Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ca9dc172-c5c5-48fd-a801-9f7f050aa67b.roa
File: ca9dc172-c5c5-48fd-a801-9f7f050aa67b.roa (raw, json)
Hash identifier: lA4abmjFrT3Rz/hLe03SvtEfoW/3dHmBj35LMjcyXVw=
Subject key identifier: 6A:C1:98:90:F7:83:C2:19:8A:E3:78:B5:06:DF:61:D6:F9:55:46:6B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 095CE187A1BBCF1BAEB29F8C9986091279347B3C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ca9dc172-c5c5-48fd-a801-9f7f050aa67b.roa
Signing time: Fri 06 Feb 2026 00:40:30 +0000
ROA not before: Fri 06 Feb 2026 00:40:30 +0000
ROA not after: Thu 07 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.24.0.0/13 maxlen: 13
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:5c:e1:87:a1:bb:cf:1b:ae:b2:9f:8c:99:86:09:12:79:34:7b:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 6 00:40:30 2026 GMT
Not After : May 7 23:59:59 2026 GMT
Subject: serialNumber=53352da886ab147dea0524a47f77032fe4924c8ed2661bbdfb4f916e4d82b9e5, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:c8:d9:17:68:23:75:c3:36:77:14:a2:47:46:
43:09:92:69:23:34:d8:a9:6a:6f:f7:a3:0b:c3:4b:
7a:03:65:b2:53:65:a4:85:3e:72:23:82:dc:cb:53:
c7:69:0d:f5:52:68:00:03:43:ac:6f:d6:b7:b9:82:
5b:a2:68:c8:20:4e:2e:48:27:3e:2e:94:53:1f:8a:
4f:6a:d6:d3:4d:3b:6a:cd:27:82:25:c2:87:a4:b3:
26:26:cf:b2:09:0f:0f:ab:fd:c5:1f:94:9c:50:19:
14:6f:3e:14:03:dd:e3:d2:88:65:ae:d9:da:5a:bd:
a9:f4:b7:e6:a6:6e:78:10:28:bf:ee:cf:f1:b9:fd:
c9:cb:1f:bb:a9:a0:43:f7:dd:98:00:93:cf:8d:6b:
b7:cd:ef:6a:2a:20:be:d6:a9:9b:ce:6c:b2:73:5b:
0c:1f:17:56:a4:4c:cd:42:c4:6d:7f:e5:d0:7b:32:
f4:60:19:57:4c:e4:d0:06:46:99:46:b0:86:4c:8f:
20:bc:54:80:92:76:3f:c4:77:0b:6b:d0:da:84:c8:
93:2d:77:cf:4b:f8:53:de:9e:17:28:26:68:33:80:
40:98:08:84:59:a3:56:6c:e7:23:20:6d:60:a6:f5:
4f:74:d5:91:d8:a8:c1:84:59:8b:47:cc:f7:81:94:
b2:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:C1:98:90:F7:83:C2:19:8A:E3:78:B5:06:DF:61:D6:F9:55:46:6B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ca9dc172-c5c5-48fd-a801-9f7f050aa67b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.24.0.0/13
Signature Algorithm: sha256WithRSAEncryption
83:f8:d8:dc:29:52:7b:67:61:e7:5c:72:74:91:6a:b8:2a:7b:
24:31:d2:87:67:d3:af:ac:2a:0d:5b:4f:af:d0:2e:d3:cf:91:
1f:b4:63:02:ae:97:e6:1f:94:51:87:89:6a:b7:e5:c4:72:cc:
90:dc:7d:4f:51:28:1f:75:3b:7d:71:2f:4c:e6:af:fe:54:35:
b4:cb:4b:e3:30:b2:9c:5b:1f:f9:16:e3:1a:dc:f6:be:b6:d0:
61:ff:69:c3:b0:e6:d1:ca:38:98:dd:62:d7:dc:6a:e8:22:23:
a0:48:6e:5d:f1:bb:1b:39:38:15:92:87:ca:55:53:4a:c1:d8:
94:56:06:7e:7a:ea:85:07:52:d1:39:ad:49:09:5d:45:a7:8d:
31:bc:df:c6:68:21:c8:b9:1c:9c:3a:b8:ce:ca:65:a2:99:9f:
26:ba:6b:ff:0c:87:ff:dc:e1:ac:ad:ed:76:9a:f8:cb:3b:f3:
27:c3:c3:3a:e9:31:40:99:50:fa:0a:c9:0f:75:a4:06:11:a6:
be:47:cb:43:52:18:3f:46:fc:ff:8a:78:a5:db:d6:92:a7:5f:
ea:fb:b5:6f:2f:1e:ef:18:69:df:dd:99:90:04:41:7a:e1:af:
16:df:3d:7f:01:ac:9e:ff:6f:d0:b3:4d:a7:a3:56:01:13:df:
54:15:ab:5b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUCVzhh6G7zxuusp+MmYYJEnk0ezwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMDYwMDQwMzBaFw0yNjA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDUzMzUyZGE4ODZhYjE0N2RlYTA1MjRhNDdmNzcwMzJmZTQ5MjRjOGVkMjY2
MWJiZGZiNGY5MTZlNGQ4MmI5ZTUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALzI2RdoI3XDNncUokdGQwmSaSM02Klqb/ejC8NLegNlslNlpIU+ciOC3MtT
x2kN9VJoAANDrG/Wt7mCW6JoyCBOLkgnPi6UUx+KT2rW0007as0ngiXCh6SzJibP
sgkPD6v9xR+UnFAZFG8+FAPd49KIZa7Z2lq9qfS35qZueBAov+7P8bn9ycsfu6mg
Q/fdmACTz41rt83vaiogvtapm85ssnNbDB8XVqRMzULEbX/l0Hsy9GAZV0zk0AZG
mUawhkyPILxUgJJ2P8R3C2vQ2oTIky13z0v4U96eFygmaDOAQJgIhFmjVmznIyBt
YKb1T3TVkdiowYRZi0fM94GUssECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRqwZiQ
94PCGYrjeLUG32HW+VVGazAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Y2E5ZGMxNzItYzVjNS00OGZkLWE4MDEtOWY3ZjA1MGFhNjdiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAzMYMA0G
CSqGSIb3DQEBCwUAA4IBAQCD+NjcKVJ7Z2HnXHJ0kWq4KnskMdKHZ9OvrCoNW0+v
0C7Tz5EftGMCrpfmH5RRh4lqt+XEcsyQ3H1PUSgfdTt9cS9M5q/+VDW0y0vjMLKc
Wx/5FuMa3Pa+ttBh/2nDsObRyjiY3WLX3GroIiOgSG5d8bsbOTgVkofKVVNKwdiU
VgZ+euqFB1LROa1JCV1Fp40xvN/GaCHIuRycOrjOymWimZ8mumv/DIf/3OGsre12
mvjLO/Mnw8M66TFAmVD6CskPdaQGEaa+R8tDUhg/Rvz/inil29aSp1/q+7VvLx7v
GGnf3ZmQBEF64a8W3z1/Aaye/2/Qs02no1YBE99UFatb
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:46:04 2026 by rpki-client