Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/faa5ec1e-61dd-4ddb-a08f-0b29cab481e1.roa
File: faa5ec1e-61dd-4ddb-a08f-0b29cab481e1.roa (raw, json)
Hash identifier: wU9iB9gUAxbGbJ4sKPIFYIXc+VAHT4DmMLwauNPpSrU=
Subject key identifier: F6:98:28:FC:1D:B5:A3:07:66:29:72:69:43:FC:25:60:1B:BF:82:EB
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5AA76FF8A971143CAAB6D1EAB0655768FEE86C52
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/faa5ec1e-61dd-4ddb-a08f-0b29cab481e1.roa
Signing time: Fri 06 Feb 2026 00:40:05 +0000
ROA not before: Fri 06 Feb 2026 00:40:05 +0000
ROA not after: Thu 07 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.16.240.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:a7:6f:f8:a9:71:14:3c:aa:b6:d1:ea:b0:65:57:68:fe:e8:6c:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 6 00:40:05 2026 GMT
Not After : May 7 23:59:59 2026 GMT
Subject: serialNumber=07e09095b7395618f3cae9f28309a9aab8c7e65bd96b8060dcbc8ab9c4bcebbe, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:61:2b:5d:48:b2:68:61:3c:d4:bc:13:41:1c:
7b:e8:e2:95:49:2f:d3:97:3d:c8:7f:ca:2a:47:56:
7f:79:50:e4:99:06:77:a4:92:d2:2f:f5:43:9a:6a:
09:41:d4:1b:69:81:2a:d5:78:54:a9:5a:b5:87:8c:
a0:f2:b4:52:48:4c:e2:83:b0:3b:59:20:e2:2b:62:
eb:2a:2f:9c:81:75:ec:cc:53:1c:c5:f3:e1:99:d2:
e9:a1:12:7c:32:a6:d1:fa:77:61:53:69:2d:6b:bf:
01:a6:09:7c:ea:77:b5:8e:34:39:15:b0:fd:3e:c7:
84:32:7a:3e:81:6d:32:d1:f2:c2:aa:b4:d1:a6:99:
94:ec:c1:84:2e:38:2d:44:dc:4f:27:2b:e8:0d:5a:
14:9e:b8:99:b5:3a:74:27:74:7f:21:26:1d:ac:6d:
cc:9c:6f:b8:fa:32:18:44:e2:7f:18:41:40:52:11:
a0:f3:bd:8f:70:35:6a:11:91:56:08:9d:56:67:f0:
4c:1e:16:a0:65:01:c1:01:05:d1:6f:f5:a9:03:37:
af:ac:79:9f:c6:2b:2e:0f:f4:db:38:dd:fe:55:6b:
c6:d9:d2:e4:44:99:eb:3c:3d:73:37:8e:07:15:a6:
5e:36:01:7f:ec:31:d0:b7:9d:f2:d1:a8:df:07:3f:
f6:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:98:28:FC:1D:B5:A3:07:66:29:72:69:43:FC:25:60:1B:BF:82:EB
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/faa5ec1e-61dd-4ddb-a08f-0b29cab481e1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.16.240.0/22
Signature Algorithm: sha256WithRSAEncryption
95:4e:2b:3e:8b:fa:00:61:54:55:e5:15:49:d1:d1:60:51:91:
ca:0b:26:99:7f:a2:64:19:9e:ab:19:fb:84:44:6f:de:26:94:
a4:3f:fa:98:0c:da:cd:b9:bb:0c:d5:3b:94:9f:2d:cc:d8:43:
c5:24:c4:9c:0f:98:37:14:e0:ca:5a:62:cf:dc:50:ea:67:56:
d1:ee:b2:18:e2:0a:f0:31:27:e2:1e:58:1b:39:50:61:ed:38:
55:31:5f:b6:6a:c4:80:fb:41:55:a7:81:42:d0:7b:64:a0:44:
b4:db:3e:c5:ff:74:02:f9:f7:8b:c6:6a:15:f2:72:3a:4c:23:
c0:8d:ba:aa:dd:ec:46:ae:9c:6f:ea:fe:a7:e7:81:da:77:8b:
b3:8a:55:23:2c:10:53:d4:d6:5b:89:cc:44:f0:b6:ef:30:7d:
4b:97:69:33:23:aa:d9:e9:18:3e:95:74:3e:2b:c3:ee:b1:ff:
17:01:80:77:28:51:fb:cf:7f:62:4d:ff:27:8a:f7:b2:d4:8b:
fc:43:4d:8f:f5:a5:ce:e1:cc:26:ef:65:0e:6f:38:5a:ee:f8:
fd:ba:4a:b2:c4:b7:61:05:ac:8e:5f:c7:d1:36:cb:97:0c:4f:
45:6f:55:46:47:20:52:2f:bd:5f:af:96:8b:df:c2:b6:16:07:
0e:26:3c:c4
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUWqdv+KlxFDyqttHqsGVXaP7obFIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMDYwMDQwMDVaFw0yNjA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDA3ZTA5MDk1YjczOTU2MThmM2NhZTlmMjgzMDlhOWFhYjhjN2U2NWJkOTZi
ODA2MGRjYmM4YWI5YzRiY2ViYmUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALVhK11IsmhhPNS8E0Ece+jilUkv05c9yH/KKkdWf3lQ5JkGd6SS0i/1Q5pq
CUHUG2mBKtV4VKlatYeMoPK0UkhM4oOwO1kg4iti6yovnIF17MxTHMXz4ZnS6aES
fDKm0fp3YVNpLWu/AaYJfOp3tY40ORWw/T7HhDJ6PoFtMtHywqq00aaZlOzBhC44
LUTcTycr6A1aFJ64mbU6dCd0fyEmHaxtzJxvuPoyGETifxhBQFIRoPO9j3A1ahGR
VgidVmfwTB4WoGUBwQEF0W/1qQM3r6x5n8YrLg/02zjd/lVrxtnS5ESZ6zw9czeO
BxWmXjYBf+wx0Led8tGo3wc/9iMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT2mCj8
HbWjB2YpcmlD/CVgG7+C6zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmFhNWVjMWUtNjFkZC00ZGRiLWEwOGYtMGIyOWNhYjQ4MWUxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAjMQ8DAN
BgkqhkiG9w0BAQsFAAOCAQEAlU4rPov6AGFUVeUVSdHRYFGRygsmmX+iZBmeqxn7
hERv3iaUpD/6mAzazbm7DNU7lJ8tzNhDxSTEnA+YNxTgylpiz9xQ6mdW0e6yGOIK
8DEn4h5YGzlQYe04VTFftmrEgPtBVaeBQtB7ZKBEtNs+xf90Avn3i8ZqFfJyOkwj
wI26qt3sRq6cb+r+p+eB2neLs4pVIywQU9TWW4nMRPC27zB9S5dpMyOq2ekYPpV0
PivD7rH/FwGAdyhR+89/Yk3/J4r3stSL/ENNj/WlzuHMJu9lDm84Wu74/bpKssS3
YQWsjl/H0TbLlwxPRW9VRkcgUi+9X6+Wi9/CthYHDiY8xA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:07:25 2026 by rpki-client