Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d51a4935-8601-4ebd-a099-1d61b0a661b3.roa
File: d51a4935-8601-4ebd-a099-1d61b0a661b3.roa (raw, json)
Hash identifier: uBnYQ1NsJSK6ikrvdGKlz3Q/J8QlKfI5HUv4E4JSHGY=
Subject key identifier: C7:B6:CC:B1:B7:5B:12:FA:73:D9:4A:13:47:72:4F:8A:32:8D:02:AD
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 36D68283B491249ED1588D0F1D1B33DD8EAC2B27
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d51a4935-8601-4ebd-a099-1d61b0a661b3.roa
Signing time: Sat 28 Feb 2026 06:30:16 +0000
ROA not before: Sat 28 Feb 2026 06:30:16 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.228.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:d6:82:83:b4:91:24:9e:d1:58:8d:0f:1d:1b:33:dd:8e:ac:2b:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 28 06:30:16 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=e0ec785ceefbf42da9d4b07af2d1144a31aeb4b2ff88a896fe3949a87e3365f1, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:b2:e5:65:34:f0:fd:8e:5c:9b:e7:b9:b9:90:
0a:80:f1:ea:df:7c:4c:09:45:18:88:fd:fb:82:a6:
55:0b:e8:af:7d:af:5f:d9:83:2b:d4:cf:96:1e:95:
76:e0:0f:0d:25:84:af:ed:14:60:16:f1:5b:40:10:
fd:88:c5:a4:21:b1:47:32:bc:4c:f5:cc:ac:a7:b0:
15:58:99:16:73:b7:12:2b:9c:fa:ed:05:db:de:4d:
ff:85:a8:d9:9e:14:99:ef:ea:ab:21:47:d3:34:6c:
58:b0:a2:6c:6f:1a:a0:90:0d:e5:45:03:3b:3c:ca:
4c:a9:11:e9:de:d4:e1:b7:77:c5:9a:24:85:62:79:
14:4a:2d:fd:e9:5e:b8:66:f5:c2:c7:bd:97:02:61:
0f:89:72:11:76:97:fb:38:a3:6a:65:38:b3:a1:20:
4e:8a:0e:22:a9:25:60:09:80:2d:a9:7f:3d:d2:e4:
1a:61:a5:ce:41:66:8f:67:0e:77:bf:cc:a8:ce:75:
2d:7f:d7:8d:bf:f3:21:a4:66:87:3c:cf:f1:da:16:
a0:1f:32:2e:b1:db:a1:7d:f6:15:3d:fe:0c:b1:62:
5d:e6:a7:79:31:f8:0a:43:bf:9c:e2:8b:88:ef:f7:
c6:e3:67:e3:dd:de:45:57:91:b9:fc:cf:a9:21:a2:
c8:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:B6:CC:B1:B7:5B:12:FA:73:D9:4A:13:47:72:4F:8A:32:8D:02:AD
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d51a4935-8601-4ebd-a099-1d61b0a661b3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.228.0.0/15
Signature Algorithm: sha256WithRSAEncryption
2a:0e:4c:c2:bf:c2:58:99:84:48:a1:0e:b9:a1:f5:b1:55:05:
0c:e0:bb:a3:c7:ac:48:e8:a0:4f:c0:64:b0:b3:8c:fb:19:47:
22:53:33:78:ab:14:e9:82:25:83:ba:58:c0:26:83:ae:a4:ac:
fc:83:6b:07:7e:9b:77:7a:67:01:41:3d:d2:bd:83:60:c6:60:
83:e0:8a:35:80:53:c3:31:22:35:98:73:d9:c1:44:76:3c:d5:
8f:89:e4:ee:e5:1c:31:f4:47:03:1c:ca:5c:38:79:58:d1:1b:
44:03:ae:2a:41:23:32:da:fc:12:f2:fb:f2:d4:08:7e:76:a9:
89:4d:0e:8c:c1:88:ae:9a:55:cf:77:00:ab:59:ef:7b:a2:00:
d2:3f:7d:2b:16:dd:e6:df:75:fb:cb:48:b7:00:d1:9f:17:c6:
fa:df:70:db:df:60:fe:e5:ce:e2:52:ab:ca:5e:99:0f:56:81:
a3:fe:1c:31:e1:f1:05:86:44:9e:c6:d9:90:35:2c:f3:3d:77:
6a:39:89:46:dc:3a:30:44:bd:60:5c:2d:32:6a:ff:5c:ec:2a:
a3:23:31:29:c2:eb:76:08:af:49:c3:c4:12:ef:bf:5b:30:f5:
02:b7:51:dd:0b:21:25:83:29:80:31:32:88:ca:d8:59:e5:05:
a0:14:f4:cd
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUNtaCg7SRJJ7RWI0PHRsz3Y6sKycwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMjgwNjMwMTZaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGUwZWM3ODVjZWVmYmY0MmRhOWQ0YjA3YWYyZDExNDRhMzFhZWI0YjJmZjg4
YTg5NmZlMzk0OWE4N2UzMzY1ZjExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALuy5WU08P2OXJvnubmQCoDx6t98TAlFGIj9+4KmVQvor32vX9mDK9TPlh6V
duAPDSWEr+0UYBbxW0AQ/YjFpCGxRzK8TPXMrKewFViZFnO3Eiuc+u0F295N/4Wo
2Z4Ume/qqyFH0zRsWLCibG8aoJAN5UUDOzzKTKkR6d7U4bd3xZokhWJ5FEot/ele
uGb1wse9lwJhD4lyEXaX+zijamU4s6EgTooOIqklYAmALal/PdLkGmGlzkFmj2cO
d7/MqM51LX/Xjb/zIaRmhzzP8doWoB8yLrHboX32FT3+DLFiXeaneTH4CkO/nOKL
iO/3xuNn493eRVeRufzPqSGiyKkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTHtsyx
t1sS+nPZShNHck+KMo0CrTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDUxYTQ5MzUtODYwMS00ZWJkLWEwOTktMWQ2MWIwYTY2MWIzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPkMA0G
CSqGSIb3DQEBCwUAA4IBAQAqDkzCv8JYmYRIoQ65ofWxVQUM4Lujx6xI6KBPwGSw
s4z7GUciUzN4qxTpgiWDuljAJoOupKz8g2sHfpt3emcBQT3SvYNgxmCD4Io1gFPD
MSI1mHPZwUR2PNWPieTu5Rwx9EcDHMpcOHlY0RtEA64qQSMy2vwS8vvy1Ah+dqmJ
TQ6MwYiumlXPdwCrWe97ogDSP30rFt3m33X7y0i3ANGfF8b633Db32D+5c7iUqvK
XpkPVoGj/hwx4fEFhkSextmQNSzzPXdqOYlG3DowRL1gXC0yav9c7CqjIzEpwut2
CK9Jw8QS779bMPUCt1HdCyElgymAMTKIythZ5QWgFPTN
-----END CERTIFICATE-----
Generated at Mon Mar 2 10:10:47 2026 by rpki-client