Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cf5e86ef-0733-4056-8b1b-683470ef90f1.roa
File: cf5e86ef-0733-4056-8b1b-683470ef90f1.roa (raw, json)
Hash identifier: +XzljASHuij42IkF0CuWkHfoe1ECCDZcYKkaMK3QWaw=
Subject key identifier: 02:FB:0C:23:CE:3A:44:B8:AF:84:F2:FC:AE:27:54:4D:65:EE:2F:BE
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 25A829B2BC3F2F89D69664E221CDFAA8B187F576
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cf5e86ef-0733-4056-8b1b-683470ef90f1.roa
Signing time: Wed 20 May 2026 00:50:19 +0000
ROA not before: Wed 20 May 2026 00:50:19 +0000
ROA not after: Tue 18 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.112.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:a8:29:b2:bc:3f:2f:89:d6:96:64:e2:21:cd:fa:a8:b1:87:f5:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 00:50:19 2026 GMT
Not After : Aug 18 23:59:59 2026 GMT
Subject: serialNumber=fc5791b88e204cbc944432ec81ce4d141e66046a3e2ccb25cf7c76feae57cb47, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:80:7b:fe:69:24:b5:b3:42:c2:91:03:d4:d5:
e1:69:fb:e2:0d:78:c9:cb:69:e9:b7:44:99:a5:7c:
cf:1b:35:67:04:2e:52:98:88:dd:8c:08:55:c5:35:
f3:3e:18:fc:9b:f7:8b:5b:0f:bb:d0:ac:50:30:80:
d3:2e:9a:02:6e:80:cf:59:03:1b:66:cc:25:df:75:
7c:ea:23:3b:db:39:2f:98:fd:f5:6c:e1:b8:76:45:
9d:d6:01:8d:d5:60:6c:3a:61:65:cd:f5:94:72:36:
9c:e3:e8:ff:1f:e3:85:92:79:95:d9:4b:d6:46:16:
2a:1f:eb:c9:c4:27:e4:59:0e:d6:51:b5:30:4a:6c:
eb:04:a1:0e:d5:83:1c:8e:bb:80:47:95:3d:90:c5:
e6:b0:de:8e:47:4e:73:67:8d:ad:c6:16:42:88:fe:
79:96:a6:e5:91:9b:1c:b8:49:d2:74:fb:a5:4b:2d:
03:e0:a8:61:26:e0:b0:9f:e6:fb:75:c9:ab:e6:d0:
6c:69:46:e7:46:52:e9:b0:83:08:7a:f2:84:ba:be:
23:f4:c5:86:eb:d5:72:8a:a5:d4:c7:1b:b4:42:25:
29:1a:ad:69:09:61:e7:65:fe:47:3d:e5:40:aa:6a:
21:59:91:90:92:45:5a:6f:cd:ae:b8:80:b5:df:59:
eb:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:FB:0C:23:CE:3A:44:B8:AF:84:F2:FC:AE:27:54:4D:65:EE:2F:BE
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cf5e86ef-0733-4056-8b1b-683470ef90f1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.112.0/21
Signature Algorithm: sha256WithRSAEncryption
55:b4:f8:7a:a4:9e:6f:a1:37:93:8c:34:24:da:07:1c:eb:4d:
40:6c:b5:f6:f9:5a:f7:d0:10:3f:6f:d1:f9:f4:35:02:b5:97:
1a:41:11:ca:98:5a:b9:55:14:4c:ab:d3:1a:57:75:da:7d:4e:
1a:f3:01:14:e5:ae:f4:ed:2c:0e:90:b1:e0:41:71:5d:ea:b5:
10:7d:c1:d8:6a:3f:86:cf:55:14:dc:ad:e0:0b:d8:fa:13:da:
7f:9d:ae:80:16:6e:c8:b8:52:12:2d:1e:91:5f:12:d5:c9:b8:
77:02:36:bd:80:aa:9b:67:99:45:83:c5:3d:a3:fa:31:81:72:
10:f1:c0:cd:f3:d1:b8:60:9d:ec:2a:ad:7f:76:1c:ed:f2:19:
48:06:97:b3:07:d2:0b:1b:2a:2e:f5:eb:38:9e:c5:8e:fb:c8:
34:6c:ed:c1:d1:47:d8:55:44:71:75:23:cd:21:92:68:46:bf:
18:16:30:e6:8d:f4:a4:10:3a:22:b0:24:bd:fc:c8:e6:a9:2c:
fb:0e:e8:2e:04:a9:6a:5e:54:f5:85:1a:54:37:5a:f2:6d:e7:
7d:f2:c3:c9:3c:b4:9f:cb:08:b9:61:4c:c9:13:c8:07:15:83:
a8:09:9d:0f:b0:0c:dd:d2:95:dc:73:24:0a:95:0e:84:bf:42:
1e:5b:45:7a
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUJagpsrw/L4nWlmTiIc36qLGH9XYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MjAwMDUwMTlaFw0yNjA4MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQGZjNTc5MWI4OGUyMDRjYmM5NDQ0MzJlYzgxY2U0ZDE0MWU2NjA0NmEzZTJj
Y2IyNWNmN2M3NmZlYWU1N2NiNDcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALWAe/5pJLWzQsKRA9TV4Wn74g14yctp6bdEmaV8zxs1ZwQuUpiI3YwIVcU1
8z4Y/Jv3i1sPu9CsUDCA0y6aAm6Az1kDG2bMJd91fOojO9s5L5j99WzhuHZFndYB
jdVgbDphZc31lHI2nOPo/x/jhZJ5ldlL1kYWKh/rycQn5FkO1lG1MEps6wShDtWD
HI67gEeVPZDF5rDejkdOc2eNrcYWQoj+eZam5ZGbHLhJ0nT7pUstA+CoYSbgsJ/m
+3XJq+bQbGlG50ZS6bCDCHryhLq+I/TFhuvVcoql1McbtEIlKRqtaQlh52X+Rz3l
QKpqIVmRkJJFWm/NrriAtd9Z63UCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQC+wwj
zjpEuK+E8vyuJ1RNZe4vvjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Y2Y1ZTg2ZWYtMDczMy00MDU2LThiMWItNjgzNDcwZWY5MGYxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzMAcDAN
BgkqhkiG9w0BAQsFAAOCAQEAVbT4eqSeb6E3k4w0JNoHHOtNQGy19vla99AQP2/R
+fQ1ArWXGkERyphauVUUTKvTGld12n1OGvMBFOWu9O0sDpCx4EFxXeq1EH3B2Go/
hs9VFNyt4AvY+hPaf52ugBZuyLhSEi0ekV8S1cm4dwI2vYCqm2eZRYPFPaP6MYFy
EPHAzfPRuGCd7Cqtf3Yc7fIZSAaXswfSCxsqLvXrOJ7FjvvINGztwdFH2FVEcXUj
zSGSaEa/GBYw5o30pBA6IrAkvfzI5qks+w7oLgSpal5U9YUaVDda8m3nffLDyTy0
n8sIuWFMyRPIBxWDqAmdD7AM3dKV3HMkCpUOhL9CHltFeg==
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:00:46 2026 by rpki-client