Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cf51afdd-468d-4999-b2cd-4c6517505aee.roa
File: cf51afdd-468d-4999-b2cd-4c6517505aee.roa (raw, json)
Hash identifier: IGDe3/ggPHSx2WUm9bsPhCEgVaYXwSjfrY7DrINkPUI=
Subject key identifier: C7:CF:E6:3B:91:BD:A2:1F:28:71:7B:D5:2E:0B:D8:FB:7D:38:52:30
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7202013334E04681526C93F3FFD2AE58BF81DE8C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cf51afdd-468d-4999-b2cd-4c6517505aee.roa
Signing time: Tue 19 May 2026 06:00:51 +0000
ROA not before: Tue 19 May 2026 06:00:51 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.202.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:02:01:33:34:e0:46:81:52:6c:93:f3:ff:d2:ae:58:bf:81:de:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 06:00:51 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=99c385b42df0617064d641f007e634c383e9f19c40695129c039f3fe5644941e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:66:95:98:bd:b4:b1:41:e6:5e:86:70:0c:c2:
1d:62:55:4d:ea:69:ae:d9:3a:84:51:71:c0:a1:8d:
11:a0:7d:bc:90:65:c0:15:d8:0f:8a:28:0a:f6:a1:
f1:b1:4d:73:56:62:41:e3:22:4a:c6:73:d6:e7:53:
c4:65:01:c7:a4:f6:14:80:cd:fd:4b:0e:5f:a4:84:
08:a5:01:a8:fb:4a:13:1a:6f:b9:52:07:7c:5f:26:
b2:83:15:b6:31:37:9c:96:2e:41:a0:1f:0c:d6:a5:
e2:83:15:0d:33:0c:31:a5:89:ce:9b:14:e3:74:c5:
00:26:3a:4c:94:c6:78:36:4c:dc:c5:c4:a6:d6:3f:
bf:57:2f:5c:8a:f4:db:48:bf:bc:94:a5:4b:63:a3:
da:96:fe:b8:d0:40:17:0e:24:db:ab:ad:63:79:34:
10:e5:aa:ec:23:90:60:f3:06:66:7a:c8:85:dc:ce:
ba:2c:6a:6e:f8:ae:00:e8:96:a2:d8:c6:16:eb:cc:
af:0a:d0:a7:a9:7c:f3:1a:29:42:fb:15:64:2a:60:
b4:b5:59:35:05:1b:7b:39:ac:2f:77:5e:b4:47:37:
06:4c:06:3c:1a:4c:f4:a8:09:43:92:74:24:fa:db:
5e:fd:6b:ff:2a:6f:d6:97:c0:9a:d9:4c:54:a4:9b:
ac:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:CF:E6:3B:91:BD:A2:1F:28:71:7B:D5:2E:0B:D8:FB:7D:38:52:30
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cf51afdd-468d-4999-b2cd-4c6517505aee.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.202.0.0/15
Signature Algorithm: sha256WithRSAEncryption
95:0e:9d:27:9d:cf:18:58:8d:66:5b:1e:4d:2d:53:3d:a7:8f:
19:54:49:2b:4f:28:c2:9b:a0:c6:44:a0:f5:e8:90:7b:7c:3f:
58:5e:d5:ff:ea:a1:dd:77:be:9c:3b:42:86:78:5a:20:90:99:
89:29:c8:8b:04:93:e6:d9:97:4e:f6:27:13:7c:22:33:5b:96:
7d:b9:4e:41:87:5a:40:00:7c:5c:31:c9:c0:e4:82:7e:ae:98:
91:ae:8d:98:2e:90:8d:e8:f5:09:00:ed:c9:68:f9:9c:84:6e:
71:8e:52:24:af:47:31:02:42:68:d4:43:60:74:34:ff:80:17:
fd:be:c0:3d:14:bc:b7:12:68:cb:df:4f:d5:fb:a1:55:a8:cf:
4f:e6:ac:c2:cf:1d:b5:02:45:62:d4:7c:98:ea:58:63:d6:87:
45:96:1c:e1:40:e1:5b:d7:33:34:98:c3:cd:a9:bd:23:1f:b9:
87:20:b1:b0:af:e0:08:b5:df:aa:d5:0e:e8:ac:ae:b6:9f:be:
0c:59:83:ff:f3:e1:82:87:e6:16:b1:5b:27:5b:10:b5:ac:cf:
fa:75:a6:0b:06:0d:39:8f:02:80:97:94:f8:7a:fa:da:62:58:
b7:d2:34:85:57:a9:ed:e6:3a:82:f3:dd:2e:24:9b:5b:a8:d7:
e1:90:c8:a7
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUcgIBMzTgRoFSbJPz/9KuWL+B3owwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNjAwNTFaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDk5YzM4NWI0MmRmMDYxNzA2NGQ2NDFmMDA3ZTYzNGMzODNlOWYxOWM0MDY5
NTEyOWMwMzlmM2ZlNTY0NDk0MWUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKhmlZi9tLFB5l6GcAzCHWJVTepprtk6hFFxwKGNEaB9vJBlwBXYD4ooCvah
8bFNc1ZiQeMiSsZz1udTxGUBx6T2FIDN/UsOX6SECKUBqPtKExpvuVIHfF8msoMV
tjE3nJYuQaAfDNal4oMVDTMMMaWJzpsU43TFACY6TJTGeDZM3MXEptY/v1cvXIr0
20i/vJSlS2Oj2pb+uNBAFw4k26utY3k0EOWq7COQYPMGZnrIhdzOuixqbviuAOiW
otjGFuvMrwrQp6l88xopQvsVZCpgtLVZNQUbezmsL3detEc3BkwGPBpM9KgJQ5J0
JPrbXv1r/ypv1pfAmtlMVKSbrNkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTHz+Y7
kb2iHyhxe9UuC9j7fThSMDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Y2Y1MWFmZGQtNDY4ZC00OTk5LWIyY2QtNGM2NTE3NTA1YWVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPKMA0G
CSqGSIb3DQEBCwUAA4IBAQCVDp0nnc8YWI1mWx5NLVM9p48ZVEkrTyjCm6DGRKD1
6JB7fD9YXtX/6qHdd76cO0KGeFogkJmJKciLBJPm2ZdO9icTfCIzW5Z9uU5Bh1pA
AHxcMcnA5IJ+rpiRro2YLpCN6PUJAO3JaPmchG5xjlIkr0cxAkJo1ENgdDT/gBf9
vsA9FLy3EmjL30/V+6FVqM9P5qzCzx21AkVi1HyY6lhj1odFlhzhQOFb1zM0mMPN
qb0jH7mHILGwr+AItd+q1Q7orK62n74MWYP/8+GCh+YWsVsnWxC1rM/6daYLBg05
jwKAl5T4evraYli30jSFV6nt5jqC890uJJtbqNfhkMin
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:00:42 2026 by rpki-client