Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/de83ab0d-730e-4ba0-9d22-af2c8b7fd8f7.roa
File: de83ab0d-730e-4ba0-9d22-af2c8b7fd8f7.roa (raw, json)
Hash identifier: Pbt2nDalpJjAFKRtzRT64H0apfJKvYpmYV9a4YQMx4k=
Subject key identifier: DC:1F:28:59:08:BE:C0:B8:73:4F:F1:D7:2E:97:28:D0:C5:D1:29:53
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0C1BD69157E341B88FA8B5EBB26AF7E94E1941FC
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/de83ab0d-730e-4ba0-9d22-af2c8b7fd8f7.roa
Signing time: Sat 28 Feb 2026 06:30:46 +0000
ROA not before: Sat 28 Feb 2026 06:30:46 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.40.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:1b:d6:91:57:e3:41:b8:8f:a8:b5:eb:b2:6a:f7:e9:4e:19:41:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 28 06:30:46 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=58f4415a99eeacb86db1dc190d732fd674b003db91d288abd7d9ef263a2d47b9, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:b9:ec:ac:cf:7e:ac:46:c2:2a:d0:e2:62:50:
1e:ea:2a:44:81:52:26:b2:a6:1c:5b:66:76:db:67:
90:e1:ee:15:81:98:8e:81:ea:39:b7:5c:cc:15:f8:
6c:a9:2d:6c:c3:55:69:36:46:07:49:4d:ff:0c:85:
72:bc:c3:95:54:e3:81:49:53:1f:3e:8f:ef:e1:91:
f9:4b:6a:90:5d:ac:04:b3:f1:20:ab:19:a4:fc:df:
26:29:ad:05:0f:14:c4:45:a9:84:4e:7e:3c:e1:b7:
fd:98:12:da:72:fb:3c:c3:2c:46:2d:e0:88:f5:c8:
b5:07:f2:03:c4:51:47:c4:e6:dc:e6:6e:ca:35:2f:
38:49:db:d1:75:ba:e8:0a:d5:09:ca:aa:8b:a3:c3:
80:a6:07:e3:dd:57:54:63:fd:a5:8b:19:0f:5e:dd:
94:6b:af:8c:c6:eb:5f:55:01:0d:35:ca:82:77:1f:
f7:89:d7:90:b3:fa:1b:6f:68:f1:9c:74:87:5c:2d:
74:bb:7b:0d:99:a1:5e:20:9f:2e:52:e3:54:c6:33:
6c:e3:2d:a3:f1:27:d9:be:2e:c1:88:a8:a3:10:83:
3d:43:5b:5a:96:35:d5:19:0d:49:37:68:35:b4:ac:
56:14:74:95:c0:ef:ae:78:05:fc:fc:42:c6:9a:2e:
d4:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:1F:28:59:08:BE:C0:B8:73:4F:F1:D7:2E:97:28:D0:C5:D1:29:53
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/de83ab0d-730e-4ba0-9d22-af2c8b7fd8f7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.40.0.0/16
Signature Algorithm: sha256WithRSAEncryption
74:35:2b:37:50:91:37:2a:6c:b8:96:e8:5e:ba:52:e4:67:42:
ab:0f:dc:24:ef:50:67:ba:ec:74:75:73:cf:73:77:49:f0:9a:
77:f0:50:89:77:08:ac:85:fd:d3:b4:4d:c3:e2:1a:37:4e:dc:
87:aa:d3:72:05:a0:f8:6f:1e:79:f6:12:56:24:26:b9:03:33:
92:a4:3d:08:cf:5c:fc:6b:63:27:aa:d5:05:46:65:0b:dd:28:
2f:0f:3b:eb:40:ba:57:4c:61:4b:5f:ca:49:58:a8:49:03:43:
85:32:9b:b5:4e:31:d3:3e:d9:c1:0d:b6:99:f6:76:03:5f:26:
f5:15:7b:ec:c9:50:5c:df:98:30:45:34:d4:9b:43:88:90:44:
a4:31:4f:ea:98:1f:91:02:0b:f9:ae:85:67:e5:8c:ff:0e:e4:
98:e7:aa:72:29:f0:7b:5f:6a:3e:42:3d:56:ca:10:9c:ed:ea:
67:70:7f:22:07:3b:63:de:d9:62:80:a4:aa:00:8a:d0:c0:13:
83:58:e9:05:66:b8:b7:5d:55:6e:0a:ef:c1:39:60:ee:02:80:
e5:81:63:43:6f:71:ef:da:73:1c:37:d8:f1:7e:31:87:b1:b7:
0e:c1:ca:14:46:d8:2c:18:5e:b0:26:0e:68:ad:01:dd:91:83:
c5:d3:c2:1d
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUDBvWkVfjQbiPqLXrsmr36U4ZQfwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMjgwNjMwNDZaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDU4ZjQ0MTVhOTllZWFjYjg2ZGIxZGMxOTBkNzMyZmQ2NzRiMDAzZGI5MWQy
ODhhYmQ3ZDllZjI2M2EyZDQ3YjkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIG57KzPfqxGwirQ4mJQHuoqRIFSJrKmHFtmdttnkOHuFYGYjoHqObdczBX4
bKktbMNVaTZGB0lN/wyFcrzDlVTjgUlTHz6P7+GR+UtqkF2sBLPxIKsZpPzfJimt
BQ8UxEWphE5+POG3/ZgS2nL7PMMsRi3giPXItQfyA8RRR8Tm3OZuyjUvOEnb0XW6
6ArVCcqqi6PDgKYH491XVGP9pYsZD17dlGuvjMbrX1UBDTXKgncf94nXkLP6G29o
8Zx0h1wtdLt7DZmhXiCfLlLjVMYzbOMto/En2b4uwYiooxCDPUNbWpY11RkNSTdo
NbSsVhR0lcDvrngF/PxCxpou1OECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTcHyhZ
CL7AuHNP8dculyjQxdEpUzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZGU4M2FiMGQtNzMwZS00YmEwLTlkMjItYWYyYzhiN2ZkOGY3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMoMA0G
CSqGSIb3DQEBCwUAA4IBAQB0NSs3UJE3Kmy4luheulLkZ0KrD9wk71Bnuux0dXPP
c3dJ8Jp38FCJdwishf3TtE3D4ho3TtyHqtNyBaD4bx559hJWJCa5AzOSpD0Iz1z8
a2MnqtUFRmUL3SgvDzvrQLpXTGFLX8pJWKhJA0OFMpu1TjHTPtnBDbaZ9nYDXyb1
FXvsyVBc35gwRTTUm0OIkESkMU/qmB+RAgv5roVn5Yz/DuSY56pyKfB7X2o+Qj1W
yhCc7epncH8iBztj3tligKSqAIrQwBODWOkFZri3XVVuCu/BOWDuAoDlgWNDb3Hv
2nMcN9jxfjGHsbcOwcoURtgsGF6wJg5orQHdkYPF08Id
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:21:17 2026 by rpki-client