Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c8fd8c44-7514-40e6-9198-e0b6e37b4c69.roa
File: c8fd8c44-7514-40e6-9198-e0b6e37b4c69.roa (raw, json)
Hash identifier: jZMIjC9AFQ6DGg602XIf//RKfrJ7UL5Khs3TvfKUMcM=
Subject key identifier: B9:2D:8D:34:BA:CB:A5:F6:CE:61:60:12:28:14:BE:1D:BE:B4:8F:64
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4E311FFC8731606EB9D7FFBB8E15CDE14EE7C22A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c8fd8c44-7514-40e6-9198-e0b6e37b4c69.roa
Signing time: Fri 06 Feb 2026 00:40:24 +0000
ROA not before: Fri 06 Feb 2026 00:40:24 +0000
ROA not after: Thu 07 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.16.238.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:31:1f:fc:87:31:60:6e:b9:d7:ff:bb:8e:15:cd:e1:4e:e7:c2:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 6 00:40:24 2026 GMT
Not After : May 7 23:59:59 2026 GMT
Subject: serialNumber=492d7825e83771fbf5d721eedb1ca7ddb330922b0bb03de89ae9077e1e7d1d5e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:6f:ad:3b:a1:27:85:a3:70:f0:f4:26:3e:6a:
8c:9e:07:e0:b0:41:91:66:94:cc:99:b3:78:d7:6b:
00:0f:61:35:cd:b7:05:66:c4:5f:8c:4a:4e:6d:12:
1e:b3:8d:37:88:fd:17:32:7b:6a:c5:96:3c:8e:11:
f6:b9:49:5a:07:1d:ce:38:2c:f4:62:a2:95:f0:29:
4c:f3:d5:c1:55:22:ec:78:49:5a:ce:d0:16:98:0d:
f7:7d:b2:97:29:e8:00:d1:26:15:80:0e:7f:9d:af:
05:b6:4e:39:66:d4:84:93:ce:75:4e:cf:a2:98:38:
6b:96:a0:2d:88:6a:57:0a:72:b7:0e:b5:d7:4b:54:
a5:2e:4a:56:2f:9e:ed:c8:4a:23:48:73:f1:4e:68:
da:79:2f:6a:cd:83:21:fe:b7:2f:60:b3:ce:8e:41:
19:5e:a2:c2:fa:c8:b8:7c:2a:2a:aa:1e:60:ab:cd:
5c:80:ea:78:53:1e:1d:8f:59:02:b9:e9:07:94:5e:
b2:f0:0b:17:95:17:32:ff:26:3a:db:98:be:8c:a9:
38:40:f7:c3:2c:73:44:dd:d6:fc:bc:c3:1d:57:5b:
cf:05:b7:5f:09:5b:68:25:89:26:e8:ca:ca:9b:26:
11:3f:98:51:26:44:7d:bd:16:b3:9e:5d:db:33:f0:
bd:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:2D:8D:34:BA:CB:A5:F6:CE:61:60:12:28:14:BE:1D:BE:B4:8F:64
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c8fd8c44-7514-40e6-9198-e0b6e37b4c69.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.16.238.0/23
Signature Algorithm: sha256WithRSAEncryption
b1:b5:6d:69:15:a6:50:2a:4d:60:93:43:8a:6b:23:2c:0c:11:
3b:54:58:79:60:3b:b9:1b:f9:27:53:06:f6:67:ca:36:05:2b:
8b:53:64:fc:38:d6:72:4f:94:92:81:86:4a:7d:54:00:5d:65:
5c:c4:cd:fa:8d:d0:3a:8b:d5:e6:67:63:9d:0c:90:9b:6b:3d:
92:7e:05:5d:18:6c:65:37:f5:85:16:78:a2:2c:c5:6c:b5:02:
c1:10:ad:4e:ec:6c:8f:21:98:29:98:20:f5:ce:58:82:dc:8a:
b1:71:08:cb:ba:c9:c7:0a:fe:09:11:90:d3:47:8c:05:89:2a:
17:a4:54:39:99:e8:03:31:5d:e3:40:f7:6b:96:a0:0e:ae:2c:
da:9b:77:d9:2b:cb:45:5d:7b:df:bb:f0:1f:b0:ee:16:56:80:
54:57:47:f9:9c:b2:55:87:9b:a1:5a:79:1d:00:13:f4:2b:60:
fb:9e:cc:7e:ca:c6:18:10:2a:86:54:5e:09:d3:d4:8b:6d:e9:
06:47:4e:33:49:f0:3b:d1:02:cf:cb:0e:4a:7e:ea:aa:04:5d:
9c:a3:0d:6d:1f:31:a0:0f:1c:e0:be:12:a7:76:ec:e0:d4:f1:
ca:20:95:1e:76:5e:dd:e9:9b:fe:66:8f:9c:8a:4b:29:c0:db:
88:81:3b:eb
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUTjEf/IcxYG651/+7jhXN4U7nwiowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMDYwMDQwMjRaFw0yNjA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ5MmQ3ODI1ZTgzNzcxZmJmNWQ3MjFlZWRiMWNhN2RkYjMzMDkyMmIwYmIw
M2RlODlhZTkwNzdlMWU3ZDFkNWUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKhvrTuhJ4WjcPD0Jj5qjJ4H4LBBkWaUzJmzeNdrAA9hNc23BWbEX4xKTm0S
HrONN4j9FzJ7asWWPI4R9rlJWgcdzjgs9GKilfApTPPVwVUi7HhJWs7QFpgN932y
lynoANEmFYAOf52vBbZOOWbUhJPOdU7Popg4a5agLYhqVwpytw6110tUpS5KVi+e
7chKI0hz8U5o2nkvas2DIf63L2Czzo5BGV6iwvrIuHwqKqoeYKvNXIDqeFMeHY9Z
ArnpB5ResvALF5UXMv8mOtuYvoypOED3wyxzRN3W/LzDHVdbzwW3XwlbaCWJJujK
ypsmET+YUSZEfb0Ws55d2zPwvSMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBS5LY00
usul9s5hYBIoFL4dvrSPZDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzhmZDhjNDQtNzUxNC00MGU2LTkxOTgtZTBiNmUzN2I0YzY5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEATMQ7jAN
BgkqhkiG9w0BAQsFAAOCAQEAsbVtaRWmUCpNYJNDimsjLAwRO1RYeWA7uRv5J1MG
9mfKNgUri1Nk/DjWck+UkoGGSn1UAF1lXMTN+o3QOovV5mdjnQyQm2s9kn4FXRhs
ZTf1hRZ4oizFbLUCwRCtTuxsjyGYKZgg9c5YgtyKsXEIy7rJxwr+CRGQ00eMBYkq
F6RUOZnoAzFd40D3a5agDq4s2pt32SvLRV1737vwH7DuFlaAVFdH+ZyyVYeboVp5
HQAT9Ctg+57MfsrGGBAqhlReCdPUi23pBkdOM0nwO9ECz8sOSn7qqgRdnKMNbR8x
oA8c4L4Sp3bs4NTxyiCVHnZe3emb/maPnIpLKcDbiIE76w==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:34:58 2026 by rpki-client