Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f060e190-89f7-4009-9831-b2d429343b80.roa
File: f060e190-89f7-4009-9831-b2d429343b80.roa (raw, json)
Hash identifier: DVlFpCy2i87ucwWLFWBeMHoDokye2XaYM7H90LA7P7c=
Subject key identifier: E3:DB:A2:E2:09:7A:C9:4C:68:3C:DA:80:E6:12:B9:1F:1E:82:7D:59
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 61B7ECBEFB37C9E3001E4D095CA6B61BA3734D53
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f060e190-89f7-4009-9831-b2d429343b80.roa
Signing time: Fri 06 Feb 2026 00:40:11 +0000
ROA not before: Fri 06 Feb 2026 00:40:11 +0000
ROA not after: Thu 07 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.16.0.0/15 maxlen: 15
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:b7:ec:be:fb:37:c9:e3:00:1e:4d:09:5c:a6:b6:1b:a3:73:4d:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 6 00:40:11 2026 GMT
Not After : May 7 23:59:59 2026 GMT
Subject: serialNumber=84c4c5d2c7a3a55182ecc38b97d3a415277ceb56812b85ef2bacaa584569dce9, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:8d:76:5f:33:3c:87:19:de:f1:c8:dd:68:5a:
49:0f:81:ef:13:f0:be:ec:b8:63:ee:de:ab:02:c5:
96:aa:92:bc:db:69:64:6f:8a:83:a6:4b:c5:1c:14:
1b:a5:14:7c:7a:03:ed:c6:37:86:2d:d3:13:00:72:
ad:5b:59:fa:38:0b:9c:51:c4:62:2e:9d:96:92:9f:
22:7c:47:de:43:ab:32:37:44:df:7e:87:54:d0:ed:
7a:78:51:1c:c2:cc:3f:8d:50:44:61:49:2c:1e:83:
a1:70:7f:42:73:2c:e9:df:4c:13:18:37:b6:90:02:
da:bf:0a:7e:d5:4f:08:00:cd:03:37:53:98:e4:5e:
70:35:dc:84:42:5d:16:10:f1:12:f7:bc:11:42:5c:
b7:a3:87:bd:84:7d:c6:af:21:8f:1d:96:ab:79:f1:
99:78:3e:74:d0:68:4b:33:09:15:14:2f:34:02:ca:
95:e4:4c:68:44:6e:e8:ed:e3:19:3b:20:82:89:4e:
06:7b:a0:ee:5a:87:86:8c:ec:ed:7c:45:e3:0c:f7:
3e:a2:bb:0b:75:01:60:39:c0:7e:5d:3a:48:02:74:
44:2a:2b:fa:3c:6e:df:9e:82:20:11:b3:22:f5:4c:
9e:bd:d5:1f:6b:10:8e:71:d6:cb:61:ae:a3:5c:6e:
44:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:DB:A2:E2:09:7A:C9:4C:68:3C:DA:80:E6:12:B9:1F:1E:82:7D:59
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f060e190-89f7-4009-9831-b2d429343b80.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.16.0.0/15
Signature Algorithm: sha256WithRSAEncryption
1a:24:7c:1c:9e:de:86:43:9f:dc:be:7e:0b:5f:4b:0e:f4:0e:
15:47:ba:38:b8:58:52:7a:26:b0:70:a0:f2:bc:c1:40:3a:cb:
cd:78:66:eb:58:21:32:e6:90:0d:1b:c9:4b:98:c0:de:dd:39:
07:3e:17:93:06:18:99:2a:92:c7:25:d7:29:e5:e6:a4:71:b5:
1d:2b:a4:a7:f4:5f:c3:dc:5e:9c:84:6a:0f:36:85:3b:ee:23:
9d:1f:5b:49:de:15:6b:f9:05:1b:02:1f:04:f1:10:0f:17:38:
db:4e:22:de:ec:68:4d:5c:e6:ed:97:2c:56:b5:20:ca:01:a8:
8e:d6:a0:e9:80:33:4d:20:69:29:2a:94:72:71:be:ad:e5:d1:
97:9e:4a:ef:6e:d2:65:e9:ae:d1:27:4c:2d:09:c1:c3:05:20:
a5:11:fb:fa:81:e4:77:56:8c:49:5b:bc:d3:98:28:e0:b3:62:
6f:ef:dc:2a:6c:9f:18:47:dd:2d:91:b4:ec:de:4b:d3:67:68:
85:2c:23:0c:67:1f:07:cb:d4:d1:3d:a4:c3:e8:f2:9c:49:18:
d6:1b:fc:7b:6c:74:e0:3a:d1:4c:99:04:f1:7b:80:8d:49:43:
75:54:78:b6:18:ec:99:55:ad:11:11:fa:13:82:1e:d6:8d:6a:
e7:96:2c:67
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUYbfsvvs3yeMAHk0JXKa2G6NzTVMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMDYwMDQwMTFaFw0yNjA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDg0YzRjNWQyYzdhM2E1NTE4MmVjYzM4Yjk3ZDNhNDE1Mjc3Y2ViNTY4MTJi
ODVlZjJiYWNhYTU4NDU2OWRjZTkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMmNdl8zPIcZ3vHI3WhaSQ+B7xPwvuy4Y+7eqwLFlqqSvNtpZG+Kg6ZLxRwU
G6UUfHoD7cY3hi3TEwByrVtZ+jgLnFHEYi6dlpKfInxH3kOrMjdE336HVNDtenhR
HMLMP41QRGFJLB6DoXB/QnMs6d9MExg3tpAC2r8KftVPCADNAzdTmORecDXchEJd
FhDxEve8EUJct6OHvYR9xq8hjx2Wq3nxmXg+dNBoSzMJFRQvNALKleRMaERu6O3j
GTsggolOBnug7lqHhozs7XxF4wz3PqK7C3UBYDnAfl06SAJ0RCor+jxu356CIBGz
IvVMnr3VH2sQjnHWy2Guo1xuRLUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTj26Li
CXrJTGg82oDmErkfHoJ9WTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjA2MGUxOTAtODlmNy00MDA5LTk4MzEtYjJkNDI5MzQzYjgwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATMQMA0G
CSqGSIb3DQEBCwUAA4IBAQAaJHwcnt6GQ5/cvn4LX0sO9A4VR7o4uFhSeiawcKDy
vMFAOsvNeGbrWCEy5pANG8lLmMDe3TkHPheTBhiZKpLHJdcp5eakcbUdK6Sn9F/D
3F6chGoPNoU77iOdH1tJ3hVr+QUbAh8E8RAPFzjbTiLe7GhNXObtlyxWtSDKAaiO
1qDpgDNNIGkpKpRycb6t5dGXnkrvbtJl6a7RJ0wtCcHDBSClEfv6geR3VoxJW7zT
mCjgs2Jv79wqbJ8YR90tkbTs3kvTZ2iFLCMMZx8Hy9TRPaTD6PKcSRjWG/x7bHTg
OtFMmQTxe4CNSUN1VHi2GOyZVa0REfoTgh7WjWrnlixn
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:55:11 2026 by rpki-client