Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d241761a-4c6e-4db3-ba0a-26b2eda6222a.roa
File: d241761a-4c6e-4db3-ba0a-26b2eda6222a.roa (raw, json)
Hash identifier: Qp+tuPSNLxy0h1082YBU+ma+GrqG6WpOZPHR4Ic09jw=
Subject key identifier: 74:E4:71:1E:71:36:25:1D:17:22:DC:01:7C:34:EB:F0:4C:B9:CF:13
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0254D6ADD5B6FD0169AE710B1E9F760E1BDBFDDF
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d241761a-4c6e-4db3-ba0a-26b2eda6222a.roa
Signing time: Tue 19 May 2026 05:50:22 +0000
ROA not before: Tue 19 May 2026 05:50:22 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.110.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:54:d6:ad:d5:b6:fd:01:69:ae:71:0b:1e:9f:76:0e:1b:db:fd:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 05:50:22 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=c1ed5224ea15b4392e094175f521af7e0e0bbb7b5593110d62516a37270d3ade, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:64:c1:5e:6f:73:d7:f4:d8:c7:7e:88:e4:a9:
e3:de:32:40:f1:63:9e:96:47:a5:53:15:6b:be:37:
2d:90:bd:7e:b5:cb:ea:89:3f:70:4e:6f:a2:bb:90:
6c:d9:47:fc:db:7c:0b:ae:17:01:8c:6a:4d:87:d4:
50:ba:72:72:3e:f0:85:25:2e:31:23:dd:71:c3:ff:
c5:4d:09:0c:44:9f:d4:cc:73:06:7a:8c:0b:f4:b1:
45:e2:93:d8:a7:15:8a:02:02:48:3c:07:fe:ec:ce:
86:65:0c:7d:c3:18:5a:f4:d5:d9:64:04:b2:73:94:
da:cd:bd:f9:d4:22:a8:cf:67:e6:da:3c:4b:7e:7b:
de:7d:bd:6e:94:ee:b1:df:8c:0c:ac:b7:e0:23:6d:
55:08:b4:54:4c:1b:27:e6:90:ae:37:c0:40:5e:75:
36:37:40:8c:0f:d7:53:8f:61:ef:90:8f:8d:03:10:
56:dd:68:ad:af:c4:7f:46:27:f4:19:c1:d3:81:fe:
fd:cf:a8:06:8a:51:9c:68:1f:52:62:85:ed:49:da:
4d:e7:37:8f:e1:d4:1d:b5:8a:18:89:ab:52:5d:0b:
7a:f3:43:80:5b:f6:13:fd:64:69:01:80:95:30:86:
02:1b:86:16:1d:7b:03:50:cf:26:df:1e:70:bc:4f:
ec:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:E4:71:1E:71:36:25:1D:17:22:DC:01:7C:34:EB:F0:4C:B9:CF:13
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d241761a-4c6e-4db3-ba0a-26b2eda6222a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.110.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5c:94:49:88:13:1f:00:65:10:01:b0:ba:f7:2a:49:69:b5:39:
46:b9:b7:e0:19:3e:01:97:9a:1e:f5:cf:f0:4b:f3:3b:23:20:
c8:2b:3e:18:e2:09:23:71:87:a6:5d:d5:1e:0c:c6:41:29:a3:
b4:d0:18:42:55:ac:cf:b1:05:33:92:2c:30:24:33:7b:0d:f5:
5e:a4:9b:23:13:06:a2:60:dc:f0:0e:43:39:49:ab:bb:06:99:
d8:31:f3:e5:22:3d:8f:4b:dc:8f:64:2f:f9:02:b1:0e:11:5e:
5f:44:18:ff:e0:7b:d8:8d:f7:6d:15:0c:e7:60:38:84:cc:7a:
f7:cb:ac:43:c6:70:94:f4:03:2d:73:bf:b1:87:91:2c:10:7f:
be:a4:16:a3:86:49:f1:99:8c:05:e3:86:97:71:19:dd:fc:65:
35:54:7e:82:2a:ea:d6:e8:ab:74:03:de:22:78:2c:18:1f:2c:
02:4d:09:73:1c:1e:e3:0f:07:f3:8c:87:2d:5e:00:05:21:2d:
14:51:5c:45:68:0e:e9:93:5d:9f:26:10:f8:d8:91:9f:f1:04:
6d:4d:22:e1:63:cf:59:d8:e9:23:f1:a9:a7:7b:f9:c0:59:48:
bc:24:53:df:f6:56:9d:76:26:b3:13:3c:96:1a:03:27:e8:3c:
e2:72:0c:bb
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUAlTWrdW2/QFprnELHp92Dhvb/d8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNTUwMjJaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGMxZWQ1MjI0ZWExNWI0MzkyZTA5NDE3NWY1MjFhZjdlMGUwYmJiN2I1NTkz
MTEwZDYyNTE2YTM3MjcwZDNhZGUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALBkwV5vc9f02Md+iOSp494yQPFjnpZHpVMVa743LZC9frXL6ok/cE5voruQ
bNlH/Nt8C64XAYxqTYfUULpycj7whSUuMSPdccP/xU0JDESf1MxzBnqMC/SxReKT
2KcVigICSDwH/uzOhmUMfcMYWvTV2WQEsnOU2s29+dQiqM9n5to8S3573n29bpTu
sd+MDKy34CNtVQi0VEwbJ+aQrjfAQF51NjdAjA/XU49h75CPjQMQVt1ora/Ef0Yn
9BnB04H+/c+oBopRnGgfUmKF7UnaTec3j+HUHbWKGImrUl0LevNDgFv2E/1kaQGA
lTCGAhuGFh17A1DPJt8ecLxP7HECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR05HEe
cTYlHRci3AF8NOvwTLnPEzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDI0MTc2MWEtNGM2ZS00ZGIzLWJhMGEtMjZiMmVkYTYyMjJhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNuMA0G
CSqGSIb3DQEBCwUAA4IBAQBclEmIEx8AZRABsLr3KklptTlGubfgGT4Bl5oe9c/w
S/M7IyDIKz4Y4gkjcYemXdUeDMZBKaO00BhCVazPsQUzkiwwJDN7DfVepJsjEwai
YNzwDkM5Sau7BpnYMfPlIj2PS9yPZC/5ArEOEV5fRBj/4HvYjfdtFQznYDiEzHr3
y6xDxnCU9AMtc7+xh5EsEH++pBajhknxmYwF44aXcRnd/GU1VH6CKurW6Kt0A94i
eCwYHywCTQlzHB7jDwfzjIctXgAFIS0UUVxFaA7pk12fJhD42JGf8QRtTSLhY89Z
2Okj8amne/nAWUi8JFPf9laddiazEzyWGgMn6Dzicgy7
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:00:43 2026 by rpki-client