Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c50006d0-c65f-4259-ace3-46351e9d23c5.roa
File: c50006d0-c65f-4259-ace3-46351e9d23c5.roa (raw, json)
Hash identifier: LPhS+JJadGv98LkgGIMo2vdBWnO+f1DcxKXgPyCFLv0=
Subject key identifier: 6D:87:AF:B5:55:0C:4E:64:68:68:89:11:8A:B3:12:57:E7:0A:D5:CC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5E7FCDE92871CD363DE52DF04CC67F470623112D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c50006d0-c65f-4259-ace3-46351e9d23c5.roa
Signing time: Fri 06 Feb 2026 00:40:09 +0000
ROA not before: Fri 06 Feb 2026 00:40:09 +0000
ROA not after: Thu 07 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.84.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:7f:cd:e9:28:71:cd:36:3d:e5:2d:f0:4c:c6:7f:47:06:23:11:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 6 00:40:09 2026 GMT
Not After : May 7 23:59:59 2026 GMT
Subject: serialNumber=99a3b5608bd679bc89eb7b25e0a892b1257178d047ccdff5464200bb7e166e7b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:cd:e1:e6:80:97:b4:fb:7f:7c:53:7b:69:61:
ec:a3:54:0d:3c:3e:10:9b:9a:41:f1:7e:a0:e6:9c:
1b:9c:ec:e6:69:6d:e4:51:66:0b:b4:3f:2b:3b:11:
78:92:50:fc:a9:6b:f2:88:00:ff:29:40:74:ef:93:
a8:5c:41:17:dd:11:dc:ab:21:4c:c5:1c:f0:32:95:
69:b6:b1:26:a1:3d:a3:85:ac:d2:bd:64:dd:86:fb:
0e:5e:59:93:ca:f0:89:59:7b:34:23:e5:e3:bc:58:
e1:36:3b:c4:f6:6f:37:44:3f:b7:7d:19:98:a9:dd:
6f:f1:8b:6a:ad:08:f4:3b:06:8e:12:6d:38:4e:8a:
ad:02:7e:a8:c6:90:60:67:2c:57:ec:ba:a2:a7:a6:
1f:c6:f6:42:65:c0:7b:9a:8d:ef:5b:cb:37:3e:ea:
a2:53:88:1c:c3:dc:7f:c3:12:a3:96:21:34:92:f3:
92:80:8b:65:6f:a0:40:be:3f:dd:c6:bf:3b:68:63:
07:fb:1a:a8:da:d6:ca:bf:2c:a0:d7:2b:e0:ec:c7:
14:94:f8:65:77:7a:d8:06:e3:11:78:96:ec:85:59:
9a:22:7a:63:f8:3b:76:f8:82:84:55:ff:74:7b:c9:
36:b6:e3:e5:13:d0:19:58:71:7a:df:43:f8:f5:da:
06:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:87:AF:B5:55:0C:4E:64:68:68:89:11:8A:B3:12:57:E7:0A:D5:CC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c50006d0-c65f-4259-ace3-46351e9d23c5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.84.0.0/16
Signature Algorithm: sha256WithRSAEncryption
86:df:2d:cf:bb:14:47:2b:5f:fc:6d:c8:6a:ee:fb:d5:fb:22:
0c:02:ef:7b:75:1a:99:d5:eb:b4:dd:52:c6:b8:fd:e1:f9:8d:
e8:46:67:a1:c9:1a:52:ee:63:76:2f:55:2f:eb:d7:1f:c2:71:
4f:4f:50:a8:52:45:ec:53:64:97:dc:af:3e:4c:35:d2:6c:ef:
95:8a:fa:0b:cf:5d:76:40:5b:02:a2:c1:87:6e:3b:21:b2:d2:
46:14:1b:ba:55:41:a1:aa:70:3d:76:26:07:b5:8e:74:f4:b8:
0d:83:30:a7:f8:bb:c6:b4:81:18:be:ba:b2:a5:45:aa:6a:51:
a5:f7:7d:84:fb:87:ad:80:4e:cb:0d:7a:55:19:e3:1e:4f:4b:
1b:a7:08:ab:58:ef:90:44:25:88:44:bc:f0:21:5d:cf:62:a5:
c0:a9:d4:2c:56:bc:8d:d9:94:09:44:69:d3:f2:cb:95:db:87:
90:bd:9f:77:4a:74:3b:84:df:bb:a6:ea:60:13:db:f3:97:9d:
d7:95:ec:1c:b9:d7:bc:0b:c6:60:76:07:fc:57:89:6f:02:e5:
7d:bf:3c:17:cd:bb:8f:c9:15:d3:a5:7d:3e:78:09:97:ca:45:
74:4a:55:36:6f:83:89:1d:fc:d9:76:73:74:04:7d:3b:03:c0:
82:4e:8c:ec
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUXn/N6ShxzTY95S3wTMZ/RwYjES0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMDYwMDQwMDlaFw0yNjA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDk5YTNiNTYwOGJkNjc5YmM4OWViN2IyNWUwYTg5MmIxMjU3MTc4ZDA0N2Nj
ZGZmNTQ2NDIwMGJiN2UxNjZlN2IxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJXN4eaAl7T7f3xTe2lh7KNUDTw+EJuaQfF+oOacG5zs5mlt5FFmC7Q/KzsR
eJJQ/Klr8ogA/ylAdO+TqFxBF90R3KshTMUc8DKVabaxJqE9o4Ws0r1k3Yb7Dl5Z
k8rwiVl7NCPl47xY4TY7xPZvN0Q/t30ZmKndb/GLaq0I9DsGjhJtOE6KrQJ+qMaQ
YGcsV+y6oqemH8b2QmXAe5qN71vLNz7qolOIHMPcf8MSo5YhNJLzkoCLZW+gQL4/
3ca/O2hjB/saqNrWyr8soNcr4OzHFJT4ZXd62AbjEXiW7IVZmiJ6Y/g7dviChFX/
dHvJNrbj5RPQGVhxet9D+PXaBnECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRth6+1
VQxOZGhoiRGKsxJX5wrVzDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzUwMDA2ZDAtYzY1Zi00MjU5LWFjZTMtNDYzNTFlOWQyM2M1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNUMA0G
CSqGSIb3DQEBCwUAA4IBAQCG3y3PuxRHK1/8bchq7vvV+yIMAu97dRqZ1eu03VLG
uP3h+Y3oRmehyRpS7mN2L1Uv69cfwnFPT1CoUkXsU2SX3K8+TDXSbO+VivoLz112
QFsCosGHbjshstJGFBu6VUGhqnA9diYHtY509LgNgzCn+LvGtIEYvrqypUWqalGl
932E+4etgE7LDXpVGeMeT0sbpwirWO+QRCWIRLzwIV3PYqXAqdQsVryN2ZQJRGnT
8suV24eQvZ93SnQ7hN+7pupgE9vzl53Xlewcude8C8Zgdgf8V4lvAuV9vzwXzbuP
yRXTpX0+eAmXykV0SlU2b4OJHfzZdnN0BH07A8CCTozs
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:52:23 2026 by rpki-client