Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecfa3c13-cba9-4529-84cf-7b6bf8e5cd4a.roa
File: ecfa3c13-cba9-4529-84cf-7b6bf8e5cd4a.roa (raw, json)
Hash identifier: 8eZ3SMXAHVtL2r1eQ+119d70Xe9TINS8TChRbzr7vIE=
Subject key identifier: 1D:31:FD:3B:9E:8F:BC:EC:8B:38:83:3C:FF:C4:2E:15:62:91:9D:5B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 47EF823B2F3F8801487FE8F8415CD8B166FFACFA
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecfa3c13-cba9-4529-84cf-7b6bf8e5cd4a.roa
Signing time: Sat 28 Feb 2026 06:40:09 +0000
ROA not before: Sat 28 Feb 2026 06:40:09 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.200.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:ef:82:3b:2f:3f:88:01:48:7f:e8:f8:41:5c:d8:b1:66:ff:ac:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 28 06:40:09 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=7fb3541d50258d97e91862caffa0d60ccb550e7e253f3dca23516ea81ad69254, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:e1:46:01:0b:1a:ce:ba:67:11:8b:d5:a5:e0:
ea:57:5b:ea:4a:c7:7d:83:f7:61:62:18:f5:af:b0:
17:b5:ff:25:f1:3e:ed:53:9a:3c:18:4d:36:7d:5a:
b6:0b:f7:ac:34:01:9f:52:de:e1:54:77:ae:0c:2a:
26:3e:a5:14:61:21:64:0e:a8:42:27:7a:89:de:7d:
49:a9:64:3d:8e:80:42:50:e9:e6:77:a0:ec:6f:40:
f2:67:cf:e9:64:4c:1d:9a:75:0c:8f:4d:7e:3a:f0:
1c:9f:e6:05:02:75:39:bb:19:db:43:72:14:c0:eb:
d7:a2:d3:fe:c1:f1:e0:45:e0:15:e2:95:b3:b1:e6:
87:d4:7c:f5:9b:81:d4:4c:ec:a5:26:b5:1f:98:9d:
dc:3b:cf:ca:fe:c3:7d:90:81:ff:fa:1a:00:59:ea:
15:11:f6:9c:f9:98:9c:b0:6e:de:6b:c3:18:f0:14:
51:ee:b1:eb:7b:67:04:99:41:a2:89:eb:0f:47:f3:
b5:0f:70:36:78:84:dc:73:c5:ec:0c:20:f2:69:0a:
89:98:83:84:77:1b:d9:a0:c9:28:54:8e:38:dd:6a:
70:05:f4:78:4c:1a:f0:1a:e5:46:2d:02:d7:e0:58:
30:ac:2b:bd:24:e7:aa:ff:0c:c0:ea:63:3b:76:a2:
4b:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:31:FD:3B:9E:8F:BC:EC:8B:38:83:3C:FF:C4:2E:15:62:91:9D:5B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecfa3c13-cba9-4529-84cf-7b6bf8e5cd4a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.200.0.0/15
Signature Algorithm: sha256WithRSAEncryption
a0:5a:04:23:34:d2:19:0d:6b:9c:f4:0a:e0:6d:22:cb:10:14:
37:ee:e7:95:cc:07:10:84:68:36:ea:76:0c:df:6b:12:61:dc:
38:54:93:fd:88:4f:c8:12:19:76:5c:5e:13:f6:dd:ad:d0:11:
e7:db:ec:73:45:9e:cf:17:45:ef:3b:c3:f2:b2:a4:1e:ea:d7:
96:0a:f6:17:a5:d2:2f:03:bd:e1:f8:65:08:e8:b8:bc:e9:5d:
b5:ab:14:e6:24:4b:61:cd:e0:97:93:3d:45:9b:b3:f1:71:83:
c3:ea:12:30:47:38:00:b3:1a:48:46:52:59:bb:1b:b0:a4:13:
15:67:98:f6:ab:3d:2c:51:41:60:d8:39:7c:88:86:68:97:8f:
48:38:6d:e4:21:64:93:cb:19:1e:5f:51:2d:a2:94:6f:da:a6:
15:36:3e:61:66:52:d0:c6:4c:e6:fe:80:91:f3:de:06:b4:7d:
4f:2a:7a:e7:3a:a1:67:68:e2:c3:75:42:b4:d0:b3:84:88:cd:
a1:38:c8:f4:3f:9a:6d:f9:73:8b:42:52:53:4b:d9:6e:55:0a:
45:6f:27:b5:a9:68:32:90:0d:1f:1a:65:f2:37:32:d7:3d:27:
4f:ba:b3:ec:ec:2b:b3:5a:35:12:fc:1a:9c:5d:47:1b:85:b0:
51:3f:85:4e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUR++COy8/iAFIf+j4QVzYsWb/rPowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMjgwNjQwMDlaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDdmYjM1NDFkNTAyNThkOTdlOTE4NjJjYWZmYTBkNjBjY2I1NTBlN2UyNTNm
M2RjYTIzNTE2ZWE4MWFkNjkyNTQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIrhRgELGs66ZxGL1aXg6ldb6krHfYP3YWIY9a+wF7X/JfE+7VOaPBhNNn1a
tgv3rDQBn1Le4VR3rgwqJj6lFGEhZA6oQid6id59SalkPY6AQlDp5neg7G9A8mfP
6WRMHZp1DI9NfjrwHJ/mBQJ1ObsZ20NyFMDr16LT/sHx4EXgFeKVs7Hmh9R89ZuB
1EzspSa1H5id3DvPyv7DfZCB//oaAFnqFRH2nPmYnLBu3mvDGPAUUe6x63tnBJlB
oonrD0fztQ9wNniE3HPF7Awg8mkKiZiDhHcb2aDJKFSOON1qcAX0eEwa8BrlRi0C
1+BYMKwrvSTnqv8MwOpjO3aiS+cCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQdMf07
no+87Is4gzz/xC4VYpGdWzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZWNmYTNjMTMtY2JhOS00NTI5LTg0Y2YtN2I2YmY4ZTVjZDRhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPIMA0G
CSqGSIb3DQEBCwUAA4IBAQCgWgQjNNIZDWuc9ArgbSLLEBQ37ueVzAcQhGg26nYM
32sSYdw4VJP9iE/IEhl2XF4T9t2t0BHn2+xzRZ7PF0XvO8PysqQe6teWCvYXpdIv
A73h+GUI6Li86V21qxTmJEthzeCXkz1Fm7PxcYPD6hIwRzgAsxpIRlJZuxuwpBMV
Z5j2qz0sUUFg2Dl8iIZol49IOG3kIWSTyxkeX1EtopRv2qYVNj5hZlLQxkzm/oCR
894GtH1PKnrnOqFnaOLDdUK00LOEiM2hOMj0P5pt+XOLQlJTS9luVQpFbye1qWgy
kA0fGmXyNzLXPSdPurPs7CuzWjUS/BqcXUcbhbBRP4VO
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:44:05 2026 by rpki-client