Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b1f2e92a-59bb-45af-9b7f-630a07248560.roa
File: b1f2e92a-59bb-45af-9b7f-630a07248560.roa (raw, json)
Hash identifier: dmsgZPyVFE4ZVJFFkBKOWBPxbG1RTtiXsDJoK2egbRs=
Subject key identifier: 9B:F4:49:B5:0F:F0:82:8C:EC:AF:E7:51:AE:0B:23:27:69:7A:CB:60
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 36758EC133717841FEC76855648705A8BE23399D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b1f2e92a-59bb-45af-9b7f-630a07248560.roa
Signing time: Fri 13 Feb 2026 15:30:41 +0000
ROA not before: Fri 13 Feb 2026 15:30:41 +0000
ROA not after: Thu 14 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.240.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:75:8e:c1:33:71:78:41:fe:c7:68:55:64:87:05:a8:be:23:39:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 13 15:30:41 2026 GMT
Not After : May 14 23:59:59 2026 GMT
Subject: serialNumber=382d70e670f8b7f4bfc9203b88cfd2447e287cb9492d43cd023b4b381f2b9b97, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:e9:92:21:c9:7d:a1:6b:4e:32:97:97:5a:38:
c8:d5:83:14:e9:94:a3:c7:d8:f0:c1:52:ab:88:f1:
a0:3f:1f:91:72:f9:e4:4d:98:9c:f8:43:36:0d:52:
72:a9:d6:4d:a5:86:3e:88:f5:ac:d5:39:65:4f:39:
68:2e:da:d8:6b:84:95:04:ad:f9:a9:b7:39:e9:cf:
36:00:b6:99:7d:2d:12:20:aa:07:16:b6:6a:b6:c5:
fc:d5:f4:1c:10:b4:a3:ac:e4:2c:d7:4f:a4:d0:0f:
89:8b:f8:53:4f:44:7c:64:f6:c5:16:36:26:4b:54:
75:74:89:1f:7c:5b:ee:b0:a7:14:06:a2:a2:58:21:
8a:1f:4a:0e:96:13:e7:c8:6a:cf:b4:09:7a:27:b7:
e1:9c:74:2e:67:12:7e:9b:31:40:1a:34:6a:41:b4:
20:fa:86:2c:b7:f0:b1:46:27:c4:51:65:b1:4d:93:
75:22:a8:0a:49:c2:ba:bb:48:26:bb:00:0c:6c:b1:
f5:f4:0f:a3:57:be:c0:ff:dd:ea:07:b3:d0:64:94:
11:42:8a:82:a4:c2:89:60:2f:10:27:4f:85:38:09:
b5:7b:47:5e:ba:1a:7d:b5:f4:f1:46:f8:d2:9d:75:
03:ec:21:49:6b:8f:68:cf:cd:20:48:35:d1:54:86:
bc:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:F4:49:B5:0F:F0:82:8C:EC:AF:E7:51:AE:0B:23:27:69:7A:CB:60
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b1f2e92a-59bb-45af-9b7f-630a07248560.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.240.0.0/16
Signature Algorithm: sha256WithRSAEncryption
62:b8:a8:4d:25:4e:3c:b4:92:d8:c8:15:84:10:32:c1:07:e0:
a5:e1:6c:85:20:f2:e0:fa:f9:81:c8:7e:90:f8:2d:78:ba:a4:
62:b3:36:c9:88:6e:a5:39:02:70:62:a2:2f:ba:92:61:da:4f:
8f:a9:ad:b7:3e:56:c1:93:9b:63:8a:64:3f:b8:69:92:e7:ca:
af:ee:9b:ff:dd:68:03:cd:61:4a:90:3e:92:5d:e8:f4:9b:84:
2b:a0:88:33:3a:05:62:4e:15:18:58:0f:10:1c:8c:0f:f6:c7:
21:f4:16:d1:b5:08:fb:5a:98:eb:91:f7:f7:8e:af:6a:c3:63:
b6:d3:a6:df:c7:d2:15:b2:b8:38:88:85:5f:e8:89:89:76:8c:
85:80:94:af:bf:cd:62:d0:68:ee:0b:ea:d2:10:fe:06:58:03:
46:66:36:9f:91:ee:a1:38:59:e2:7e:98:5e:0a:d5:dc:bc:20:
69:13:95:9e:b7:3f:cc:39:eb:ad:fb:a7:1c:b1:97:b4:4f:65:
ee:d1:63:23:8d:ca:99:ae:2f:5f:b9:5f:f3:18:6a:1c:14:5d:
c7:e0:b0:34:bb:88:07:aa:a9:52:0a:7d:7a:ca:af:29:63:8c:
07:e3:da:8d:33:87:e4:ba:0f:af:1b:f9:dd:3a:ea:ab:4e:dd:
f9:52:21:8e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUNnWOwTNxeEH+x2hVZIcFqL4jOZ0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMTMxNTMwNDFaFw0yNjA1MTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDM4MmQ3MGU2NzBmOGI3ZjRiZmM5MjAzYjg4Y2ZkMjQ0N2UyODdjYjk0OTJk
NDNjZDAyM2I0YjM4MWYyYjliOTcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANHpkiHJfaFrTjKXl1o4yNWDFOmUo8fY8MFSq4jxoD8fkXL55E2YnPhDNg1S
cqnWTaWGPoj1rNU5ZU85aC7a2GuElQSt+am3OenPNgC2mX0tEiCqBxa2arbF/NX0
HBC0o6zkLNdPpNAPiYv4U09EfGT2xRY2JktUdXSJH3xb7rCnFAaiolghih9KDpYT
58hqz7QJeie34Zx0LmcSfpsxQBo0akG0IPqGLLfwsUYnxFFlsU2TdSKoCknCurtI
JrsADGyx9fQPo1e+wP/d6gez0GSUEUKKgqTCiWAvECdPhTgJtXtHXroafbX08Ub4
0p11A+whSWuPaM/NIEg10VSGvCkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSb9Em1
D/CCjOyv51GuCyMnaXrLYDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjFmMmU5MmEtNTliYi00NWFmLTliN2YtNjMwYTA3MjQ4NTYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADPwMA0G
CSqGSIb3DQEBCwUAA4IBAQBiuKhNJU48tJLYyBWEEDLBB+Cl4WyFIPLg+vmByH6Q
+C14uqRiszbJiG6lOQJwYqIvupJh2k+Pqa23PlbBk5tjimQ/uGmS58qv7pv/3WgD
zWFKkD6SXej0m4QroIgzOgViThUYWA8QHIwP9sch9BbRtQj7Wpjrkff3jq9qw2O2
06bfx9IVsrg4iIVf6ImJdoyFgJSvv81i0GjuC+rSEP4GWANGZjafke6hOFnifphe
CtXcvCBpE5Wetz/MOeut+6ccsZe0T2Xu0WMjjcqZri9fuV/zGGocFF3H4LA0u4gH
qqlSCn16yq8pY4wH49qNM4fkug+vG/ndOuqrTt35UiGO
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:49:06 2026 by rpki-client