Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fa9f76b3-644f-4e7b-96b8-a50117fd4d67.roa
File: fa9f76b3-644f-4e7b-96b8-a50117fd4d67.roa (raw, json)
Hash identifier: bqyhoTIPyii9ckWDzWM9bvI5pTfhlg0PtvQXibfvz0A=
Subject key identifier: 32:FB:D9:3C:57:94:E3:07:19:C7:D0:A1:22:13:26:86:38:19:41:DE
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4A5A9559BBAE6E7AF988069E0D17847B7FFD08C6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fa9f76b3-644f-4e7b-96b8-a50117fd4d67.roa
Signing time: Sat 28 Feb 2026 06:40:19 +0000
ROA not before: Sat 28 Feb 2026 06:40:19 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.76.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:5a:95:59:bb:ae:6e:7a:f9:88:06:9e:0d:17:84:7b:7f:fd:08:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 28 06:40:19 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=02e23caf7ba769adb39b5eb8aff7756dac4e38890f681ea818f907200cb2163a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:8c:7c:7f:51:5a:a1:75:5c:90:6d:80:b0:23:
67:b7:2f:fc:5c:48:ca:64:64:36:77:e2:3a:c4:89:
de:0c:c9:6e:cd:c3:cc:d8:0f:a7:cc:f2:1a:0b:c9:
3e:b3:ec:98:86:4b:6e:a2:ef:fb:4c:4d:8c:9c:ac:
76:a3:e4:2e:ee:2a:31:e2:f1:54:84:0a:86:ce:cc:
01:f4:26:78:b2:fe:40:44:a1:5b:49:cf:9b:8f:89:
46:14:c9:97:db:71:e7:66:27:4d:ae:2e:2a:22:ef:
aa:fc:19:c5:ca:98:c7:87:61:f4:c2:06:be:4e:56:
77:10:20:d6:e3:b0:d2:f2:49:9f:29:23:97:61:db:
ba:c0:a9:0a:03:12:1f:47:cd:6c:75:cb:17:c0:7c:
9b:34:55:78:84:2e:f9:a6:c8:0a:f0:f7:ac:f4:4f:
be:75:e6:d1:e4:30:d2:34:47:ff:02:14:4e:1b:ed:
7b:ea:e8:bb:b7:da:d0:24:d8:c5:fd:a8:bc:07:43:
38:b3:35:2f:e4:13:a7:27:ec:4c:e7:90:e0:d3:a2:
b8:9b:0b:43:e9:9b:3e:a7:7c:a7:10:6d:15:ad:f6:
d1:a5:0b:c1:47:99:29:95:35:4b:cd:08:d6:8c:0e:
85:75:96:65:b6:c4:ad:6b:13:bd:7a:8b:ba:14:6e:
58:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:FB:D9:3C:57:94:E3:07:19:C7:D0:A1:22:13:26:86:38:19:41:DE
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fa9f76b3-644f-4e7b-96b8-a50117fd4d67.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.76.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c2:ef:0b:f0:48:ba:80:96:05:47:71:3a:6b:c1:f1:d4:98:01:
30:4d:8a:03:b9:99:c2:2e:33:c4:b0:c1:df:da:c1:c2:a0:0e:
e6:4a:af:98:6a:78:bb:98:79:5f:bb:6b:20:d1:fd:52:2a:39:
38:8e:b7:fd:05:74:a2:5d:63:97:99:63:f3:cd:60:f3:61:1b:
63:71:30:00:4c:58:56:6d:ea:66:17:2d:32:d9:c1:f1:f7:16:
bb:ae:d0:a2:ea:a3:58:64:67:36:12:8c:52:b6:0a:1d:f2:3b:
cd:45:92:fe:83:ab:29:9b:24:20:c7:94:9f:92:c8:ce:b0:00:
5e:01:fd:d9:56:71:b7:c4:89:f2:a5:ca:0c:b9:39:cd:04:d4:
28:89:8d:23:da:df:18:d3:6f:a4:d4:9c:9a:1c:77:bf:84:0c:
ad:4a:64:5a:3d:61:74:c2:19:fa:0f:ba:92:5b:9e:fd:50:d7:
c6:ff:0d:5a:f5:52:ec:7d:cd:d2:11:60:9d:45:e5:5c:66:49:
12:83:60:7f:d6:7a:10:2e:72:fe:56:ac:10:d1:0d:cb:86:54:
48:63:de:65:3d:c0:38:a1:6c:2b:e9:53:eb:a2:41:10:10:a1:
c3:1f:36:59:fc:34:c6:84:83:cf:1c:2f:b0:2a:37:6e:78:02:
35:72:c7:d8
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUSlqVWbuubnr5iAaeDReEe3/9CMYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMjgwNjQwMTlaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDAyZTIzY2FmN2JhNzY5YWRiMzliNWViOGFmZjc3NTZkYWM0ZTM4ODkwZjY4
MWVhODE4ZjkwNzIwMGNiMjE2M2ExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKyMfH9RWqF1XJBtgLAjZ7cv/FxIymRkNnfiOsSJ3gzJbs3DzNgPp8zyGgvJ
PrPsmIZLbqLv+0xNjJysdqPkLu4qMeLxVIQKhs7MAfQmeLL+QEShW0nPm4+JRhTJ
l9tx52YnTa4uKiLvqvwZxcqYx4dh9MIGvk5WdxAg1uOw0vJJnykjl2HbusCpCgMS
H0fNbHXLF8B8mzRVeIQu+abICvD3rPRPvnXm0eQw0jRH/wIUThvte+rou7fa0CTY
xf2ovAdDOLM1L+QTpyfsTOeQ4NOiuJsLQ+mbPqd8pxBtFa320aULwUeZKZU1S80I
1owOhXWWZbbErWsTvXqLuhRuWJUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQy+9k8
V5TjBxnH0KEiEyaGOBlB3jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmE5Zjc2YjMtNjQ0Zi00ZTdiLTk2YjgtYTUwMTE3ZmQ0ZDY3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNMMA0G
CSqGSIb3DQEBCwUAA4IBAQDC7wvwSLqAlgVHcTprwfHUmAEwTYoDuZnCLjPEsMHf
2sHCoA7mSq+Yani7mHlfu2sg0f1SKjk4jrf9BXSiXWOXmWPzzWDzYRtjcTAATFhW
bepmFy0y2cHx9xa7rtCi6qNYZGc2EoxStgod8jvNRZL+g6spmyQgx5SfksjOsABe
Af3ZVnG3xInypcoMuTnNBNQoiY0j2t8Y02+k1JyaHHe/hAytSmRaPWF0whn6D7qS
W579UNfG/w1a9VLsfc3SEWCdReVcZkkSg2B/1noQLnL+VqwQ0Q3LhlRIY95lPcA4
oWwr6VProkEQEKHDHzZZ/DTGhIPPHC+wKjdueAI1csfY
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:49:19 2026 by rpki-client