Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e2093baf-9227-4159-b7ff-180369fe3bda.roa
File: e2093baf-9227-4159-b7ff-180369fe3bda.roa (raw, json)
Hash identifier: R8LAffTpCmGdzojx+hlmprjwQ3Ri7s/fR219hrxo6aI=
Subject key identifier: F2:89:EB:87:50:CF:93:6F:BC:6C:61:02:95:BB:A1:77:96:08:51:2E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2EADD295CD227F5613B7383C6F37173A46B76BE4
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e2093baf-9227-4159-b7ff-180369fe3bda.roa
Signing time: Sat 28 Feb 2026 06:30:14 +0000
ROA not before: Sat 28 Feb 2026 06:30:14 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.88.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:ad:d2:95:cd:22:7f:56:13:b7:38:3c:6f:37:17:3a:46:b7:6b:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 28 06:30:14 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=6dc64ce70d59cb464da12af30f63fbda8c26bdf7f0296377dd8879b0ccc80de9, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:35:42:94:13:96:92:49:c7:71:52:54:e3:0a:
e4:f2:90:d0:79:35:c6:00:d4:86:ff:48:33:f1:fa:
a8:b0:c6:20:ef:51:d5:2f:2b:fa:dc:2a:36:5f:34:
78:ca:b8:1e:e2:a9:97:b8:5c:f5:5b:f6:b0:65:87:
d2:a2:08:37:8e:06:52:e3:7e:86:84:27:62:fa:af:
bf:36:63:5d:2b:0c:13:03:96:36:68:2c:77:04:f5:
c9:39:c5:83:72:61:01:58:a8:34:cc:c6:bb:95:f9:
5e:f3:1a:05:a0:d3:3a:3e:b4:40:e6:7b:a7:41:2d:
56:4d:c2:87:92:31:7c:5d:b5:e9:af:1b:0a:f2:fe:
73:b3:86:63:5e:89:38:12:03:7c:de:5d:f4:b6:84:
92:bc:60:db:33:04:64:b0:e7:69:71:af:84:87:79:
7a:14:48:35:07:cf:7c:60:5e:44:c3:f5:24:0f:c6:
1a:ac:01:86:fa:76:e0:4a:38:f2:9e:93:46:22:b1:
c6:6f:01:4b:d4:ef:08:da:2c:e3:d9:f8:b0:a3:61:
d6:dd:ee:bc:fa:e0:12:56:5d:72:4d:19:15:bb:48:
0b:c9:e3:f6:60:4d:0d:45:71:24:ca:f4:ec:d5:ae:
4c:3d:a1:1a:8c:53:bc:51:92:25:53:65:69:91:db:
5b:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:89:EB:87:50:CF:93:6F:BC:6C:61:02:95:BB:A1:77:96:08:51:2E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e2093baf-9227-4159-b7ff-180369fe3bda.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.88.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c3:3e:d3:92:c3:54:36:84:ca:11:ea:5e:93:93:32:15:13:af:
af:72:7b:2c:29:f5:f7:28:68:0f:68:dc:43:ec:35:0f:a2:6b:
89:b9:10:d2:8e:af:bd:19:bd:14:c6:f2:36:b0:f6:5c:88:3a:
82:1e:6a:d6:fc:8e:41:a9:e2:e4:83:25:3f:bd:bc:84:0f:de:
75:f1:96:69:5d:07:1b:37:9c:7d:33:65:17:81:02:d1:21:0e:
29:91:91:ff:8c:cd:4b:2e:1a:a7:f8:75:4c:22:e1:78:0f:c6:
ea:a9:85:e9:d3:43:50:f9:76:f4:fc:25:41:81:2b:ab:1f:62:
c5:9a:13:b5:0f:ba:d5:e4:8f:68:95:b5:2e:91:2b:97:ea:79:
8c:d3:73:c8:d7:ef:16:14:ad:ca:c2:de:64:1d:a7:fb:f1:c1:
80:5f:86:12:5e:eb:53:94:86:25:e6:d2:3c:8e:55:35:a5:8e:
69:91:5d:62:0b:21:f8:d1:cf:3f:d8:b9:a6:9f:33:8f:46:dd:
b9:3e:23:b2:73:c4:fb:0f:07:d4:d9:fe:29:c7:a5:39:e6:6c:
db:91:1f:3c:50:c1:52:5f:01:e4:98:ab:5c:79:ff:12:1e:95:
f8:6e:74:53:35:40:83:f9:4e:bc:10:7a:9c:17:43:79:46:8d:
78:d7:49:71
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIULq3Slc0if1YTtzg8bzcXOka3a+QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMjgwNjMwMTRaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDZkYzY0Y2U3MGQ1OWNiNDY0ZGExMmFmMzBmNjNmYmRhOGMyNmJkZjdmMDI5
NjM3N2RkODg3OWIwY2NjODBkZTkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANk1QpQTlpJJx3FSVOMK5PKQ0Hk1xgDUhv9IM/H6qLDGIO9R1S8r+twqNl80
eMq4HuKpl7hc9Vv2sGWH0qIIN44GUuN+hoQnYvqvvzZjXSsMEwOWNmgsdwT1yTnF
g3JhAVioNMzGu5X5XvMaBaDTOj60QOZ7p0EtVk3Ch5IxfF216a8bCvL+c7OGY16J
OBIDfN5d9LaEkrxg2zMEZLDnaXGvhId5ehRINQfPfGBeRMP1JA/GGqwBhvp24Eo4
8p6TRiKxxm8BS9TvCNos49n4sKNh1t3uvPrgElZdck0ZFbtIC8nj9mBNDUVxJMr0
7NWuTD2hGoxTvFGSJVNlaZHbW7kCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTyieuH
UM+Tb7xsYQKVu6F3lghRLjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTIwOTNiYWYtOTIyNy00MTU5LWI3ZmYtMTgwMzY5ZmUzYmRhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNYMA0G
CSqGSIb3DQEBCwUAA4IBAQDDPtOSw1Q2hMoR6l6TkzIVE6+vcnssKfX3KGgPaNxD
7DUPomuJuRDSjq+9Gb0UxvI2sPZciDqCHmrW/I5BqeLkgyU/vbyED9518ZZpXQcb
N5x9M2UXgQLRIQ4pkZH/jM1LLhqn+HVMIuF4D8bqqYXp00NQ+Xb0/CVBgSurH2LF
mhO1D7rV5I9olbUukSuX6nmM03PI1+8WFK3Kwt5kHaf78cGAX4YSXutTlIYl5tI8
jlU1pY5pkV1iCyH40c8/2LmmnzOPRt25PiOyc8T7DwfU2f4px6U55mzbkR88UMFS
XwHkmKtcef8SHpX4bnRTNUCD+U68EHqcF0N5Ro1410lx
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:02:57 2026 by rpki-client