Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d13d26ae-36b1-4815-a7f0-4dc090d15b78.roa
File: d13d26ae-36b1-4815-a7f0-4dc090d15b78.roa (raw, json)
Hash identifier: SPbU2/JBGW8fi4MTuclAUqrP5+IenQ445yqtT5WGWmI=
Subject key identifier: 2F:C5:51:F0:76:5B:E3:00:44:6A:04:F5:DE:17:35:4F:47:71:07:B1
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 65EE18722BFB254353A18A94ABFAEE55A24DF839
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d13d26ae-36b1-4815-a7f0-4dc090d15b78.roa
Signing time: Tue 19 May 2026 05:50:09 +0000
ROA not before: Tue 19 May 2026 05:50:09 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.129.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:ee:18:72:2b:fb:25:43:53:a1:8a:94:ab:fa:ee:55:a2:4d:f8:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 05:50:09 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=f017208a7ea39d38bbbba40ebbd71b3127d4d4e433f73bbabe6090c5109ec398, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:5b:da:26:9c:49:cd:48:6b:d8:ce:2d:80:c0:
0b:23:2e:4c:ae:2a:48:f3:1b:0e:71:25:ae:34:f3:
9c:3a:5a:26:d9:91:51:36:9f:c7:f1:80:88:be:18:
37:81:7f:d8:8d:f5:03:e2:4f:08:60:f8:b5:7c:62:
28:5f:32:d8:a3:9b:57:cb:ff:b9:0c:42:ba:09:e7:
17:18:b5:d2:f4:40:a4:6e:de:c9:71:31:28:44:cd:
79:64:3e:4d:97:12:40:00:18:9e:82:31:3f:78:28:
87:0b:9a:00:a9:8e:89:e4:c7:4d:fb:dc:9a:5a:56:
9d:14:79:ba:36:97:79:6b:54:1b:ac:c2:76:60:6b:
2e:5e:99:2f:84:ff:f9:db:94:d9:2a:65:0a:51:3b:
ac:b5:84:36:2a:b1:be:91:d7:9a:e8:cb:89:3a:49:
40:77:68:27:4c:78:60:e0:5c:13:72:f8:e0:d6:f3:
59:f9:00:fd:3f:86:8e:c4:6a:9d:dc:8a:9f:42:06:
ad:98:fd:d6:fd:f1:d5:5e:97:ae:42:57:d6:71:8c:
5f:d5:28:0f:a9:97:e2:15:89:78:7a:aa:50:eb:f7:
a1:fb:a7:89:3a:48:3a:8b:24:ca:11:5a:11:51:cb:
f3:aa:68:6a:35:a9:43:14:2b:8f:34:f6:ef:36:f3:
ab:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:C5:51:F0:76:5B:E3:00:44:6A:04:F5:DE:17:35:4F:47:71:07:B1
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d13d26ae-36b1-4815-a7f0-4dc090d15b78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.129.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a0:3b:3d:0e:39:09:32:a7:30:63:2b:fa:62:c5:64:6c:f1:bc:
16:0e:50:e3:17:02:d8:f8:bd:0f:f8:c1:0e:59:75:cf:aa:76:
6a:6e:99:6b:f3:62:50:8c:b8:23:5d:31:a0:5c:94:42:7f:be:
3c:7b:68:4c:3d:31:bf:10:6a:cf:12:71:f0:0d:cc:e7:e5:d7:
57:1b:cd:93:21:37:88:0c:11:bf:e2:15:e2:89:7f:47:57:6f:
c2:77:2d:9e:4f:cb:c4:7a:9a:2a:4d:18:46:86:93:90:4a:9d:
43:c3:9f:18:5b:9a:34:ab:18:3a:76:c2:06:79:4e:a8:68:20:
a5:7b:15:0d:cf:99:15:a9:f8:c3:b8:77:d5:b1:d6:6d:85:2f:
ee:15:04:47:f6:c0:78:c5:62:1a:41:a7:1b:e4:60:45:10:c0:
9d:4b:8f:c5:96:63:ca:fb:07:2d:62:11:a8:a6:50:8f:49:f2:
9f:fc:56:f2:c7:b3:09:45:dc:6c:b6:9a:be:2d:eb:9a:37:b6:
e3:db:39:1f:5c:92:e4:b5:34:cf:08:06:18:96:15:10:cf:c1:
df:28:d7:e7:d2:50:f3:2f:e5:7e:b7:94:a4:b4:49:08:10:cf:
78:56:b4:17:59:6a:c1:09:18:d2:f1:a5:bd:98:5e:81:ae:68:
8e:bf:a3:dc
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUZe4Yciv7JUNToYqUq/ruVaJN+DkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNTUwMDlaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGYwMTcyMDhhN2VhMzlkMzhiYmJiYTQwZWJiZDcxYjMxMjdkNGQ0ZTQzM2Y3
M2JiYWJlNjA5MGM1MTA5ZWMzOTgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKpb2iacSc1Ia9jOLYDACyMuTK4qSPMbDnElrjTznDpaJtmRUTafx/GAiL4Y
N4F/2I31A+JPCGD4tXxiKF8y2KObV8v/uQxCugnnFxi10vRApG7eyXExKETNeWQ+
TZcSQAAYnoIxP3gohwuaAKmOieTHTfvcmlpWnRR5ujaXeWtUG6zCdmBrLl6ZL4T/
+duU2SplClE7rLWENiqxvpHXmujLiTpJQHdoJ0x4YOBcE3L44NbzWfkA/T+GjsRq
ndyKn0IGrZj91v3x1V6XrkJX1nGMX9UoD6mX4hWJeHqqUOv3ofuniTpIOoskyhFa
EVHL86poajWpQxQrjzT27zbzq7sCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQvxVHw
dlvjAERqBPXeFzVPR3EHsTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDEzZDI2YWUtMzZiMS00ODE1LWE3ZjAtNGRjMDkwZDE1Yjc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOBMA0G
CSqGSIb3DQEBCwUAA4IBAQCgOz0OOQkypzBjK/pixWRs8bwWDlDjFwLY+L0P+MEO
WXXPqnZqbplr82JQjLgjXTGgXJRCf748e2hMPTG/EGrPEnHwDczn5ddXG82TITeI
DBG/4hXiiX9HV2/Cdy2eT8vEepoqTRhGhpOQSp1Dw58YW5o0qxg6dsIGeU6oaCCl
exUNz5kVqfjDuHfVsdZthS/uFQRH9sB4xWIaQacb5GBFEMCdS4/FlmPK+wctYhGo
plCPSfKf/Fbyx7MJRdxstpq+LeuaN7bj2zkfXJLktTTPCAYYlhUQz8HfKNfn0lDz
L+V+t5SktEkIEM94VrQXWWrBCRjS8aW9mF6BrmiOv6Pc
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:24:48 2026 by rpki-client