Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bad59de4-adad-41c5-bcd9-10599419c7b5.roa
File: bad59de4-adad-41c5-bcd9-10599419c7b5.roa (raw, json)
Hash identifier: 4lvPg95mumOQBtl06ii3jD0sixBfnmZ0fz4EqF1EReQ=
Subject key identifier: C3:69:F6:9C:8E:39:6F:B7:2A:F1:CF:F9:AD:BA:18:19:55:AA:65:D2
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5D3217BB085F5587FAE059C7E549A5287A2D2766
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bad59de4-adad-41c5-bcd9-10599419c7b5.roa
Signing time: Sun 01 Mar 2026 01:00:11 +0000
ROA not before: Sun 01 Mar 2026 01:00:11 +0000
ROA not after: Sat 30 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.64.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:32:17:bb:08:5f:55:87:fa:e0:59:c7:e5:49:a5:28:7a:2d:27:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 1 01:00:11 2026 GMT
Not After : May 30 23:59:59 2026 GMT
Subject: serialNumber=18ae2514093a00ccd2c947c6ce012a9b5ee40e5117b19f139f982164f7137352, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:02:b2:f6:49:ac:a1:d7:aa:95:7f:50:c8:e2:
9e:82:cf:7e:25:fe:33:86:de:2a:ad:b4:bb:43:60:
55:5d:eb:70:65:c8:9c:a0:27:19:55:7c:49:1d:b5:
65:cc:a9:f5:2a:39:71:0c:75:9e:b9:b8:31:67:e8:
e5:d4:52:9f:bc:60:2a:1c:97:61:13:6b:f5:16:e7:
c4:d6:a9:2a:66:18:64:dd:9b:7a:0c:5a:69:38:5b:
79:c5:79:e8:66:79:0c:7a:b3:37:51:aa:71:c7:d8:
ba:cc:4d:c9:10:03:23:d3:e0:68:2b:fa:be:01:11:
d5:fc:33:db:9b:9e:c9:a5:ee:99:66:bd:23:94:4b:
41:18:43:19:f4:55:8a:c1:68:00:60:2d:bc:8d:fb:
4a:59:a2:3f:13:0b:d9:d4:64:5b:6b:2e:f5:9f:56:
7e:13:ee:38:0f:b8:fd:98:82:0e:83:d9:bd:61:8e:
7f:d3:21:dd:1b:02:d0:4d:9f:63:e5:31:d3:fb:08:
c5:73:82:10:25:78:17:02:68:9d:d7:ea:82:7a:f1:
3e:1a:fc:e0:98:7e:25:9b:da:75:4e:8f:9d:4b:08:
3b:f2:5d:31:85:bc:2c:6a:e9:91:de:28:94:d0:17:
29:dd:9d:b0:59:60:c8:e8:53:76:1f:ad:6c:67:e3:
43:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:69:F6:9C:8E:39:6F:B7:2A:F1:CF:F9:AD:BA:18:19:55:AA:65:D2
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bad59de4-adad-41c5-bcd9-10599419c7b5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
42:d9:ce:eb:9f:48:af:79:80:ca:88:62:cd:9b:d7:af:40:ad:
2d:e1:88:a4:da:b2:28:0a:7a:7d:c9:b8:1d:12:3a:dd:b7:c1:
54:81:22:f9:92:ed:79:a3:31:28:c7:28:a5:24:01:f1:7b:be:
c5:99:15:c8:4e:d1:08:d4:2b:a3:fc:06:62:1c:47:37:ab:fb:
5b:53:64:9d:f6:48:77:91:c6:a7:03:06:fd:8d:3d:0d:14:af:
64:59:1a:5d:da:29:25:7f:f0:5b:8f:c2:0e:6a:42:1b:e9:5e:
11:84:4a:06:16:94:c6:09:52:60:9f:e2:f9:97:18:20:a9:c8:
68:8b:89:4c:18:c0:76:8b:28:42:1d:a5:0b:bb:7f:fd:67:2a:
16:8f:1f:b7:13:d4:75:b1:5a:56:09:eb:16:b3:b8:cc:fb:59:
d7:80:e3:90:07:e0:07:62:37:4f:82:aa:92:f8:98:8e:38:e6:
0b:59:d1:16:cf:32:22:d8:fb:b9:6f:5a:bc:29:56:2b:9c:34:
bd:63:31:44:4e:31:62:a7:67:da:21:58:62:bb:c3:1b:79:97:
76:99:cd:22:64:32:1c:24:a6:59:24:f7:03:78:6d:cd:69:0a:
39:43:1c:eb:4b:db:30:5d:aa:6a:7e:97:78:d6:d5:c5:3b:3b:
49:f7:3d:59
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUXTIXuwhfVYf64FnH5UmlKHotJ2YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAzMDEwMTAwMTFaFw0yNjA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDE4YWUyNTE0MDkzYTAwY2NkMmM5NDdjNmNlMDEyYTliNWVlNDBlNTExN2Ix
OWYxMzlmOTgyMTY0ZjcxMzczNTIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMgCsvZJrKHXqpV/UMjinoLPfiX+M4beKq20u0NgVV3rcGXInKAnGVV8SR21
Zcyp9So5cQx1nrm4MWfo5dRSn7xgKhyXYRNr9RbnxNapKmYYZN2begxaaThbecV5
6GZ5DHqzN1GqccfYusxNyRADI9PgaCv6vgER1fwz25ueyaXumWa9I5RLQRhDGfRV
isFoAGAtvI37SlmiPxML2dRkW2su9Z9WfhPuOA+4/ZiCDoPZvWGOf9Mh3RsC0E2f
Y+Ux0/sIxXOCECV4FwJondfqgnrxPhr84Jh+JZvadU6PnUsIO/JdMYW8LGrpkd4o
lNAXKd2dsFlgyOhTdh+tbGfjQyMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTDafac
jjlvtyrxz/mtuhgZVapl0jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YmFkNTlkZTQtYWRhZC00MWM1LWJjZDktMTA1OTk0MTljN2I1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBjMAQDAN
BgkqhkiG9w0BAQsFAAOCAQEAQtnO659Ir3mAyohizZvXr0CtLeGIpNqyKAp6fcm4
HRI63bfBVIEi+ZLteaMxKMcopSQB8Xu+xZkVyE7RCNQro/wGYhxHN6v7W1NknfZI
d5HGpwMG/Y09DRSvZFkaXdopJX/wW4/CDmpCG+leEYRKBhaUxglSYJ/i+ZcYIKnI
aIuJTBjAdosoQh2lC7t//WcqFo8ftxPUdbFaVgnrFrO4zPtZ14DjkAfgB2I3T4Kq
kviYjjjmC1nRFs8yItj7uW9avClWK5w0vWMxRE4xYqdn2iFYYrvDG3mXdpnNImQy
HCSmWST3A3htzWkKOUMc60vbMF2qan6XeNbVxTs7Sfc9WQ==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:53:34 2026 by rpki-client