Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cf51afdd-468d-4999-b2cd-4c6517505aee.roa
File: cf51afdd-468d-4999-b2cd-4c6517505aee.roa (raw, json)
Hash identifier: 5JicMw70N8Dk7yYNqfAOp9RH2Yium5IubkWX2mVTRMQ=
Subject key identifier: 8D:DA:91:2E:1A:C0:D0:30:44:F6:60:3D:87:C1:5B:A3:50:B5:B3:32
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2414F44D44AA96EDDE593A4D714ACC23577CA33D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cf51afdd-468d-4999-b2cd-4c6517505aee.roa
Signing time: Sat 28 Feb 2026 06:40:05 +0000
ROA not before: Sat 28 Feb 2026 06:40:05 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.202.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:14:f4:4d:44:aa:96:ed:de:59:3a:4d:71:4a:cc:23:57:7c:a3:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 28 06:40:05 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=17580520f785328ddbd174f53ae0bfde3b58ce5c7c68b003b8517c29250755ee, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:d7:06:e0:60:b2:8d:2f:17:d3:97:24:40:c8:
4f:62:b4:44:5a:ae:39:a6:68:1e:86:f6:7d:c4:7e:
d2:72:6f:22:4b:c3:13:7f:a8:33:46:3b:be:e2:f1:
f4:89:c9:b5:38:d3:3b:0d:5c:63:88:b5:4a:34:d2:
7c:91:2f:65:07:14:09:30:19:fe:ba:b7:b3:7a:33:
04:b1:98:e6:3b:e0:3c:03:64:fe:b8:33:5e:e3:1e:
98:aa:1e:7a:ea:cd:0a:06:b0:84:ce:f0:d8:7c:53:
e1:48:03:02:e8:d6:f0:08:62:05:bc:64:9f:42:b0:
14:0b:8f:f2:5f:d3:e3:b4:15:a7:04:df:44:61:fc:
b6:7a:af:a9:4b:0c:26:9a:73:78:cc:48:24:b6:c9:
77:02:fa:55:6e:bf:a1:4b:da:24:c7:39:a5:e3:71:
65:0a:d4:8e:c5:48:46:4d:14:c2:cc:4d:eb:d7:14:
fe:e1:d7:fa:5c:e1:b2:ee:28:9a:db:e6:e4:c6:45:
c5:6a:6e:4a:7f:d3:18:90:e2:7f:42:d0:b5:e5:e4:
80:ba:0b:d2:ca:a5:f6:29:ba:e8:1c:be:b1:84:3e:
9a:59:77:3a:cb:24:8b:20:af:c7:9a:b6:08:cb:cf:
4b:92:71:ec:5e:0f:a5:88:12:ae:93:17:3b:cb:2b:
34:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:DA:91:2E:1A:C0:D0:30:44:F6:60:3D:87:C1:5B:A3:50:B5:B3:32
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cf51afdd-468d-4999-b2cd-4c6517505aee.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.202.0.0/15
Signature Algorithm: sha256WithRSAEncryption
91:b0:12:18:80:82:84:ff:34:df:f7:8e:d4:61:36:93:7b:05:
89:90:68:0c:8d:3d:72:84:eb:5a:8b:76:7f:da:b6:3f:93:a0:
93:13:c7:0c:b9:17:04:2f:55:d5:95:8e:ae:c7:c4:9f:43:a3:
20:bf:a8:8c:35:c6:5a:af:e8:dc:05:0e:3c:ea:03:49:c8:95:
68:3c:9e:0c:cf:eb:ed:0f:33:f7:72:98:68:7f:9e:88:97:0a:
db:90:0a:56:41:15:af:42:3e:6c:c8:4c:35:e5:8c:7e:4a:45:
ec:a2:9d:ca:15:b6:f2:00:ce:58:70:de:b5:59:38:6e:fc:1a:
93:74:cb:f8:58:95:df:65:3d:4c:83:3e:6f:8d:8f:5f:fb:47:
de:bc:ca:95:28:05:c8:a3:b2:62:de:a7:4a:24:21:0b:0c:c8:
9f:de:71:e7:8a:18:61:91:5d:4d:fb:dc:44:72:54:72:26:64:
70:3c:53:ad:96:fa:54:5f:3d:ee:16:bd:03:cd:fc:ba:dd:3c:
fd:ae:e5:77:13:a1:a0:df:9e:8a:82:1e:5c:84:81:17:e6:74:
8a:8b:58:72:61:00:00:3e:cf:2f:50:a0:0c:66:a5:bb:ca:5b:
6c:74:9b:d1:b1:e6:24:71:a8:b9:b3:7a:c2:5f:5e:76:35:83:
ea:77:60:d0
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUJBT0TUSqlu3eWTpNcUrMI1d8oz0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMjgwNjQwMDVaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDE3NTgwNTIwZjc4NTMyOGRkYmQxNzRmNTNhZTBiZmRlM2I1OGNlNWM3YzY4
YjAwM2I4NTE3YzI5MjUwNzU1ZWUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKLXBuBgso0vF9OXJEDIT2K0RFquOaZoHob2fcR+0nJvIkvDE3+oM0Y7vuLx
9InJtTjTOw1cY4i1SjTSfJEvZQcUCTAZ/rq3s3ozBLGY5jvgPANk/rgzXuMemKoe
eurNCgawhM7w2HxT4UgDAujW8AhiBbxkn0KwFAuP8l/T47QVpwTfRGH8tnqvqUsM
JppzeMxIJLbJdwL6VW6/oUvaJMc5peNxZQrUjsVIRk0UwsxN69cU/uHX+lzhsu4o
mtvm5MZFxWpuSn/TGJDif0LQteXkgLoL0sql9im66By+sYQ+mll3OsskiyCvx5q2
CMvPS5Jx7F4PpYgSrpMXO8srNCcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSN2pEu
GsDQMET2YD2HwVujULWzMjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Y2Y1MWFmZGQtNDY4ZC00OTk5LWIyY2QtNGM2NTE3NTA1YWVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPKMA0G
CSqGSIb3DQEBCwUAA4IBAQCRsBIYgIKE/zTf947UYTaTewWJkGgMjT1yhOtai3Z/
2rY/k6CTE8cMuRcEL1XVlY6ux8SfQ6Mgv6iMNcZar+jcBQ486gNJyJVoPJ4Mz+vt
DzP3cphof56IlwrbkApWQRWvQj5syEw15Yx+SkXsop3KFbbyAM5YcN61WThu/BqT
dMv4WJXfZT1Mgz5vjY9f+0fevMqVKAXIo7Ji3qdKJCELDMif3nHnihhhkV1N+9xE
clRyJmRwPFOtlvpUXz3uFr0Dzfy63Tz9ruV3E6Gg356Kgh5chIEX5nSKi1hyYQAA
Ps8vUKAMZqW7yltsdJvRseYkcai5s3rCX152NYPqd2DQ
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:27:30 2026 by rpki-client