Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44bb00cc-3dee-4cf6-8de9-2febfa0f0f6d.roa
File: 44bb00cc-3dee-4cf6-8de9-2febfa0f0f6d.roa (raw, json)
Hash identifier: 86d6PcChpByHlFWeUoOyAAgamzkKjvOjJUK9hbQRIeg=
Subject key identifier: 68:AF:6D:7A:09:37:F7:98:23:8E:71:84:9B:7E:69:1B:2D:AE:7C:45
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 65AE4AFDF0C4A2844AC2FE4AA4419011C0766285
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44bb00cc-3dee-4cf6-8de9-2febfa0f0f6d.roa
Signing time: Mon 04 May 2026 15:30:24 +0000
ROA not before: Mon 04 May 2026 15:30:24 +0000
ROA not after: Sun 02 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.244.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:ae:4a:fd:f0:c4:a2:84:4a:c2:fe:4a:a4:41:90:11:c0:76:62:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 4 15:30:24 2026 GMT
Not After : Aug 2 23:59:59 2026 GMT
Subject: serialNumber=57533b15f17314e216cf376620f7abba36cce25ae639d94be50b12d69447dcf6, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:93:1b:3d:d4:7d:87:78:52:d6:5e:a9:4d:86:
71:00:c9:d5:40:3a:6a:fc:f5:f9:31:9c:4d:66:89:
19:7f:fb:68:12:22:65:12:01:2e:b7:c6:8f:13:fe:
35:e7:be:49:c0:f4:1c:1d:5f:44:82:7f:c8:a5:04:
16:c6:ea:7c:f5:97:47:86:8d:d4:e4:22:28:ee:53:
44:b7:88:6b:4e:8c:b8:87:1f:b5:18:8b:a4:a5:a8:
97:e0:4a:2f:eb:d5:9d:d5:e9:41:58:40:3b:d0:ec:
3b:f9:c6:89:16:f0:44:10:81:dc:e8:04:83:64:bd:
9a:2a:ef:c9:d1:3a:f5:42:fa:38:78:da:bf:f5:4c:
9c:cf:4b:c0:75:ce:16:23:e6:1c:10:b2:b0:69:b9:
51:e6:2e:ea:47:21:fe:f6:c7:c9:e4:68:39:bd:74:
7d:13:78:5c:44:87:3f:69:37:06:32:96:69:e2:d4:
b4:61:1b:20:72:40:63:c1:82:1e:dc:52:16:e7:87:
fa:1a:4b:20:8a:ee:51:cb:aa:6e:85:22:d0:55:11:
31:2e:54:3d:15:a6:50:61:8b:2f:97:2a:b8:97:c5:
cd:af:da:ae:3d:37:2c:78:dc:4d:01:d5:17:06:58:
b5:a9:bb:4c:55:34:77:47:a7:6e:0c:0d:48:f4:1c:
a1:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:AF:6D:7A:09:37:F7:98:23:8E:71:84:9B:7E:69:1B:2D:AE:7C:45
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44bb00cc-3dee-4cf6-8de9-2febfa0f0f6d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.244.0.0/15
Signature Algorithm: sha256WithRSAEncryption
2d:56:e3:2e:e7:00:2e:3d:e9:c0:80:09:b1:cf:fd:99:2c:9b:
d7:52:35:f2:8d:91:e2:e3:96:a0:87:b7:25:e6:10:57:bb:bb:
8e:46:9e:49:b2:29:d4:9f:1f:78:e8:6b:7e:89:c4:92:e0:60:
91:76:62:70:65:ce:53:d0:23:cf:b5:cb:dc:46:6f:f5:09:95:
5a:37:5a:d7:0e:e3:49:a7:87:27:3b:9a:30:f1:64:6d:f5:d5:
e3:a2:85:0f:f5:4b:c9:58:9f:d6:ca:37:04:9a:ea:01:19:09:
23:ae:48:eb:4a:86:94:ae:34:c4:62:92:3d:71:be:d0:a5:fc:
21:8e:8d:ab:e9:e8:3a:c6:5b:17:64:1a:a0:4e:45:e3:c4:9b:
2e:39:b4:fd:86:23:1b:f0:cf:03:39:af:12:f6:8c:ad:96:23:
f6:90:3b:3e:6a:55:b4:f6:95:58:6c:a0:96:44:0a:30:71:ba:
9c:a6:09:f4:d4:d1:9f:7a:01:37:4b:14:f1:cf:02:3e:2b:60:
cd:3a:5a:92:80:9f:d2:83:dd:32:bc:88:00:c3:05:58:a8:ff:
fc:2a:b2:f8:b3:db:d6:fa:58:fd:a6:79:77:a6:a2:ba:be:f0:
4b:a3:71:4e:30:f7:d9:bb:ba:36:59:13:53:3d:10:df:67:5d:
d2:dd:79:66
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUZa5K/fDEooRKwv5KpEGQEcB2YoUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MDQxNTMwMjRaFw0yNjA4MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDU3NTMzYjE1ZjE3MzE0ZTIxNmNmMzc2NjIwZjdhYmJhMzZjY2UyNWFlNjM5
ZDk0YmU1MGIxMmQ2OTQ0N2RjZjYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMiTGz3UfYd4UtZeqU2GcQDJ1UA6avz1+TGcTWaJGX/7aBIiZRIBLrfGjxP+
Nee+ScD0HB1fRIJ/yKUEFsbqfPWXR4aN1OQiKO5TRLeIa06MuIcftRiLpKWol+BK
L+vVndXpQVhAO9DsO/nGiRbwRBCB3OgEg2S9mirvydE69UL6OHjav/VMnM9LwHXO
FiPmHBCysGm5UeYu6kch/vbHyeRoOb10fRN4XESHP2k3BjKWaeLUtGEbIHJAY8GC
HtxSFueH+hpLIIruUcuqboUi0FURMS5UPRWmUGGLL5cquJfFza/arj03LHjcTQHV
FwZYtam7TFU0d0enbgwNSPQcoUMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRor216
CTf3mCOOcYSbfmkbLa58RTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDRiYjAwY2MtM2RlZS00Y2Y2LThkZTktMmZlYmZhMGYwZjZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATP0MA0G
CSqGSIb3DQEBCwUAA4IBAQAtVuMu5wAuPenAgAmxz/2ZLJvXUjXyjZHi45agh7cl
5hBXu7uORp5JsinUnx946Gt+icSS4GCRdmJwZc5T0CPPtcvcRm/1CZVaN1rXDuNJ
p4cnO5ow8WRt9dXjooUP9UvJWJ/WyjcEmuoBGQkjrkjrSoaUrjTEYpI9cb7Qpfwh
jo2r6eg6xlsXZBqgTkXjxJsuObT9hiMb8M8DOa8S9oytliP2kDs+alW09pVYbKCW
RAowcbqcpgn01NGfegE3SxTxzwI+K2DNOlqSgJ/Sg90yvIgAwwVYqP/8KrL4s9vW
+lj9pnl3pqK6vvBLo3FOMPfZu7o2WRNTPRDfZ13S3Xlm
-----END CERTIFICATE-----
Generated at Wed May 13 01:28:49 2026 by rpki-client