Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c2c395e2-491c-4141-ba1e-1b3717841063.roa
File: c2c395e2-491c-4141-ba1e-1b3717841063.roa (raw, json)
Hash identifier: 7zz+O6klnFGiIOXPYgHHaRuG83RtQvvQzfh9Y7UqgTg=
Subject key identifier: FC:B3:28:51:3A:9F:A2:8C:D0:39:3C:4A:16:FF:78:C2:55:33:2D:47
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1D205D3FFBCFF918A924A88C04809E5888F3C736
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c2c395e2-491c-4141-ba1e-1b3717841063.roa
Signing time: Tue 19 May 2026 06:00:07 +0000
ROA not before: Tue 19 May 2026 06:00:07 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.152.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:20:5d:3f:fb:cf:f9:18:a9:24:a8:8c:04:80:9e:58:88:f3:c7:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 06:00:07 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=50d488b8c4fea647845743266a7778d6e1c2fbe8c80d1ed2f61c291d6a828a1e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:9d:b1:f1:a1:49:a2:a2:27:90:c0:96:f7:17:
03:a0:96:91:af:b7:30:9f:67:e0:47:b0:2d:e1:62:
a6:82:c0:9a:14:9d:eb:59:95:cf:b3:80:5c:42:99:
a4:46:9b:1a:6b:3a:1e:58:28:37:96:96:3c:21:d1:
94:81:7e:18:33:1b:c5:1f:fb:e0:91:9e:e9:9a:d7:
c5:5d:a4:e2:5e:c4:c3:f8:3a:9e:0e:ff:c8:e9:1f:
28:bf:c1:48:74:c1:23:57:4d:46:22:d3:0e:45:57:
ac:12:dc:10:fe:07:64:18:14:8e:a2:7a:87:85:7c:
91:01:de:9e:6f:58:ac:b2:4c:5d:a3:7d:45:9e:e4:
bf:bd:93:69:04:94:5b:6c:b0:90:28:45:d6:9c:a6:
15:ea:d5:b7:d9:84:bf:ed:1f:19:08:3c:48:0d:12:
d0:68:25:4d:b2:6a:03:9a:7e:9b:cc:44:f1:3c:b5:
7c:e4:b9:7a:97:3c:d3:7b:44:4b:0c:e7:33:64:94:
73:cf:ce:52:bb:86:c9:81:f9:82:9f:ff:c1:b3:94:
85:c4:0f:8d:7f:cd:ab:bf:33:b1:0e:01:ee:19:c3:
de:79:91:6a:aa:1c:0e:19:5c:7d:09:51:8d:55:39:
b8:6b:47:d5:b9:d4:fa:98:4f:01:4b:07:a5:48:1e:
3c:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:B3:28:51:3A:9F:A2:8C:D0:39:3C:4A:16:FF:78:C2:55:33:2D:47
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c2c395e2-491c-4141-ba1e-1b3717841063.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.152.0.0/15
Signature Algorithm: sha256WithRSAEncryption
cc:29:ff:9c:e0:6a:f7:a8:97:29:39:72:30:28:b5:18:e2:cd:
57:96:28:57:de:2d:72:ac:c0:7c:92:3b:8d:41:97:5e:7e:ae:
64:f2:91:5b:ef:5b:99:59:49:ef:99:1f:38:93:af:cb:f8:df:
9b:5a:a0:de:ae:3a:3d:97:2f:82:44:d0:76:66:dc:02:47:67:
54:ff:24:a2:ee:e7:bc:17:c3:e4:16:f3:1b:3e:19:88:34:fd:
65:a1:88:c1:01:e6:4d:bc:b3:96:65:52:3b:45:08:0b:99:ff:
bb:6c:01:e1:3b:3f:64:7f:68:93:c8:10:a8:a4:6e:21:e4:a2:
e3:f1:cd:5c:f6:3b:9f:4e:c8:0a:e7:52:8d:f2:10:7f:1c:dc:
fe:78:0c:92:e8:96:32:13:5b:58:cc:02:32:f8:6c:31:f4:e7:
a1:24:9c:09:74:a4:1e:0c:0c:61:64:98:57:cb:0d:8f:5a:33:
ed:44:66:d9:ac:67:0c:cd:cc:47:81:c9:27:d2:27:5e:39:bd:
c8:85:fa:8b:6e:ba:1d:0d:d9:ec:ea:22:b2:4b:6a:db:bb:82:
6d:b9:39:ab:b4:da:96:bf:fa:2d:31:04:dc:5b:2b:01:2b:5b:
32:db:50:25:8e:34:32:64:70:80:68:86:0e:e4:8e:b8:78:f1:
d7:bd:3c:d6
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUHSBdP/vP+RipJKiMBICeWIjzxzYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNjAwMDdaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDUwZDQ4OGI4YzRmZWE2NDc4NDU3NDMyNjZhNzc3OGQ2ZTFjMmZiZThjODBk
MWVkMmY2MWMyOTFkNmE4MjhhMWUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKWdsfGhSaKiJ5DAlvcXA6CWka+3MJ9n4EewLeFipoLAmhSd61mVz7OAXEKZ
pEabGms6HlgoN5aWPCHRlIF+GDMbxR/74JGe6ZrXxV2k4l7Ew/g6ng7/yOkfKL/B
SHTBI1dNRiLTDkVXrBLcEP4HZBgUjqJ6h4V8kQHenm9YrLJMXaN9RZ7kv72TaQSU
W2ywkChF1pymFerVt9mEv+0fGQg8SA0S0GglTbJqA5p+m8xE8Ty1fOS5epc803tE
SwznM2SUc8/OUruGyYH5gp//wbOUhcQPjX/Nq78zsQ4B7hnD3nmRaqocDhlcfQlR
jVU5uGtH1bnU+phPAUsHpUgePFECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT8syhR
Op+ijNA5PEoW/3jCVTMtRzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzJjMzk1ZTItNDkxYy00MTQxLWJhMWUtMWIzNzE3ODQxMDYzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOYMA0G
CSqGSIb3DQEBCwUAA4IBAQDMKf+c4Gr3qJcpOXIwKLUY4s1XlihX3i1yrMB8kjuN
QZdefq5k8pFb71uZWUnvmR84k6/L+N+bWqDerjo9ly+CRNB2ZtwCR2dU/ySi7ue8
F8PkFvMbPhmINP1loYjBAeZNvLOWZVI7RQgLmf+7bAHhOz9kf2iTyBCopG4h5KLj
8c1c9jufTsgK51KN8hB/HNz+eAyS6JYyE1tYzAIy+Gwx9OehJJwJdKQeDAxhZJhX
yw2PWjPtRGbZrGcMzcxHgckn0ideOb3IhfqLbrodDdns6iKyS2rbu4JtuTmrtNqW
v/otMQTcWysBK1sy21AljjQyZHCAaIYO5I64ePHXvTzW
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:02:04 2026 by rpki-client