df5-f7efeb55cf39.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.206.0.0/15
Signature Algorithm: sha256WithRSAEncryption
87:e0:2d:63:67:b7:37:9a:8c:29:c2:fb:92:13:24:67:7d:6e:
8d:a5:42:1d:bc:07:5d:b5:35:2f:72:f8:c6:ad:a1:d6:2a:5d:
3d:15:e1:f0:49:47:0f:e3:7d:c4:ec:da:5f:43:ee:32:82:11:
10:9f:99:8f:f8:3b:29:bd:33:c9:22:be:79:49:b3:46:5c:72:
d0:13:27:7b:90:81:be:bb:b1:8b:33:92:a1:c6:8a:1d:40:6c:
77:3b:27:0f:ab:f7:38:8e:c7:47:75:c7:66:22:b1:7b:10:8b:
30:eb:92:dd:e4:b2:66:37:14:22:d4:1b:ba:fa:c0:00:a3:28:
85:56:95:c4:a5:1d:a4:b5:77:ce:7a:73:22:27:52:e0:18:36:
8f:50:97:01:46:9d:c2:76:3f:87:bd:f5:91:c8:9e:e2:d8:e9:
53:af:d2:90:3b:5a:ba:26:36:1a:73:4d:0e:bf:ca:80:ae:ab:
a1:d6:99:3f:72:e0:19:f7:75:c7:8d:e7:06:0d:02:dd:25:3f:
88:de:d3:3e:24:24:72:a7:18:a1:05:75:db:c1:be:35:78:d1:
80:2b:f2:53:ef:91:98:c6:ae:43:08:be:11:4f:a9:87:82:4e:
77:36:33:fd:a1:6a:13:95:9c:db:b7:02:f7:54:c8:7a:ca:ac:
e6:14:cc:4c
-----BEGIN CERTIFICATE-----
MIIFXDCCBESgAwIBAgITDUN+VmWikbyvJHPV2MhLl7y7TzANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEyg0NTNmNDc0NjM1NGUyYWQxNWNlN2ViZDhkYzIxZjk2YzBl
NWM4N2NmMB4XDTI2MDIxMzE1MzAzNloXDTI2MDUxNDIzNTk1OVowejFJMEcGA1UE
BRNAMTNkZDBkMTY4YTllMzU4NjMyMmFiZjMxYjYzZDNmMmZhOGFlNzBhNTAyYjli
NjY5OGQ3OGU4OWM5NzhiNmQ0MDEtMCsGA1UEAxMkYzMzNjQxMWEtNjY1MS00ZjEz
LThlZjktZGU2ODFjN2M5NDQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwBip17QHLsMucQ01gUM75qXsZhusstL4AgWzs/sMan3G02FpnYNOeqGLb+XP
cC9xTq00FEcmafzdWyx4QYq+zT0jv9bEtb7G7lAo9GbBshj9zq4cghsv7Zm4FikH
d88b/grIDzXOPOjkYcqEnZMNzgUZBgNLdTghrNKuSxxRYpHhgZaIYAmnmUBChTZ2
dS+Xa1LvnOKpXyX71qbXP1yuHpHW9X1dshQnaMa0J5fX6XuNm6s7V0BReAwWmYKg
4pzDFqNT6T0SZrQpfLfGa9lKermPvNEXR0iINIEeKLxX7DHNZjO3znyLNbMfLhTL
KnzacfR20VS/hMTE6JnpueTUtQIDAQABo4ICIDCCAhwwHQYDVR0OBBYEFDP765N6
cZ2bAPcMS1oWtqXmGK19MB8GA1UdIwQYMBaAFEU/R0Y1TirRXOfr2Nwh+WwOXIfP
MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvUlQ5SFJqVk9L
dEZjNS12WTNDSDViQTVjaDg4LmNlcjCBngYIKwYBBQUHAQsEgZEwgY4wgYsGCCsG
AQUFBzALhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpvbmF3cy5j
b20vdm9sdW1lLzk2N2EyNTVjLWQ2ODAtNDJkMy05ZWMzLWVjYjNmOWRhMDg4Yy9h
MmQxMGU3ZC1hNzg0LTQ3NmQtOWRmNS1mN2VmZWI1NWNmMzkucm9hMIGIBgNVHR8E
gYAwfjB8oHqgeIZ2cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25h
d3MuY29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4
OGMvX2xBaTVUSERzUWRQWUE5bm1FVDZvbEh1VmM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMBM84wDQYJ
KoZIhvcNAQELBQADggEBAIfgLWNntzeajCnC+5ITJGd9bo2lQh28B121NS9y+Mat
odYqXT0V4fBJRw/jfcTs2l9D7jKCERCfmY/4Oym9M8kivnlJs0ZcctATJ3uQgb67
sYszkqHGih1AbHc7Jw+r9ziOx0d1x2YisXsQizDrkt3ksmY3FCLUG7r6wACjKIVW
lcSlHaS1d856cyInUuAYNo9QlwFGncJ2P4e99ZHInuLY6VOv0pA7WromNhpzTQ6/
yoCuq6HWmT9y4Bn3dceN5wYNAt0lP4je0z4kJHKnGKEFddvBvjV40YAr8lPvkZjG
rkMIvhFPqYeCTnc2M/2hahOVnNu3AvdUyHrKrOYUzEw=
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:27:45 2026 by rpki-client