Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/af8582f5-d209-4e12-aacf-31186289c430.roa
File: af8582f5-d209-4e12-aacf-31186289c430.roa (raw, json)
Hash identifier: rR+9oOZ6q3IN0KFvITeYtLlQ3DykRQx7APLp+CgwaKc=
Subject key identifier: EB:94:B0:BC:93:1D:2D:C0:30:A3:21:2E:FA:C1:D9:C2:04:DB:35:D8
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 715B2E88E67D750EC11956D41981F7606DC841EE
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/af8582f5-d209-4e12-aacf-31186289c430.roa
Signing time: Tue 19 May 2026 06:00:52 +0000
ROA not before: Tue 19 May 2026 06:00:52 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.216.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:5b:2e:88:e6:7d:75:0e:c1:19:56:d4:19:81:f7:60:6d:c8:41:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 06:00:52 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=0a6b2a26c333f6f672b49bf5bdd3d0a8c9e5cc3ba169b86b4b9493e9d94dedb2, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:f8:cb:65:5d:8b:12:9e:aa:a4:11:71:d7:27:
63:11:cb:d0:37:24:bc:0a:46:13:bf:f6:9b:41:62:
ee:26:07:cc:18:f2:ab:a7:f2:ab:7d:74:aa:15:21:
a6:68:09:d9:09:47:19:a6:f2:b9:fb:92:2f:0d:ae:
73:6a:ed:73:f7:5e:fc:5c:b5:87:b8:1d:d1:54:a0:
80:41:d6:c7:5b:d1:6d:40:6e:d7:66:d3:6f:1a:5f:
12:fc:10:fc:60:90:fc:44:c4:40:e2:48:34:d5:a2:
37:1f:59:26:df:b8:70:4a:7e:94:6e:c8:ca:ec:4e:
1f:d6:ed:ee:9e:02:5c:5a:95:5b:45:85:36:4d:90:
21:da:27:6c:58:83:d2:70:cb:41:99:96:ac:e3:58:
92:ab:29:6a:35:cb:60:70:ca:31:08:e0:b6:a4:2c:
39:d5:b8:bc:ed:88:3e:c2:2a:37:4a:c2:54:62:8c:
f3:4a:37:a6:58:4b:ec:4f:69:b7:66:d6:07:c7:e4:
68:a8:d4:c3:2e:37:f9:18:c8:fe:aa:7a:07:94:4f:
91:65:a5:f0:09:b0:56:f4:0d:03:6d:d4:c8:0a:f0:
7d:e2:eb:e1:5e:a7:d9:79:49:12:98:64:24:db:16:
f0:0e:57:ef:5b:d6:df:ce:89:a2:9c:2f:55:67:12:
dd:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:94:B0:BC:93:1D:2D:C0:30:A3:21:2E:FA:C1:D9:C2:04:DB:35:D8
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/af8582f5-d209-4e12-aacf-31186289c430.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.216.0.0/15
Signature Algorithm: sha256WithRSAEncryption
1a:28:13:03:42:99:94:c2:9b:ad:b8:ca:dd:f4:ee:74:52:b8:
57:14:f6:1c:d9:68:34:73:3f:29:5b:c3:b1:0e:b9:c5:bc:ef:
bc:86:34:f3:9b:dd:82:ff:ae:30:f0:fd:cf:e3:6f:83:4c:ae:
57:9e:b3:a2:e1:0b:cd:8f:bc:d6:cf:05:af:87:ae:ae:1d:89:
c9:cd:42:be:4d:d6:a5:1c:f5:d9:6c:d8:d7:3a:dc:5c:b7:5f:
d0:fc:76:79:d8:d9:d4:7d:fa:99:98:93:e0:9b:df:43:4b:94:
4f:0c:83:b2:42:66:73:f5:2d:6e:37:bd:df:1f:5e:c0:60:ce:
be:07:ae:da:20:88:eb:1e:6b:83:2d:b0:7e:ec:59:8b:ac:9f:
29:e5:d6:e7:40:13:25:2d:6f:47:91:8a:66:ec:ec:cd:44:e8:
5a:00:1a:2a:f4:75:c7:37:32:6e:60:53:21:15:65:95:89:64:
df:14:67:3f:08:24:ec:e6:e5:3f:2f:3e:1e:d4:37:56:72:aa:
f3:58:24:e8:3a:60:c9:c5:54:22:f0:dc:20:d9:83:68:f4:2a:
c9:80:56:59:07:f2:f4:c7:0b:0a:4a:51:af:07:40:ff:81:13:
21:69:99:de:32:c1:df:d7:4b:11:20:e1:b4:b3:26:d7:90:e6:
22:49:5c:82
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUcVsuiOZ9dQ7BGVbUGYH3YG3IQe4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNjAwNTJaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDBhNmIyYTI2YzMzM2Y2ZjY3MmI0OWJmNWJkZDNkMGE4YzllNWNjM2JhMTY5
Yjg2YjRiOTQ5M2U5ZDk0ZGVkYjIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANr4y2VdixKeqqQRcdcnYxHL0DckvApGE7/2m0Fi7iYHzBjyq6fyq310qhUh
pmgJ2QlHGabyufuSLw2uc2rtc/de/Fy1h7gd0VSggEHWx1vRbUBu12bTbxpfEvwQ
/GCQ/ETEQOJINNWiNx9ZJt+4cEp+lG7IyuxOH9bt7p4CXFqVW0WFNk2QIdonbFiD
0nDLQZmWrONYkqspajXLYHDKMQjgtqQsOdW4vO2IPsIqN0rCVGKM80o3plhL7E9p
t2bWB8fkaKjUwy43+RjI/qp6B5RPkWWl8AmwVvQNA23UyArwfeLr4V6n2XlJEphk
JNsW8A5X71vW386JopwvVWcS3TMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTrlLC8
kx0twDCjIS76wdnCBNs12DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YWY4NTgyZjUtZDIwOS00ZTEyLWFhY2YtMzExODYyODljNDMwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPYMA0G
CSqGSIb3DQEBCwUAA4IBAQAaKBMDQpmUwputuMrd9O50UrhXFPYc2Wg0cz8pW8Ox
DrnFvO+8hjTzm92C/64w8P3P42+DTK5XnrOi4QvNj7zWzwWvh66uHYnJzUK+Tdal
HPXZbNjXOtxct1/Q/HZ52NnUffqZmJPgm99DS5RPDIOyQmZz9S1uN73fH17AYM6+
B67aIIjrHmuDLbB+7FmLrJ8p5dbnQBMlLW9HkYpm7OzNROhaABoq9HXHNzJuYFMh
FWWViWTfFGc/CCTs5uU/Lz4e1DdWcqrzWCToOmDJxVQi8Nwg2YNo9CrJgFZZB/L0
xwsKSlGvB0D/gRMhaZneMsHf10sRIOG0sybXkOYiSVyC
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:25:28 2026 by rpki-client