Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e9b59cd2-43ef-4533-a5a5-5892471ab64c.roa
File: e9b59cd2-43ef-4533-a5a5-5892471ab64c.roa (raw, json)
Hash identifier: YrIKrp7GD/TrMhbgQ7f5v1RlqyMzMTyxNnvH709XEy4=
Subject key identifier: 29:73:C7:9C:E4:74:6E:69:5E:A2:96:D1:AD:06:BB:24:AF:5F:94:55
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 071AB0593B3F59206346A6EF6D8CF594710DB31C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e9b59cd2-43ef-4533-a5a5-5892471ab64c.roa
Signing time: Sat 28 Feb 2026 06:30:40 +0000
ROA not before: Sat 28 Feb 2026 06:30:40 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 14618
IP address blocks: 51.204.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:1a:b0:59:3b:3f:59:20:63:46:a6:ef:6d:8c:f5:94:71:0d:b3:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 28 06:30:40 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=005eff0d62b36e5524d401a50cf60b687dea382e78c6282136543454baeb8f52, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:b9:12:83:26:32:87:76:d9:9a:71:4e:df:68:
21:ad:30:aa:51:bc:b3:ef:5b:81:df:56:5e:3d:15:
36:bd:54:5c:e7:41:02:2b:01:80:12:88:d8:7b:13:
11:ed:2a:b5:38:ef:b6:c0:0a:30:88:06:6c:ad:f4:
03:81:62:ae:5e:16:b5:9f:64:53:df:45:21:ac:72:
90:f2:b5:69:54:a1:3f:67:cd:d6:90:83:5a:4c:c7:
47:99:be:a2:50:a9:67:4c:7a:f0:6b:0e:8b:75:10:
31:53:25:b5:6e:f8:30:1e:e5:97:47:e4:03:f3:39:
19:3d:54:43:3d:af:34:61:31:aa:72:d5:f9:30:4f:
5a:80:cb:97:59:0f:65:86:58:a7:d2:23:54:d3:59:
2f:7a:b7:f9:44:7e:b7:b5:b2:09:42:3c:2c:78:fb:
67:44:2a:fd:f2:ca:46:cf:8b:08:64:e0:db:6b:c2:
b6:45:f8:0a:c4:82:88:32:9d:31:2e:5e:ad:25:9d:
06:43:8e:c9:17:a5:f5:12:11:d3:ab:a6:89:55:1d:
61:d2:3b:6e:f7:39:56:2a:3a:32:84:52:3f:26:9f:
0f:94:4f:78:8c:b6:0c:59:5e:2d:8b:f8:bf:a2:a7:
4c:c1:9d:33:33:03:eb:af:14:5a:6c:fa:d1:ec:63:
b7:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:73:C7:9C:E4:74:6E:69:5E:A2:96:D1:AD:06:BB:24:AF:5F:94:55
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e9b59cd2-43ef-4533-a5a5-5892471ab64c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.204.0.0/15
Signature Algorithm: sha256WithRSAEncryption
20:fa:11:48:d3:e7:b6:32:bd:a0:c8:29:85:58:5a:4a:7d:1b:
6e:ee:86:b4:74:5d:08:c4:d5:d6:e5:29:7d:5d:b6:e5:7b:80:
46:dc:ef:c7:92:44:b8:a7:43:10:48:42:ea:c0:4e:4a:9b:2d:
c4:7e:65:3c:af:4e:0f:7f:2d:96:c6:18:bd:b6:4d:d5:c6:13:
a6:51:41:cf:3d:18:c0:69:99:32:20:cb:4d:0f:d5:7e:af:9f:
5f:68:19:c4:48:9a:9f:77:cc:db:90:80:02:dc:bb:7e:96:c1:
b8:71:12:76:de:0b:68:3d:f0:5b:c1:64:47:2a:5a:95:76:9e:
d3:af:01:03:91:47:00:8a:7c:c1:ea:08:c4:83:e2:75:8e:6e:
6c:1f:a3:c6:98:a5:5d:21:5b:7c:e2:2f:79:7d:19:27:3c:f1:
4e:29:c7:89:d1:da:5c:84:c2:21:50:d0:72:68:35:33:a8:53:
7f:06:1d:f2:04:5f:6b:a2:83:19:7b:74:f2:b8:27:35:a2:6a:
4c:3e:01:a5:2e:1a:6f:35:af:0f:f7:cb:e8:b6:a0:81:72:c5:
21:24:45:31:0e:2e:f8:6f:dc:59:5d:60:a2:b1:25:e1:cf:34:
e9:7e:3f:b8:a2:1b:c0:09:b7:d1:f1:85:10:76:c2:2f:f3:50:
08:7e:d3:1e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUBxqwWTs/WSBjRqbvbYz1lHENsxwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMjgwNjMwNDBaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDAwNWVmZjBkNjJiMzZlNTUyNGQ0MDFhNTBjZjYwYjY4N2RlYTM4MmU3OGM2
MjgyMTM2NTQzNDU0YmFlYjhmNTIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKC5EoMmMod22ZpxTt9oIa0wqlG8s+9bgd9WXj0VNr1UXOdBAisBgBKI2HsT
Ee0qtTjvtsAKMIgGbK30A4Firl4WtZ9kU99FIaxykPK1aVShP2fN1pCDWkzHR5m+
olCpZ0x68GsOi3UQMVMltW74MB7ll0fkA/M5GT1UQz2vNGExqnLV+TBPWoDLl1kP
ZYZYp9IjVNNZL3q3+UR+t7WyCUI8LHj7Z0Qq/fLKRs+LCGTg22vCtkX4CsSCiDKd
MS5erSWdBkOOyRel9RIR06umiVUdYdI7bvc5Vio6MoRSPyafD5RPeIy2DFleLYv4
v6KnTMGdMzMD668UWmz60exjtxcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQpc8ec
5HRuaV6iltGtBrskr1+UVTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTliNTljZDItNDNlZi00NTMzLWE1YTUtNTg5MjQ3MWFiNjRjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPMMA0G
CSqGSIb3DQEBCwUAA4IBAQAg+hFI0+e2Mr2gyCmFWFpKfRtu7oa0dF0IxNXW5Sl9
Xbble4BG3O/HkkS4p0MQSELqwE5Kmy3EfmU8r04Pfy2Wxhi9tk3VxhOmUUHPPRjA
aZkyIMtND9V+r59faBnESJqfd8zbkIAC3Lt+lsG4cRJ23gtoPfBbwWRHKlqVdp7T
rwEDkUcAinzB6gjEg+J1jm5sH6PGmKVdIVt84i95fRknPPFOKceJ0dpchMIhUNBy
aDUzqFN/Bh3yBF9rooMZe3TyuCc1ompMPgGlLhpvNa8P98votqCBcsUhJEUxDi74
b9xZXWCisSXhzzTpfj+4ohvACbfR8YUQdsIv81AIftMe
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:42:59 2026 by rpki-client