Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fd04a54b-459a-491a-a013-59d0ed55825f.roa
File: fd04a54b-459a-491a-a013-59d0ed55825f.roa (raw, json)
Hash identifier: jso4Pqp6bzvHxJCWT0iq35+qmLlbJIXPqb3NTZhtQYs=
Subject key identifier: 4A:D1:9B:88:C5:A1:B4:BD:D3:7D:7D:76:8F:B6:F0:56:F3:1B:DA:C9
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 53CF872B1AEF2AD9A4D0876BB0CAFA61F1BC2B23
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fd04a54b-459a-491a-a013-59d0ed55825f.roa
Signing time: Tue 19 May 2026 05:50:09 +0000
ROA not before: Tue 19 May 2026 05:50:09 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.131.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:cf:87:2b:1a:ef:2a:d9:a4:d0:87:6b:b0:ca:fa:61:f1:bc:2b:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 05:50:09 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=aa296fc724cd11a1367bef751288be1e4fbfc4014a3992023c2f5837c8a5d2fe, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:22:0f:4d:88:58:b2:2c:f3:36:e9:69:e0:02:
32:1a:8d:b2:9e:e3:02:39:59:11:0e:e1:b4:60:49:
f4:f1:77:4c:81:15:9a:2d:1f:87:8f:75:83:b4:ce:
a7:9b:cd:a2:c8:ce:55:a9:e4:75:0b:37:80:3b:de:
d2:fe:0f:8e:71:28:54:04:f7:0e:6b:5d:51:cf:99:
d8:79:2a:6f:a7:d2:ab:a4:04:dd:cc:20:6e:d3:10:
8c:9f:b6:e2:8a:db:06:9b:a0:7c:bb:40:64:63:74:
0c:14:19:69:9a:cb:ab:af:5c:74:68:54:4d:cb:b7:
44:ac:7b:42:a2:c2:31:7b:52:8d:75:d2:97:16:c4:
7b:55:19:23:49:37:0a:7a:f1:aa:ea:5a:1c:2d:27:
d3:90:08:4c:29:27:81:fc:04:d0:27:74:b6:e0:72:
fb:06:47:2a:e6:ad:4b:11:41:1c:bc:df:11:66:46:
8e:d8:07:d0:3b:ef:b0:73:b7:c7:53:d6:48:9f:3c:
0e:c8:1a:1e:57:0e:cc:b8:a9:1f:92:e5:94:bc:b9:
95:46:07:1f:eb:7f:48:7f:e1:39:69:8f:96:57:72:
9c:02:0e:84:3e:8b:7a:0f:aa:13:f9:e5:52:8f:94:
22:ee:34:47:e8:ee:59:2f:0a:a5:3d:f2:be:45:23:
7f:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:D1:9B:88:C5:A1:B4:BD:D3:7D:7D:76:8F:B6:F0:56:F3:1B:DA:C9
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fd04a54b-459a-491a-a013-59d0ed55825f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.131.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5f:e1:6d:c2:81:6e:fb:42:6b:e4:18:c8:52:0c:04:02:00:5c:
d3:87:9c:e1:44:2e:46:5f:98:d5:86:9b:e6:f2:78:c7:67:67:
bf:85:94:96:d0:bd:45:e0:f2:5d:0b:89:ae:59:eb:aa:3f:6d:
89:aa:86:a3:a8:b2:2b:bf:76:d6:d4:21:e4:99:c3:87:8a:3a:
00:79:17:2b:77:65:e6:ef:12:4a:ea:d1:33:12:d2:1a:63:96:
73:41:23:3c:ee:f9:50:8b:ee:01:1c:9b:68:09:63:e0:1d:75:
4c:10:32:c8:d6:73:d9:17:43:4d:d1:e1:72:1c:c3:07:ef:3c:
70:35:ee:59:8d:85:86:c8:1f:42:eb:9d:02:a6:4d:29:8d:b7:
d9:1a:b3:65:f4:ab:eb:45:b7:4d:33:50:29:34:8f:35:ed:fb:
03:2f:7e:bc:17:5d:c8:eb:eb:f2:c5:7d:66:81:71:a2:5b:b6:
9b:46:b8:19:54:25:15:1b:26:dc:28:c6:18:73:0b:21:09:af:
03:25:b9:5a:f2:6b:2e:55:63:65:ba:5f:0e:b4:ad:dc:be:a8:
36:4c:d5:01:dd:53:b3:5a:0e:ae:e6:3d:37:de:e9:8f:8c:47:
c5:17:5a:65:4e:f2:d7:f5:8f:85:6c:24:44:f6:14:cc:ca:a0:
22:93:c3:da
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUU8+HKxrvKtmk0IdrsMr6YfG8KyMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNTUwMDlaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGFhMjk2ZmM3MjRjZDExYTEzNjdiZWY3NTEyODhiZTFlNGZiZmM0MDE0YTM5
OTIwMjNjMmY1ODM3YzhhNWQyZmUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKkiD02IWLIs8zbpaeACMhqNsp7jAjlZEQ7htGBJ9PF3TIEVmi0fh491g7TO
p5vNosjOVankdQs3gDve0v4PjnEoVAT3DmtdUc+Z2Hkqb6fSq6QE3cwgbtMQjJ+2
4orbBpugfLtAZGN0DBQZaZrLq69cdGhUTcu3RKx7QqLCMXtSjXXSlxbEe1UZI0k3
CnrxqupaHC0n05AITCkngfwE0Cd0tuBy+wZHKuatSxFBHLzfEWZGjtgH0DvvsHO3
x1PWSJ88DsgaHlcOzLipH5LllLy5lUYHH+t/SH/hOWmPlldynAIOhD6Leg+qE/nl
Uo+UIu40R+juWS8KpT3yvkUjf/0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRK0ZuI
xaG0vdN9fXaPtvBW8xvayTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmQwNGE1NGItNDU5YS00OTFhLWEwMTMtNTlkMGVkNTU4MjVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADODMA0G
CSqGSIb3DQEBCwUAA4IBAQBf4W3CgW77QmvkGMhSDAQCAFzTh5zhRC5GX5jVhpvm
8njHZ2e/hZSW0L1F4PJdC4muWeuqP22JqoajqLIrv3bW1CHkmcOHijoAeRcrd2Xm
7xJK6tEzEtIaY5ZzQSM87vlQi+4BHJtoCWPgHXVMEDLI1nPZF0NN0eFyHMMH7zxw
Ne5ZjYWGyB9C650Cpk0pjbfZGrNl9KvrRbdNM1ApNI817fsDL368F13I6+vyxX1m
gXGiW7abRrgZVCUVGybcKMYYcwshCa8DJbla8msuVWNlul8OtK3cvqg2TNUB3VOz
Wg6u5j033umPjEfFF1plTvLX9Y+FbCRE9hTMyqAik8Pa
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:13:21 2026 by rpki-client