Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d51a4935-8601-4ebd-a099-1d61b0a661b3.roa
File: d51a4935-8601-4ebd-a099-1d61b0a661b3.roa (raw, json)
Hash identifier: +QvQG/qKSDXWIFBVJsSrYz7SeGKEmWGg+gjbYD0yaAg=
Subject key identifier: B8:84:D1:02:68:DA:61:8B:20:36:1D:9E:95:8E:9C:85:9C:9A:00:6A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 40908D7C9498E2E14D570AC8E8AA408F0051E20A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d51a4935-8601-4ebd-a099-1d61b0a661b3.roa
Signing time: Tue 19 May 2026 05:50:11 +0000
ROA not before: Tue 19 May 2026 05:50:11 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.228.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:90:8d:7c:94:98:e2:e1:4d:57:0a:c8:e8:aa:40:8f:00:51:e2:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 05:50:11 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=ff33917e9f1325cdc0335e1357207dcd0730c7eb5229645872a53186a365e728, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:cf:94:4f:1a:5e:a2:58:a7:5e:ef:bd:c4:ed:
ff:18:de:a7:81:a2:47:b3:16:04:88:e6:81:a4:4d:
8e:64:87:1a:f9:8e:61:79:0b:2c:32:8a:49:9c:0d:
ef:b4:48:c0:df:4b:25:d3:89:5a:c8:39:6f:e3:a9:
cf:6e:3e:2b:d6:14:04:c4:7e:90:9e:bc:0d:fc:e5:
49:73:c8:25:3d:90:cc:68:da:d2:40:77:b6:d5:c1:
24:3c:0c:cb:d3:5c:cd:70:27:79:26:ea:d1:9f:51:
e5:0a:30:46:07:e0:df:5c:69:be:f7:e0:56:90:b4:
36:51:0a:28:fd:3f:b4:fe:fb:df:f6:4b:5e:da:0e:
28:ac:05:9b:1e:1f:70:77:b6:3d:2a:33:0a:46:b3:
e6:6c:4c:5a:34:52:4f:2a:5f:2a:22:45:50:d6:8a:
2f:d9:6a:5c:05:91:ec:f5:11:ad:96:a8:82:27:a1:
c0:df:e2:8d:b3:ce:08:b6:b9:d8:58:21:aa:5a:f3:
d4:40:a1:34:37:c3:84:ef:10:6c:61:64:f1:53:f0:
a5:9f:e9:f3:fc:5f:0b:da:69:6c:3e:ed:1b:a7:25:
eb:2a:45:78:0a:a9:b0:c6:26:d7:68:68:a1:6c:0f:
f4:c6:7d:4e:94:17:67:61:fc:6f:37:40:84:7f:eb:
d0:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:84:D1:02:68:DA:61:8B:20:36:1D:9E:95:8E:9C:85:9C:9A:00:6A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d51a4935-8601-4ebd-a099-1d61b0a661b3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.228.0.0/15
Signature Algorithm: sha256WithRSAEncryption
33:3f:4a:1d:6d:52:15:d9:5e:e4:32:29:8b:21:c1:f2:e6:10:
30:58:e1:b2:d6:b6:41:7d:b5:96:fe:85:44:37:f4:6c:45:37:
5e:4d:b9:52:02:be:10:40:79:3d:28:76:67:ff:4b:13:3b:18:
79:2e:54:ae:c4:0c:7f:69:e2:44:bf:05:fe:66:8d:b3:bf:6c:
5d:05:65:25:cc:70:9f:c9:0d:93:5c:8a:46:ae:82:03:3b:0f:
79:0c:be:b7:80:4f:02:e0:d8:13:5f:93:7a:16:7b:f6:34:3b:
95:10:9a:b7:97:6c:c2:71:1b:bf:e4:e2:99:a0:06:5e:9b:a3:
83:b1:5b:be:ea:c8:8f:09:c8:c4:ce:cc:0d:da:25:2b:21:55:
99:c3:41:51:3a:98:e7:04:ff:8b:67:89:f4:0b:b6:b2:26:d1:
5d:f6:8b:6e:da:70:fe:f9:a2:b9:a4:40:9e:92:4f:27:05:3c:
12:6f:fd:e9:9b:a6:ab:74:81:e8:d7:44:4a:b4:33:cf:2d:96:
60:0b:90:51:9b:5b:fd:e5:72:6a:7e:ba:68:ab:15:e4:9e:a4:
5f:2c:b8:b1:1a:0b:6d:f3:fc:7e:a9:b8:45:3e:62:6e:e5:a4:
bb:fe:d8:62:20:e1:11:80:8f:e4:96:59:81:07:07:16:c9:6a:
1c:18:6d:d6
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUQJCNfJSY4uFNVwrI6KpAjwBR4gowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNTUwMTFaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGZmMzM5MTdlOWYxMzI1Y2RjMDMzNWUxMzU3MjA3ZGNkMDczMGM3ZWI1MjI5
NjQ1ODcyYTUzMTg2YTM2NWU3MjgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMPPlE8aXqJYp17vvcTt/xjep4GiR7MWBIjmgaRNjmSHGvmOYXkLLDKKSZwN
77RIwN9LJdOJWsg5b+Opz24+K9YUBMR+kJ68DfzlSXPIJT2QzGja0kB3ttXBJDwM
y9NczXAneSbq0Z9R5QowRgfg31xpvvfgVpC0NlEKKP0/tP773/ZLXtoOKKwFmx4f
cHe2PSozCkaz5mxMWjRSTypfKiJFUNaKL9lqXAWR7PURrZaogiehwN/ijbPOCLa5
2Fghqlrz1EChNDfDhO8QbGFk8VPwpZ/p8/xfC9ppbD7tG6cl6ypFeAqpsMYm12ho
oWwP9MZ9TpQXZ2H8bzdAhH/r0N0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS4hNEC
aNphiyA2HZ6VjpyFnJoAajAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDUxYTQ5MzUtODYwMS00ZWJkLWEwOTktMWQ2MWIwYTY2MWIzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPkMA0G
CSqGSIb3DQEBCwUAA4IBAQAzP0odbVIV2V7kMimLIcHy5hAwWOGy1rZBfbWW/oVE
N/RsRTdeTblSAr4QQHk9KHZn/0sTOxh5LlSuxAx/aeJEvwX+Zo2zv2xdBWUlzHCf
yQ2TXIpGroIDOw95DL63gE8C4NgTX5N6Fnv2NDuVEJq3l2zCcRu/5OKZoAZem6OD
sVu+6siPCcjEzswN2iUrIVWZw0FROpjnBP+LZ4n0C7ayJtFd9otu2nD++aK5pECe
kk8nBTwSb/3pm6ardIHo10RKtDPPLZZgC5BRm1v95XJqfrpoqxXknqRfLLixGgtt
8/x+qbhFPmJu5aS7/thiIOERgI/kllmBBwcWyWocGG3W
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:24:12 2026 by rpki-client