Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b39e8644-b3a5-4477-b7b6-d340235a9010.roa
File: b39e8644-b3a5-4477-b7b6-d340235a9010.roa (raw, json)
Hash identifier: SOSyiJnGa7eSXstQ4X0HlXDkjxQX2fUv678S0oESb1k=
Subject key identifier: B9:D1:01:41:CB:0E:B4:FD:BA:C9:90:0A:90:BD:BB:D5:20:A4:CF:C3
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 347CCE5D8C34CB262ACF75E3C33F89DC50377318
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b39e8644-b3a5-4477-b7b6-d340235a9010.roa
Signing time: Tue 24 Feb 2026 00:00:04 +0000
ROA not before: Tue 24 Feb 2026 00:00:04 +0000
ROA not after: Mon 25 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.168.0.0/15 maxlen: 15
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:7c:ce:5d:8c:34:cb:26:2a:cf:75:e3:c3:3f:89:dc:50:37:73:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 24 00:00:04 2026 GMT
Not After : May 25 23:59:59 2026 GMT
Subject: serialNumber=fb9af239bbdb0689e7fa924620a2f24e7ea1df25f8782bbe723b281172a34e9e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:48:01:d3:fa:cd:13:f9:76:8f:65:62:a7:62:
a5:0d:47:e1:0c:8a:f9:bd:9c:93:38:01:9b:5e:c1:
f6:11:a5:fb:86:c9:26:82:77:03:0d:60:70:9c:5e:
d6:ea:87:d7:ed:89:94:7b:8f:a7:99:df:3a:f5:7f:
74:b4:1f:70:3a:13:ef:33:84:74:bb:67:2f:3d:01:
be:65:f7:4b:ef:ec:13:a5:06:5f:77:da:ea:c9:ca:
c0:00:bc:b0:0d:a2:5e:dc:a6:dd:33:14:8a:de:c1:
2a:4c:da:e8:f3:fa:79:f4:ab:5a:57:b4:0c:a0:55:
15:ee:ad:6e:d6:f4:ad:c9:d7:b7:15:6a:7f:7d:3e:
da:63:b1:32:d1:03:f0:75:6c:2f:c3:b4:e1:14:81:
7e:3a:b0:c4:16:81:51:13:a5:93:6a:be:42:0e:08:
34:48:83:94:15:34:39:26:43:d5:a1:2e:78:57:4d:
37:05:db:99:de:76:65:f1:d2:8a:a7:97:4b:aa:07:
6a:ee:1f:23:50:72:b8:5f:4c:9a:7d:d3:fc:3d:7f:
f5:18:c2:93:8c:b9:d4:a5:f4:b0:1d:ce:a4:4d:40:
01:73:aa:6b:c8:43:f3:95:23:21:80:57:2e:21:f2:
d5:c6:09:01:c5:ee:60:de:0e:34:8d:39:32:f4:85:
86:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:D1:01:41:CB:0E:B4:FD:BA:C9:90:0A:90:BD:BB:D5:20:A4:CF:C3
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b39e8644-b3a5-4477-b7b6-d340235a9010.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.168.0.0/15
Signature Algorithm: sha256WithRSAEncryption
2b:42:6a:e6:8b:ec:d3:70:f7:83:36:f6:1a:f9:4f:c5:71:26:
d3:66:d8:8a:46:a2:65:b7:95:2f:73:ea:4c:60:1a:ce:ae:be:
34:56:b0:8f:6c:2d:c9:56:79:ac:8d:b6:2d:76:90:c7:79:48:
2a:24:23:1a:e8:1c:c1:f7:5e:bf:ea:9c:99:ea:e7:13:2b:f8:
4c:ed:c8:79:c5:21:61:c7:f7:c0:9c:3b:00:e8:a7:c2:00:16:
fc:be:10:77:f4:60:34:3b:1b:e8:c9:72:73:0c:3c:7a:af:34:
4f:7b:ce:95:c6:db:ea:11:32:1f:25:85:76:2f:73:9a:9d:c8:
11:b2:6b:62:c6:32:cf:43:7c:09:49:10:92:e6:cc:ec:4d:1a:
d7:6e:41:d5:76:72:1c:f7:eb:72:72:90:cc:12:ab:2c:56:dd:
a9:d9:58:6e:c6:76:3e:c0:69:6d:27:ad:8a:d5:54:bd:d5:c2:
03:59:d1:a0:10:19:4a:39:eb:c8:3d:b5:c2:37:af:04:e4:f7:
7b:82:51:d5:91:c2:ea:f4:6c:2d:ed:9e:84:7f:27:fe:77:ce:
f2:35:b8:fd:dc:b5:69:0f:97:01:1f:2a:29:f1:9b:7a:6a:c8:
6f:3f:5c:be:ad:eb:ba:0f:c2:5d:c8:b4:f6:5e:4a:75:ed:1c:
36:66:7f:9e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUNHzOXYw0yyYqz3Xjwz+J3FA3cxgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMjQwMDAwMDRaFw0yNjA1MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGZiOWFmMjM5YmJkYjA2ODllN2ZhOTI0NjIwYTJmMjRlN2VhMWRmMjVmODc4
MmJiZTcyM2IyODExNzJhMzRlOWUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALBIAdP6zRP5do9lYqdipQ1H4QyK+b2ckzgBm17B9hGl+4bJJoJ3Aw1gcJxe
1uqH1+2JlHuPp5nfOvV/dLQfcDoT7zOEdLtnLz0BvmX3S+/sE6UGX3fa6snKwAC8
sA2iXtym3TMUit7BKkza6PP6efSrWle0DKBVFe6tbtb0rcnXtxVqf30+2mOxMtED
8HVsL8O04RSBfjqwxBaBUROlk2q+Qg4INEiDlBU0OSZD1aEueFdNNwXbmd52ZfHS
iqeXS6oHau4fI1ByuF9Mmn3T/D1/9RjCk4y51KX0sB3OpE1AAXOqa8hD85UjIYBX
LiHy1cYJAcXuYN4ONI05MvSFhkECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS50QFB
yw60/brJkAqQvbvVIKTPwzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjM5ZTg2NDQtYjNhNS00NDc3LWI3YjYtZDM0MDIzNWE5MDEwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOoMA0G
CSqGSIb3DQEBCwUAA4IBAQArQmrmi+zTcPeDNvYa+U/FcSbTZtiKRqJlt5Uvc+pM
YBrOrr40VrCPbC3JVnmsjbYtdpDHeUgqJCMa6BzB916/6pyZ6ucTK/hM7ch5xSFh
x/fAnDsA6KfCABb8vhB39GA0OxvoyXJzDDx6rzRPe86VxtvqETIfJYV2L3OancgR
smtixjLPQ3wJSRCS5szsTRrXbkHVdnIc9+tycpDMEqssVt2p2VhuxnY+wGltJ62K
1VS91cIDWdGgEBlKOevIPbXCN68E5Pd7glHVkcLq9Gwt7Z6Efyf+d87yNbj93LVp
D5cBHyop8Zt6ashvP1y+reu6D8JdyLT2Xkp17Rw2Zn+e
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:39:07 2026 by rpki-client