Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4a1cdc-1f22-4e81-a455-f69665f973f0.roa
File: fe4a1cdc-1f22-4e81-a455-f69665f973f0.roa (raw, json)
Hash identifier: u5YFWpqj0/8oBRBh7gpkC5NXsEngKly6Dr7VxiZAEWE=
Subject key identifier: EE:C1:54:58:CB:AD:DD:4A:DB:D1:C2:FD:B3:CF:81:20:EE:CB:76:D9
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 729ED72F61392CCB10A3C008C5E913ADC3342AE6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4a1cdc-1f22-4e81-a455-f69665f973f0.roa
Signing time: Sat 28 Feb 2026 06:40:43 +0000
ROA not before: Sat 28 Feb 2026 06:40:43 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.184.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:9e:d7:2f:61:39:2c:cb:10:a3:c0:08:c5:e9:13:ad:c3:34:2a:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 28 06:40:43 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=faf05e9122c8f2c1a657308986e2d730507382930eb0095b8be4efbeb3e4e025, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:b1:8d:d1:7b:1f:9b:52:ad:97:91:44:fb:72:
06:15:b7:88:9f:31:63:88:0e:21:01:f6:22:ee:8c:
2c:7f:a3:7b:29:40:02:6d:df:6a:e8:c6:5f:a8:5b:
ea:62:2e:15:53:cf:2d:fa:73:64:81:67:8b:9e:9b:
a0:f5:97:27:e5:32:f1:87:40:74:13:93:96:59:e7:
1e:c8:6d:35:cd:e4:63:f8:f1:b9:7a:42:9e:7e:f1:
28:78:35:3d:9a:12:6b:2c:b7:08:04:19:1b:48:44:
28:d7:fa:33:b8:02:f0:e5:17:36:34:65:2d:13:96:
2a:78:ae:48:91:12:55:d4:bb:6d:83:cb:14:d5:c9:
d9:21:d2:32:1a:3b:a0:27:a8:0f:be:98:f4:9d:82:
23:4a:76:f3:63:52:88:e5:b8:ba:b9:97:69:a6:e8:
6e:a7:b6:b3:97:cd:90:e2:ab:2c:f4:27:6d:e1:a4:
98:51:e2:c7:e2:9a:6c:6a:16:d6:c9:38:62:ce:8c:
d0:6f:d4:4f:c3:7e:65:4c:e1:8d:4b:55:1c:b0:f6:
e7:92:22:71:17:03:98:82:8c:45:dd:0d:5a:0d:ee:
4e:57:a5:a0:36:28:a5:dc:41:67:f3:9b:60:18:9a:
2e:2d:17:dc:cb:6a:48:16:11:d1:e1:0d:4f:83:a0:
c7:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:C1:54:58:CB:AD:DD:4A:DB:D1:C2:FD:B3:CF:81:20:EE:CB:76:D9
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4a1cdc-1f22-4e81-a455-f69665f973f0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.184.0.0/15
Signature Algorithm: sha256WithRSAEncryption
29:3d:d5:9a:14:4b:a8:71:05:f6:44:a5:6f:94:a5:47:35:f5:
c8:24:fb:64:4c:a9:79:7c:13:b7:02:fe:59:a6:68:40:0b:36:
71:be:d7:0c:15:5c:0a:60:a8:a8:a4:3a:12:72:f6:96:a2:ea:
a6:f4:4e:dd:46:1a:d2:b3:e8:c7:94:2f:9a:b5:58:68:da:38:
29:21:b8:51:c6:3e:9a:be:39:b6:37:d1:e1:c3:fd:d1:fc:e0:
46:ff:46:84:ca:c5:78:f0:51:91:76:e6:54:32:57:cc:75:d8:
ee:dd:76:b8:2c:d6:ea:f7:e4:f5:0f:fa:e5:56:af:46:26:51:
ad:c3:c1:58:d1:9a:08:ec:41:ba:93:b3:41:f9:10:43:11:09:
aa:1f:2e:51:49:02:5b:3e:08:12:e6:98:1a:8f:39:7a:86:f8:
b4:04:03:2f:29:b3:68:6c:f4:25:be:c8:35:71:2b:1f:27:a3:
db:4b:d9:1b:5b:be:b9:dd:1c:fb:ec:47:9e:a2:a6:44:6f:ec:
d9:a9:e0:27:6f:d5:f7:20:44:7a:2e:83:07:67:5c:bc:3b:24:
b8:c3:38:6c:6d:9b:88:22:22:c4:93:87:96:7e:af:8d:87:60:
24:8e:84:fa:32:c3:58:f6:c6:11:29:8e:49:b9:9f:34:ef:2a:
89:9e:30:7d
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUcp7XL2E5LMsQo8AIxekTrcM0KuYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMjgwNjQwNDNaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGZhZjA1ZTkxMjJjOGYyYzFhNjU3MzA4OTg2ZTJkNzMwNTA3MzgyOTMwZWIw
MDk1YjhiZTRlZmJlYjNlNGUwMjUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJWxjdF7H5tSrZeRRPtyBhW3iJ8xY4gOIQH2Iu6MLH+jeylAAm3faujGX6hb
6mIuFVPPLfpzZIFni56boPWXJ+Uy8YdAdBOTllnnHshtNc3kY/jxuXpCnn7xKHg1
PZoSayy3CAQZG0hEKNf6M7gC8OUXNjRlLROWKniuSJESVdS7bYPLFNXJ2SHSMho7
oCeoD76Y9J2CI0p282NSiOW4urmXaabobqe2s5fNkOKrLPQnbeGkmFHix+KabGoW
1sk4Ys6M0G/UT8N+ZUzhjUtVHLD255IicRcDmIKMRd0NWg3uTleloDYopdxBZ/Ob
YBiaLi0X3MtqSBYR0eENT4Ogx0UCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTuwVRY
y63dStvRwv2zz4Eg7st22TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmU0YTFjZGMtMWYyMi00ZTgxLWE0NTUtZjY5NjY1Zjk3M2YwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATO4MA0G
CSqGSIb3DQEBCwUAA4IBAQApPdWaFEuocQX2RKVvlKVHNfXIJPtkTKl5fBO3Av5Z
pmhACzZxvtcMFVwKYKiopDoScvaWouqm9E7dRhrSs+jHlC+atVho2jgpIbhRxj6a
vjm2N9Hhw/3R/OBG/0aEysV48FGRduZUMlfMddju3Xa4LNbq9+T1D/rlVq9GJlGt
w8FY0ZoI7EG6k7NB+RBDEQmqHy5RSQJbPggS5pgajzl6hvi0BAMvKbNobPQlvsg1
cSsfJ6PbS9kbW7653Rz77EeeoqZEb+zZqeAnb9X3IER6LoMHZ1y8OyS4wzhsbZuI
IiLEk4eWfq+Nh2AkjoT6MsNY9sYRKY5JuZ807yqJnjB9
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:54:17 2026 by rpki-client