Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc353215-935f-47d2-9298-767ccc0eae1a.roa
File: fc353215-935f-47d2-9298-767ccc0eae1a.roa (raw, json)
Hash identifier: 2zovZZFYf1Gj+yjvlo96w45PsELpZMPllkGwfOjeoUM=
Subject key identifier: 83:2E:2A:4C:AE:C4:1C:71:77:82:AC:51:A1:E8:7C:A9:AB:69:60:C6
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 51EBDDE4288B110A4F5520883B82D2113D4C55B2
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc353215-935f-47d2-9298-767ccc0eae1a.roa
Signing time: Sat 28 Feb 2026 06:40:48 +0000
ROA not before: Sat 28 Feb 2026 06:40:48 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 85.151.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:eb:dd:e4:28:8b:11:0a:4f:55:20:88:3b:82:d2:11:3d:4c:55:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 28 06:40:48 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=f047a48459bb8edeb06554b47cde91953c3162e7dec9f8934624ebf46ecbd021, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:b7:e8:a0:1d:23:8c:1f:81:21:1c:80:ee:41:
38:d1:e1:db:b8:20:c2:7e:e7:d5:48:5f:bd:80:f2:
91:1b:d4:26:79:e2:8f:6f:74:c3:10:7b:ff:77:40:
01:3f:d3:7c:13:6f:a1:b0:d9:13:85:0d:c2:c2:97:
3e:a5:2d:85:f8:41:45:ca:44:8c:b5:a0:6b:20:47:
e2:49:9b:8d:95:35:29:12:c1:1c:a8:93:bd:ca:7e:
e4:c1:12:34:15:25:03:b8:cf:76:c8:b9:ef:4c:95:
f3:60:ab:e7:3b:cd:3d:10:6c:9d:90:83:6f:9c:c1:
92:a4:eb:eb:8d:01:8b:8a:57:6d:a4:b2:38:dc:da:
b1:4a:29:43:ed:a7:1c:c7:97:38:97:15:5f:45:35:
97:93:03:5e:75:7c:ee:2b:41:13:e2:54:8f:41:47:
0a:23:51:9a:eb:f6:a0:38:e8:0b:d3:bb:ac:c7:e3:
d6:fe:b3:8c:28:a7:f6:c9:25:0a:77:af:2b:23:56:
48:d2:d7:33:4f:26:7e:8a:13:1c:52:d7:b3:d8:84:
6e:55:68:ff:57:ba:88:c1:cd:03:39:37:a1:ba:04:
48:6d:2d:92:1b:04:13:ca:65:79:5d:09:06:03:bf:
50:2c:05:40:77:67:75:47:4e:5e:0c:39:7b:9e:74:
55:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:2E:2A:4C:AE:C4:1C:71:77:82:AC:51:A1:E8:7C:A9:AB:69:60:C6
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc353215-935f-47d2-9298-767ccc0eae1a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.151.0.0/16
Signature Algorithm: sha256WithRSAEncryption
bf:0e:42:bc:e6:e6:68:59:20:c4:b8:c5:eb:a1:30:15:f5:47:
e2:39:8d:3f:e1:8d:4c:98:8f:41:29:e9:58:d9:26:2f:80:9e:
f1:a7:b6:f9:9f:10:2d:88:4e:3f:66:a6:c6:34:cf:7c:ae:81:
ba:c3:28:60:2a:b0:26:54:e3:bc:9a:b3:23:ce:c7:15:f6:e5:
5d:53:fb:6c:d9:72:e3:ff:19:3b:1c:ed:a0:23:6d:fe:3f:40:
da:ff:e0:c2:c1:3f:a0:b5:fe:fe:e9:52:be:c4:39:f6:dc:ab:
4e:f9:bf:e1:55:77:9c:e3:79:e0:70:93:d2:4e:ac:cd:98:ac:
18:bc:3c:fa:e9:c6:a8:54:c8:c1:31:a4:3d:25:4e:4a:44:b5:
ed:22:99:f0:0b:2f:b0:65:fa:64:a8:d6:4a:92:29:3f:20:02:
b4:38:17:75:bb:f2:d4:53:2e:8a:4b:1f:71:76:4d:5d:8e:5e:
f6:92:ad:3e:38:11:93:07:e9:2b:fa:6e:9f:26:55:38:f2:80:
2f:1a:69:2b:0a:7c:76:c0:73:fe:c1:fb:f2:cd:7c:ce:f0:2d:
52:f5:ec:f3:81:19:0b:a9:b8:41:9f:15:e1:ca:67:e3:b7:26:
0c:3c:ca:fb:d4:6a:a3:7f:83:51:fe:32:a3:c5:2a:6d:55:65:
0e:22:b0:3f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUUevd5CiLEQpPVSCIO4LSET1MVbIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMjgwNjQwNDhaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGYwNDdhNDg0NTliYjhlZGViMDY1NTRiNDdjZGU5MTk1M2MzMTYyZTdkZWM5
Zjg5MzQ2MjRlYmY0NmVjYmQwMjExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKG36KAdI4wfgSEcgO5BONHh27ggwn7n1UhfvYDykRvUJnnij290wxB7/3dA
AT/TfBNvobDZE4UNwsKXPqUthfhBRcpEjLWgayBH4kmbjZU1KRLBHKiTvcp+5MES
NBUlA7jPdsi570yV82Cr5zvNPRBsnZCDb5zBkqTr640Bi4pXbaSyONzasUopQ+2n
HMeXOJcVX0U1l5MDXnV87itBE+JUj0FHCiNRmuv2oDjoC9O7rMfj1v6zjCin9skl
CnevKyNWSNLXM08mfooTHFLXs9iEblVo/1e6iMHNAzk3oboESG0tkhsEE8pleV0J
BgO/UCwFQHdndUdOXgw5e550VYECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSDLipM
rsQccXeCrFGh6Hypq2lgxjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmMzNTMyMTUtOTM1Zi00N2QyLTkyOTgtNzY3Y2NjMGVhZTFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAFWXMA0G
CSqGSIb3DQEBCwUAA4IBAQC/DkK85uZoWSDEuMXroTAV9UfiOY0/4Y1MmI9BKelY
2SYvgJ7xp7b5nxAtiE4/ZqbGNM98roG6wyhgKrAmVOO8mrMjzscV9uVdU/ts2XLj
/xk7HO2gI23+P0Da/+DCwT+gtf7+6VK+xDn23KtO+b/hVXec43ngcJPSTqzNmKwY
vDz66caoVMjBMaQ9JU5KRLXtIpnwCy+wZfpkqNZKkik/IAK0OBd1u/LUUy6KSx9x
dk1djl72kq0+OBGTB+kr+m6fJlU48oAvGmkrCnx2wHP+wfvyzXzO8C1S9ezzgRkL
qbhBnxXhymfjtyYMPMr71Gqjf4NR/jKjxSptVWUOIrA/
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:37:07 2026 by rpki-client