Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/70bc7703-020e-4153-b340-cced3a436951.roa
File: 70bc7703-020e-4153-b340-cced3a436951.roa (raw, json)
Hash identifier: de3Vx4/8VAgRr3Pl00DYSZ0tzjsglP0xLTvds0YLfG8=
Subject key identifier: 5C:69:D7:92:E2:BE:46:62:2E:84:AE:F0:5F:2A:50:17:C3:31:B1:3F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 30CF63612A8A84119328EC33C0BDCCB05407A2A9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/70bc7703-020e-4153-b340-cced3a436951.roa
Signing time: Mon 27 Apr 2026 00:40:08 +0000
ROA not before: Mon 27 Apr 2026 00:40:08 +0000
ROA not after: Sun 26 Jul 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.96.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:cf:63:61:2a:8a:84:11:93:28:ec:33:c0:bd:cc:b0:54:07:a2:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 27 00:40:08 2026 GMT
Not After : Jul 26 23:59:59 2026 GMT
Subject: serialNumber=84e3d3f2463d2b501159c0876808c649b4571631bc5587957dc68ff9177290b3, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:be:1f:05:3d:69:33:3c:69:44:b1:28:da:a2:
0e:eb:b0:cb:27:1b:f8:c7:30:ba:78:2a:a5:87:b0:
eb:63:b7:10:9d:05:50:b3:5e:0b:3f:09:12:e6:3a:
81:8c:dc:4d:03:f9:05:c2:96:01:d3:5e:2e:1d:e9:
64:64:e2:da:68:e3:88:87:7c:a1:ce:f6:51:96:bf:
26:ec:69:24:b6:67:76:f9:31:fa:ec:b2:4b:3d:36:
dd:48:24:44:c2:a3:f5:47:dc:d4:e0:89:26:b5:a9:
a6:ec:7a:4d:96:04:0d:89:ba:80:6b:dc:1d:e1:f3:
85:8b:42:44:15:81:6b:a5:44:59:02:87:8d:45:64:
ff:f2:7a:4b:9d:77:a8:9b:a7:dc:f6:79:0e:8b:ff:
e4:81:aa:2b:cd:31:6c:72:fe:a9:8b:8f:e6:05:e1:
6f:75:98:39:3a:89:1b:33:62:df:b3:4f:02:c8:8c:
0a:a1:2d:15:66:a0:57:a4:fa:9e:72:a0:c4:55:04:
4a:81:52:7d:3a:0b:6a:19:95:0a:14:42:7e:ae:e1:
29:7b:bb:d8:99:4c:af:6d:7a:42:be:20:80:47:46:
01:03:96:d3:a9:28:30:6f:c7:ef:c3:0d:5b:06:a9:
7a:71:20:2e:12:02:2c:aa:f0:6c:2d:f3:70:78:f6:
c2:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:69:D7:92:E2:BE:46:62:2E:84:AE:F0:5F:2A:50:17:C3:31:B1:3F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/70bc7703-020e-4153-b340-cced3a436951.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.96.0.0/16
Signature Algorithm: sha256WithRSAEncryption
89:45:04:67:e9:ab:2c:95:de:61:0d:22:a9:8d:f7:a8:3c:0f:
c4:43:ec:93:e3:bd:ca:99:e1:d7:12:86:22:2f:09:7b:82:5b:
f6:3a:13:59:d6:05:63:0a:6d:5f:14:76:80:15:ec:53:5f:c4:
75:88:92:ee:89:07:a9:54:29:f8:39:42:37:24:52:7a:33:5c:
73:78:21:3a:16:d6:15:e4:26:b6:9f:9f:d5:ab:71:ed:77:64:
7f:12:cd:40:fd:4c:f3:ac:72:47:60:68:de:38:91:81:cc:38:
51:1f:df:66:ab:39:0c:b4:97:ec:6d:b7:ee:e7:cf:98:c2:90:
18:2f:dc:72:8f:d9:09:6f:9f:69:40:60:2f:b6:b7:ca:7d:3e:
77:b4:88:b9:d0:73:e3:d4:f0:a9:cf:89:a7:15:88:ce:88:f9:
dd:78:b8:87:40:9a:88:4f:3a:23:f0:b3:db:02:20:6a:3f:a9:
54:74:9b:45:17:7f:38:8b:dc:99:bf:4c:74:41:de:8d:3c:18:
7e:a2:f6:43:bb:72:b7:9d:8c:95:e0:20:e4:af:ef:0b:a7:cd:
e1:8c:41:54:12:6a:64:aa:d5:e0:0f:26:0a:09:6a:fd:6f:be:
10:4c:34:56:5f:7a:56:1b:33:b8:a8:10:e8:69:3b:03:25:71:
c9:cc:03:da
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUMM9jYSqKhBGTKOwzwL3MsFQHoqkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA0MjcwMDQwMDhaFw0yNjA3MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDg0ZTNkM2YyNDYzZDJiNTAxMTU5YzA4NzY4MDhjNjQ5YjQ1NzE2MzFiYzU1
ODc5NTdkYzY4ZmY5MTc3MjkwYjMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALe+HwU9aTM8aUSxKNqiDuuwyycb+McwungqpYew62O3EJ0FULNeCz8JEuY6
gYzcTQP5BcKWAdNeLh3pZGTi2mjjiId8oc72UZa/JuxpJLZndvkx+uyySz023Ugk
RMKj9Ufc1OCJJrWppux6TZYEDYm6gGvcHeHzhYtCRBWBa6VEWQKHjUVk//J6S513
qJun3PZ5Dov/5IGqK80xbHL+qYuP5gXhb3WYOTqJGzNi37NPAsiMCqEtFWagV6T6
nnKgxFUESoFSfToLahmVChRCfq7hKXu72JlMr216Qr4ggEdGAQOW06koMG/H78MN
WwapenEgLhICLKrwbC3zcHj2wqsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRcadeS
4r5GYi6ErvBfKlAXwzGxPzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzBiYzc3MDMtMDIwZS00MTUzLWIzNDAtY2NlZDNhNDM2OTUxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNgMA0G
CSqGSIb3DQEBCwUAA4IBAQCJRQRn6assld5hDSKpjfeoPA/EQ+yT473KmeHXEoYi
Lwl7glv2OhNZ1gVjCm1fFHaAFexTX8R1iJLuiQepVCn4OUI3JFJ6M1xzeCE6FtYV
5Ca2n5/Vq3Htd2R/Es1A/UzzrHJHYGjeOJGBzDhRH99mqzkMtJfsbbfu58+YwpAY
L9xyj9kJb59pQGAvtrfKfT53tIi50HPj1PCpz4mnFYjOiPndeLiHQJqITzoj8LPb
AiBqP6lUdJtFF384i9yZv0x0Qd6NPBh+ovZDu3K3nYyV4CDkr+8Lp83hjEFUEmpk
qtXgDyYKCWr9b74QTDRWX3pWGzO4qBDoaTsDJXHJzAPa
-----END CERTIFICATE-----
Generated at Tue May 12 23:53:02 2026 by rpki-client