Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d13d26ae-36b1-4815-a7f0-4dc090d15b78.roa
File: d13d26ae-36b1-4815-a7f0-4dc090d15b78.roa (raw, json)
Hash identifier: Ielupx+fZO2MoEbOwwR4Ujp3IMxS++qhWcDOzJ0nQ1M=
Subject key identifier: EB:6E:52:02:79:8E:94:DC:CE:BA:D6:D8:82:5D:09:7E:E4:A4:31:38
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 16A7CD3B4CBA1309C18DED7E409E99D2F33C6773
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d13d26ae-36b1-4815-a7f0-4dc090d15b78.roa
Signing time: Sat 28 Feb 2026 06:30:14 +0000
ROA not before: Sat 28 Feb 2026 06:30:14 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.129.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:a7:cd:3b:4c:ba:13:09:c1:8d:ed:7e:40:9e:99:d2:f3:3c:67:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 28 06:30:14 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=3b4fd62a99cd5204d4e2ae867318239ebfbb7d6f830ae4cbba020993b3e4cb28, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:0a:67:4b:6e:d2:f5:81:80:bc:35:ab:1a:3d:
c5:2f:9a:95:78:ae:68:fa:0e:ca:66:38:d6:4b:d4:
80:7e:e5:7d:79:d8:c6:54:83:8a:3a:74:bf:a3:ad:
77:3e:e0:62:1f:a3:ec:63:7e:35:65:bb:c4:71:51:
5e:1e:f7:c1:cd:0e:42:84:3e:9a:61:f5:93:52:9d:
f8:d1:95:67:93:36:50:64:5c:7a:4c:7d:fd:75:e5:
62:a9:44:3a:e2:1a:24:a5:29:59:8d:8f:5a:8c:d4:
a3:45:87:81:f2:b3:02:e5:a6:42:a0:2d:dd:2a:0e:
c6:c5:46:1c:fb:60:cf:2d:06:e5:2b:94:ba:b9:b9:
de:9a:17:47:ee:38:2b:66:4c:67:48:ae:49:5b:98:
d3:f7:60:3f:fb:5a:5d:02:c4:a7:31:af:7c:0b:42:
60:aa:cc:71:c9:cb:09:e4:50:de:4d:c3:e9:de:20:
65:ff:21:7a:f9:9a:57:11:9f:16:8d:94:49:4a:f0:
c7:ae:03:79:83:ac:02:09:de:f2:44:8d:38:b1:f8:
06:60:4a:2e:42:10:25:21:16:0e:7e:29:a1:75:1d:
79:fb:06:5e:a8:b9:4d:a5:2f:3f:48:b1:f4:68:c6:
93:4d:50:5f:93:f5:6c:4c:5e:b9:4e:2f:fb:f1:b9:
23:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:6E:52:02:79:8E:94:DC:CE:BA:D6:D8:82:5D:09:7E:E4:A4:31:38
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d13d26ae-36b1-4815-a7f0-4dc090d15b78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.129.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3d:a6:aa:93:ac:37:91:81:52:43:b8:0b:6b:bb:d5:be:5f:eb:
e5:30:df:42:16:e8:c2:e2:74:e4:1d:21:3d:fe:e4:90:10:64:
10:85:a2:be:e4:68:c0:3a:70:7f:32:9a:f7:e2:44:ce:b6:64:
02:ae:9e:b4:2a:3c:2c:04:91:af:d7:38:2c:db:c2:d2:cc:16:
c8:b6:79:02:d1:9a:13:92:1a:3e:a4:2a:2f:ab:c6:b0:36:77:
a9:d0:f2:8f:5b:ad:e6:b2:c6:97:ae:fd:1c:0f:ce:74:68:68:
c2:d2:af:1c:30:e3:72:2c:b6:a5:e9:b9:88:61:f9:6c:4e:5e:
4b:1f:96:8a:aa:74:cc:d6:53:a9:34:47:a5:47:76:f9:5e:7f:
40:d4:35:a6:9f:8e:e2:44:c0:e9:e9:e0:55:16:2b:ba:a5:69:
4e:60:19:1c:89:17:9c:cf:f0:56:c5:44:37:ea:62:bb:e5:84:
13:4e:09:e6:e7:5d:25:77:54:a8:9b:2b:53:3b:99:b4:46:d5:
d3:fd:fd:50:92:ed:ff:8e:02:f6:6b:7f:29:ad:05:af:d0:75:
21:ec:9e:65:3d:ac:27:2c:58:91:bd:eb:98:29:ac:5a:a0:30:
17:f8:46:1c:00:10:15:a2:e5:de:64:e3:3a:5a:77:28:c8:fa:
27:dc:8b:7f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUFqfNO0y6EwnBje1+QJ6Z0vM8Z3MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMjgwNjMwMTRaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDNiNGZkNjJhOTljZDUyMDRkNGUyYWU4NjczMTgyMzllYmZiYjdkNmY4MzBh
ZTRjYmJhMDIwOTkzYjNlNGNiMjgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKAKZ0tu0vWBgLw1qxo9xS+alXiuaPoOymY41kvUgH7lfXnYxlSDijp0v6Ot
dz7gYh+j7GN+NWW7xHFRXh73wc0OQoQ+mmH1k1Kd+NGVZ5M2UGRcekx9/XXlYqlE
OuIaJKUpWY2PWozUo0WHgfKzAuWmQqAt3SoOxsVGHPtgzy0G5SuUurm53poXR+44
K2ZMZ0iuSVuY0/dgP/taXQLEpzGvfAtCYKrMccnLCeRQ3k3D6d4gZf8hevmaVxGf
Fo2USUrwx64DeYOsAgne8kSNOLH4BmBKLkIQJSEWDn4poXUdefsGXqi5TaUvP0ix
9GjGk01QX5P1bExeuU4v+/G5I5cCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTrblIC
eY6U3M661tiCXQl+5KQxODAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDEzZDI2YWUtMzZiMS00ODE1LWE3ZjAtNGRjMDkwZDE1Yjc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOBMA0G
CSqGSIb3DQEBCwUAA4IBAQA9pqqTrDeRgVJDuAtru9W+X+vlMN9CFujC4nTkHSE9
/uSQEGQQhaK+5GjAOnB/Mpr34kTOtmQCrp60KjwsBJGv1zgs28LSzBbItnkC0ZoT
kho+pCovq8awNnep0PKPW63mssaXrv0cD850aGjC0q8cMONyLLal6bmIYflsTl5L
H5aKqnTM1lOpNEelR3b5Xn9A1DWmn47iRMDp6eBVFiu6pWlOYBkciRecz/BWxUQ3
6mK75YQTTgnm510ld1SomytTO5m0RtXT/f1Qku3/jgL2a38prQWv0HUh7J5lPawn
LFiRveuYKaxaoDAX+EYcABAVouXeZOM6WncoyPon3It/
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:53:16 2026 by rpki-client