Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/05a39f1a-73ed-434c-b9e0-b1dc5d56a0fd.roa
File: 05a39f1a-73ed-434c-b9e0-b1dc5d56a0fd.roa (raw, json)
Hash identifier: vI6uRl6zQ9Sx/XwtIeXmbFw+8xjKV7RIeu8HmM4gV7Y=
Subject key identifier: 52:93:AA:15:12:9A:CB:AE:AA:A9:F7:BA:74:C8:C0:EF:51:88:DE:2A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 112F263B422F0E1910112C5E7EC9F7D24706BA31
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/05a39f1a-73ed-434c-b9e0-b1dc5d56a0fd.roa
Signing time: Sat 09 May 2026 00:40:04 +0000
ROA not before: Sat 09 May 2026 00:40:04 +0000
ROA not after: Fri 07 Aug 2026 23:59:59 +0000
asID: 14618
IP address blocks: 51.102.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:2f:26:3b:42:2f:0e:19:10:11:2c:5e:7e:c9:f7:d2:47:06:ba:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 9 00:40:04 2026 GMT
Not After : Aug 7 23:59:59 2026 GMT
Subject: serialNumber=7bdbcf0ae96ec43580009d1601c2ee1454b3115617ffcbc09bb4b566daa60e80, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:73:70:3e:9b:fc:f0:09:74:52:7d:f4:21:16:
f5:d4:a7:ca:ae:cb:d5:4c:40:47:03:c2:d4:d1:05:
8d:fd:d5:c6:48:29:05:c6:3c:e6:19:eb:ea:49:79:
2e:ab:b5:cf:5f:5f:ec:33:a2:18:f7:06:a4:77:98:
1a:b9:40:12:8e:35:d8:39:6f:b4:c4:64:2b:3d:7a:
9b:cd:ff:d5:ec:a2:3f:4d:36:94:75:9f:cd:6c:3d:
2c:5d:cc:6f:8e:14:c6:ca:05:ca:b5:a6:13:29:c3:
61:a2:9c:95:ce:bc:af:c6:d9:7c:ed:6f:4d:b2:3d:
8c:8d:ae:fc:7a:2e:0b:0c:72:42:cf:51:15:84:ae:
76:44:52:48:3d:b2:06:15:fa:23:01:d6:b1:d4:33:
4d:aa:bd:e1:54:67:ac:67:4d:3f:c1:70:26:96:e0:
31:fb:84:5b:d2:fa:20:38:05:2b:ac:2d:35:bb:36:
6e:8c:40:72:b8:50:1d:07:25:66:4f:e1:bc:e5:a6:
92:4e:06:09:3f:9f:f9:fd:2a:5c:6f:23:63:02:af:
6d:7e:b1:89:3b:e5:c8:7a:98:ea:82:24:eb:bf:ec:
56:ba:58:f3:cf:97:2b:45:de:1b:8e:a5:c3:95:c7:
09:8d:81:d4:a6:7a:37:42:41:23:ce:fb:47:ff:45:
82:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:93:AA:15:12:9A:CB:AE:AA:A9:F7:BA:74:C8:C0:EF:51:88:DE:2A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/05a39f1a-73ed-434c-b9e0-b1dc5d56a0fd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.102.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a5:01:e9:d8:ca:e3:a6:2e:61:25:d2:ac:df:31:d6:ad:b8:f6:
da:67:45:d9:f9:b1:ab:f3:38:b5:9e:20:c3:a2:7b:6c:08:78:
29:37:9f:0f:43:6a:4c:48:3e:f7:13:22:10:4a:b1:5e:6d:5f:
ec:ff:6f:7d:b0:6f:3f:2d:3f:2e:bc:a0:76:6b:34:90:b3:ba:
8f:61:7b:bb:b7:bc:34:24:a4:3d:20:7a:1f:fe:a1:7d:6f:d2:
f1:ae:61:cd:95:bb:da:5e:24:69:35:98:71:e9:f1:f8:56:02:
4e:41:b3:bd:8c:73:aa:6b:0c:d3:2e:15:c2:31:9a:96:e9:ea:
bc:17:83:af:8c:7c:cd:1c:a8:c3:df:9d:bd:3b:80:f6:30:e9:
a9:55:3a:14:f9:b8:5a:b6:20:08:2f:1e:88:65:f0:f0:38:b4:
ac:8e:a6:51:a2:25:e5:12:18:66:a4:52:80:77:e6:08:a0:40:
93:5d:f7:e9:86:97:cd:6c:6f:55:c5:5a:e2:a3:5a:01:41:43:
8d:55:9c:21:19:0c:2e:be:60:23:a1:90:05:5f:5d:f5:87:79:
6d:df:c6:3a:a8:f9:37:4f:3a:60:c1:b3:4b:b3:70:42:dc:a0:
cb:d5:09:ba:3c:b3:c9:4f:64:10:13:91:d1:7f:0a:50:02:79:
08:c2:89:9f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUES8mO0IvDhkQESxefsn30kcGujEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MDkwMDQwMDRaFw0yNjA4MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDdiZGJjZjBhZTk2ZWM0MzU4MDAwOWQxNjAxYzJlZTE0NTRiMzExNTYxN2Zm
Y2JjMDliYjRiNTY2ZGFhNjBlODAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN1zcD6b/PAJdFJ99CEW9dSnyq7L1UxARwPC1NEFjf3VxkgpBcY85hnr6kl5
Lqu1z19f7DOiGPcGpHeYGrlAEo412DlvtMRkKz16m83/1eyiP002lHWfzWw9LF3M
b44UxsoFyrWmEynDYaKclc68r8bZfO1vTbI9jI2u/HouCwxyQs9RFYSudkRSSD2y
BhX6IwHWsdQzTaq94VRnrGdNP8FwJpbgMfuEW9L6IDgFK6wtNbs2boxAcrhQHQcl
Zk/hvOWmkk4GCT+f+f0qXG8jYwKvbX6xiTvlyHqY6oIk67/sVrpY88+XK0XeG46l
w5XHCY2B1KZ6N0JBI877R/9FgucCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRSk6oV
EprLrqqp97p0yMDvUYjeKjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDVhMzlmMWEtNzNlZC00MzRjLWI5ZTAtYjFkYzVkNTZhMGZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNmMA0G
CSqGSIb3DQEBCwUAA4IBAQClAenYyuOmLmEl0qzfMdatuPbaZ0XZ+bGr8zi1niDD
ontsCHgpN58PQ2pMSD73EyIQSrFebV/s/299sG8/LT8uvKB2azSQs7qPYXu7t7w0
JKQ9IHof/qF9b9LxrmHNlbvaXiRpNZhx6fH4VgJOQbO9jHOqawzTLhXCMZqW6eq8
F4OvjHzNHKjD3529O4D2MOmpVToU+bhatiAILx6IZfDwOLSsjqZRoiXlEhhmpFKA
d+YIoECTXffphpfNbG9VxVrio1oBQUONVZwhGQwuvmAjoZAFX131h3lt38Y6qPk3
TzpgwbNLs3BC3KDL1Qm6PLPJT2QQE5HRfwpQAnkIwomf
-----END CERTIFICATE-----
Generated at Tue May 12 22:23:49 2026 by rpki-client