Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bad59de4-adad-41c5-bcd9-10599419c7b5.roa
File: bad59de4-adad-41c5-bcd9-10599419c7b5.roa (raw, json)
Hash identifier: O97pEG+zNlpFwLIucej9XlyybuLFRwHIr+AXNuUBPKc=
Subject key identifier: 5D:10:97:C1:3C:D5:AA:9F:D9:7E:F5:19:C0:8D:6E:7F:BA:7C:89:E7
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6A864CED3385AC4E03F271A31650D26157CC3E8E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bad59de4-adad-41c5-bcd9-10599419c7b5.roa
Signing time: Wed 20 May 2026 00:50:07 +0000
ROA not before: Wed 20 May 2026 00:50:07 +0000
ROA not after: Tue 18 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.64.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:86:4c:ed:33:85:ac:4e:03:f2:71:a3:16:50:d2:61:57:cc:3e:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 00:50:07 2026 GMT
Not After : Aug 18 23:59:59 2026 GMT
Subject: serialNumber=2ba7472964f154154d31d6374f1e5b98ec3b2c678d6ae9670a67ec92071a88cc, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:29:d9:d9:7b:41:0e:49:94:0a:af:15:72:35:
49:c4:14:d9:46:3e:00:b5:b0:aa:85:0b:7f:67:7d:
c6:78:97:8d:ae:f8:62:5c:74:5e:2d:bd:bc:7b:05:
49:bb:dd:93:47:a9:7b:dd:45:e6:22:7e:ee:46:aa:
91:a3:51:85:c8:9e:38:18:46:a6:ec:85:c2:6c:50:
1a:15:3d:b1:e4:af:f6:15:fc:cd:b5:19:3a:81:f7:
9a:67:c6:bf:5f:ae:b9:95:19:bf:e2:d1:4a:57:d3:
a9:d9:5f:75:96:09:73:59:0e:d6:76:93:21:02:e7:
76:9e:89:ec:a9:a1:d6:82:0e:a2:17:20:5c:09:e4:
7a:ec:89:13:b9:c8:4a:73:dc:d7:49:0a:dd:0e:6c:
ef:a9:6a:40:3c:b6:0c:81:db:a1:ce:3c:93:2b:7c:
f5:71:9a:14:0b:32:62:25:b4:aa:c9:7d:ee:d4:82:
39:8f:67:14:62:fe:6c:22:d8:02:7e:61:2f:72:46:
3c:7c:97:8d:fd:f9:e5:f8:6b:6e:44:e1:02:d0:56:
7c:b9:61:45:8f:0b:f9:97:bd:e7:3c:2f:c7:d2:98:
96:d4:a4:b3:49:83:e6:f2:ac:ee:f9:ac:55:5a:11:
61:98:fa:7c:f0:26:c5:d0:ed:d7:53:e6:ad:6c:01:
bd:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:10:97:C1:3C:D5:AA:9F:D9:7E:F5:19:C0:8D:6E:7F:BA:7C:89:E7
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bad59de4-adad-41c5-bcd9-10599419c7b5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
ad:88:7a:18:b4:90:e5:3a:11:1d:c4:b3:fe:ee:61:b9:7f:b7:
d9:f0:ed:51:d6:0d:d7:c8:ad:17:af:79:b0:bf:4f:d5:c5:ed:
bd:01:37:df:b1:ab:e4:b9:01:4e:29:f0:dc:a5:b5:0e:46:f2:
50:82:d3:11:2f:b3:18:39:80:6f:2e:ef:33:91:ee:c2:48:77:
10:f7:bc:fc:83:e8:80:2d:f4:0e:6e:91:d2:7e:37:e9:4a:9c:
61:ac:aa:c6:3d:12:0a:c2:bd:c7:23:85:02:7e:47:f1:9d:ea:
d6:d1:03:70:6b:14:9c:ca:ab:25:00:3e:65:44:4b:9d:7b:23:
8c:b3:a1:c3:38:45:73:d7:e3:ea:a5:40:58:13:8f:75:ba:8d:
fa:c6:7e:08:50:47:00:fa:f5:40:1c:96:22:cf:92:bb:46:47:
71:5a:05:4f:ba:a2:1e:00:67:fa:92:0c:f4:34:7f:0a:4b:dc:
82:da:d6:74:a1:ee:3f:9d:71:0d:b1:76:94:50:ab:fd:2d:29:
3e:1b:6f:a3:96:b5:7a:35:f8:b0:88:96:9a:1d:c7:08:b1:37:
88:01:7d:c4:d5:17:02:cf:38:66:63:c2:e4:cb:39:50:72:f4:
83:aa:03:d8:b0:66:9f:b5:f8:0e:1b:62:79:61:cc:d7:45:a2:
29:05:71:b0
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUaoZM7TOFrE4D8nGjFlDSYVfMPo4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MjAwMDUwMDdaFw0yNjA4MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDJiYTc0NzI5NjRmMTU0MTU0ZDMxZDYzNzRmMWU1Yjk4ZWMzYjJjNjc4ZDZh
ZTk2NzBhNjdlYzkyMDcxYTg4Y2MxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIgp2dl7QQ5JlAqvFXI1ScQU2UY+ALWwqoULf2d9xniXja74Ylx0Xi29vHsF
Sbvdk0epe91F5iJ+7kaqkaNRhcieOBhGpuyFwmxQGhU9seSv9hX8zbUZOoH3mmfG
v1+uuZUZv+LRSlfTqdlfdZYJc1kO1naTIQLndp6J7Kmh1oIOohcgXAnkeuyJE7nI
SnPc10kK3Q5s76lqQDy2DIHboc48kyt89XGaFAsyYiW0qsl97tSCOY9nFGL+bCLY
An5hL3JGPHyXjf355fhrbkThAtBWfLlhRY8L+Ze95zwvx9KYltSks0mD5vKs7vms
VVoRYZj6fPAmxdDt11PmrWwBvbcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRdEJfB
PNWqn9l+9RnAjW5/unyJ5zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YmFkNTlkZTQtYWRhZC00MWM1LWJjZDktMTA1OTk0MTljN2I1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBjMAQDAN
BgkqhkiG9w0BAQsFAAOCAQEArYh6GLSQ5ToRHcSz/u5huX+32fDtUdYN18itF695
sL9P1cXtvQE337Gr5LkBTinw3KW1DkbyUILTES+zGDmAby7vM5Huwkh3EPe8/IPo
gC30Dm6R0n436UqcYayqxj0SCsK9xyOFAn5H8Z3q1tEDcGsUnMqrJQA+ZURLnXsj
jLOhwzhFc9fj6qVAWBOPdbqN+sZ+CFBHAPr1QByWIs+Su0ZHcVoFT7qiHgBn+pIM
9DR/CkvcgtrWdKHuP51xDbF2lFCr/S0pPhtvo5a1ejX4sIiWmh3HCLE3iAF9xNUX
As84ZmPC5Ms5UHL0g6oD2LBmn7X4DhtieWHM10WiKQVxsA==
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:24:56 2026 by rpki-client