Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d241761a-4c6e-4db3-ba0a-26b2eda6222a.roa
File: d241761a-4c6e-4db3-ba0a-26b2eda6222a.roa (raw, json)
Hash identifier: n8VEqZMMW8Zf9+PfWpyS7jJw7C4ZSnM2/SYoJN2Bu/4=
Subject key identifier: 38:1D:D6:A1:F2:DB:D7:D4:49:67:5E:F9:96:30:DD:90:72:A8:F4:31
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 052EFE794C5F8A8A92573E05718C302957E68C71
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d241761a-4c6e-4db3-ba0a-26b2eda6222a.roa
Signing time: Sat 28 Feb 2026 06:40:22 +0000
ROA not before: Sat 28 Feb 2026 06:40:22 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.110.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:2e:fe:79:4c:5f:8a:8a:92:57:3e:05:71:8c:30:29:57:e6:8c:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 28 06:40:22 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=239ee4e104c40228a70fb39c7e0c6944419ed772cce4e0b671f7695f2cf42b81, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:55:fb:0e:0e:fe:13:d6:e0:f3:40:44:0a:3c:
a8:d9:d5:b2:4b:49:6e:71:98:ad:6d:50:3c:d3:02:
91:ed:fc:a1:a6:ff:09:6e:44:7f:76:74:0c:c9:60:
ae:c7:c3:37:a5:4e:0b:bc:36:7f:cf:b9:e6:bd:ea:
72:00:f6:3d:27:2e:76:fa:8f:e2:ff:fe:ae:a7:cd:
10:3d:43:7d:c6:40:1f:dd:01:80:40:4b:be:48:4b:
27:75:27:ab:48:75:da:3c:41:ff:a7:58:c2:51:8a:
f3:19:3e:f0:c2:94:62:92:15:07:5d:de:86:77:14:
23:85:f1:97:3a:62:27:07:95:9b:08:fb:dd:24:b8:
08:c4:d7:ef:5e:6e:5a:4e:eb:47:fe:df:9f:f8:45:
cf:c8:ea:0a:76:c2:ae:47:ca:f7:0c:fc:a2:d2:8e:
55:2b:16:f1:6c:8a:10:63:b7:5e:c3:a6:3d:f5:a2:
9b:47:61:92:32:b1:1c:36:a9:73:c5:17:0f:35:ca:
dc:e1:e7:a9:76:e6:5a:ce:22:5e:5b:06:e7:de:03:
bb:bc:c7:64:ab:3e:68:b4:d4:18:2d:b9:21:48:21:
f8:7c:3c:f9:eb:e7:b9:c7:97:e3:91:ce:09:97:36:
b4:90:97:9b:81:b4:b8:31:1a:cf:b6:63:b5:96:79:
e4:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:1D:D6:A1:F2:DB:D7:D4:49:67:5E:F9:96:30:DD:90:72:A8:F4:31
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d241761a-4c6e-4db3-ba0a-26b2eda6222a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.110.0.0/16
Signature Algorithm: sha256WithRSAEncryption
26:b4:9a:09:55:3f:d0:fc:85:58:ba:e9:fa:02:7a:61:e5:9f:
68:87:cb:4f:7e:dd:59:61:a3:91:b0:5e:cd:4d:99:c7:eb:5a:
9d:04:fc:63:c0:2d:f7:69:e5:92:ea:c4:af:c6:16:e5:4a:7f:
70:ca:36:2c:71:c2:ee:64:ab:c5:64:d9:10:4f:a0:6c:b0:d6:
4b:93:fb:4a:90:39:9f:b1:a5:d1:a4:c2:bb:89:e0:d2:7f:1c:
de:69:99:86:c3:d6:01:f8:d6:b1:72:70:9d:c6:e2:18:13:b4:
6d:3f:c8:d7:c6:3a:6e:d1:95:74:a5:8d:a6:77:62:4b:ac:4e:
78:75:b9:21:fe:0e:6f:b3:3f:82:10:7d:e7:41:de:11:5f:46:
e2:1b:28:5d:76:95:c8:58:e5:65:ef:bc:3a:7c:0a:1b:94:93:
71:7a:15:fb:04:0f:97:fc:2b:21:fd:fc:c4:82:20:f8:c3:b0:
08:77:7b:7d:55:41:ae:8f:ac:87:83:28:4a:ec:57:fc:c8:31:
74:bc:e6:51:cb:45:65:1b:0e:5b:91:74:85:63:25:ce:05:40:
e2:36:5e:ad:3c:16:07:77:d6:b4:4b:a9:62:06:92:2e:68:52:
35:1d:6b:d0:6b:d7:25:a2:0b:62:1a:40:1e:02:ff:97:c6:0d:
3e:4c:0f:cc
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUBS7+eUxfioqSVz4FcYwwKVfmjHEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMjgwNjQwMjJaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDIzOWVlNGUxMDRjNDAyMjhhNzBmYjM5YzdlMGM2OTQ0NDE5ZWQ3NzJjY2U0
ZTBiNjcxZjc2OTVmMmNmNDJiODExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ1V+w4O/hPW4PNARAo8qNnVsktJbnGYrW1QPNMCke38oab/CW5Ef3Z0DMlg
rsfDN6VOC7w2f8+55r3qcgD2PScudvqP4v/+rqfNED1DfcZAH90BgEBLvkhLJ3Un
q0h12jxB/6dYwlGK8xk+8MKUYpIVB13ehncUI4XxlzpiJweVmwj73SS4CMTX715u
Wk7rR/7fn/hFz8jqCnbCrkfK9wz8otKOVSsW8WyKEGO3XsOmPfWim0dhkjKxHDap
c8UXDzXK3OHnqXbmWs4iXlsG594Du7zHZKs+aLTUGC25IUgh+Hw8+evnuceX45HO
CZc2tJCXm4G0uDEaz7ZjtZZ55GkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ4Hdah
8tvX1ElnXvmWMN2Qcqj0MTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDI0MTc2MWEtNGM2ZS00ZGIzLWJhMGEtMjZiMmVkYTYyMjJhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNuMA0G
CSqGSIb3DQEBCwUAA4IBAQAmtJoJVT/Q/IVYuun6Anph5Z9oh8tPft1ZYaORsF7N
TZnH61qdBPxjwC33aeWS6sSvxhblSn9wyjYsccLuZKvFZNkQT6BssNZLk/tKkDmf
saXRpMK7ieDSfxzeaZmGw9YB+NaxcnCdxuIYE7RtP8jXxjpu0ZV0pY2md2JLrE54
dbkh/g5vsz+CEH3nQd4RX0biGyhddpXIWOVl77w6fAoblJNxehX7BA+X/Csh/fzE
giD4w7AId3t9VUGuj6yHgyhK7Ff8yDF0vOZRy0VlGw5bkXSFYyXOBUDiNl6tPBYH
d9a0S6liBpIuaFI1HWvQa9clogtiGkAeAv+Xxg0+TA/M
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:27:43 2026 by rpki-client