Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9c5a1a14-73c1-4c49-8b22-7d10c4379e08.roa
File: 9c5a1a14-73c1-4c49-8b22-7d10c4379e08.roa (raw, json)
Hash identifier: gSglQvVtlJTzGFYfSOs7H/QfKKd5MIN5kMkWRWiJy9Q=
Subject key identifier: 34:9F:5C:6A:70:43:35:3C:7C:6E:69:D9:3A:09:65:17:0B:C0:35:83
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 039E0B98D781461099D33EBA958137C20509BB4A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9c5a1a14-73c1-4c49-8b22-7d10c4379e08.roa
Signing time: Mon 04 May 2026 15:30:09 +0000
ROA not before: Mon 04 May 2026 15:30:09 +0000
ROA not after: Sun 02 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.70.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:9e:0b:98:d7:81:46:10:99:d3:3e:ba:95:81:37:c2:05:09:bb:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 4 15:30:09 2026 GMT
Not After : Aug 2 23:59:59 2026 GMT
Subject: serialNumber=de9a09ebef119ab69290a9cddddf198e7767f095561573d7761f78fc413d1913, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:17:94:cc:fa:70:fb:9a:42:87:36:6e:a9:a0:
21:d8:46:6d:2c:32:a7:69:44:72:dc:95:53:49:cd:
9d:48:e1:58:57:f1:57:2b:62:6c:15:a5:22:01:95:
24:53:49:f6:1a:37:37:52:c0:ea:05:4e:4d:f1:0f:
25:5f:fb:4e:f4:b4:3e:db:2f:ee:fc:3d:05:ca:fc:
de:84:ca:a4:1e:4c:46:fe:61:08:2f:40:5d:50:d8:
cc:66:c9:e9:b3:2c:20:94:83:2e:92:da:24:6e:de:
41:8e:f5:72:45:16:41:2b:7e:37:73:48:db:ff:81:
3a:73:bb:20:00:77:b5:ac:44:66:8d:1e:fe:43:ad:
fa:41:e6:03:72:1b:ec:03:72:38:be:dd:60:b1:86:
7f:b8:31:fb:2a:e1:1e:49:dc:a7:5c:c4:55:3d:99:
b1:d7:97:5c:16:9f:dd:8b:ff:eb:a4:49:ff:65:88:
e1:5c:9c:6c:b9:ac:a1:65:1c:40:8e:ac:e7:38:fb:
eb:6b:b4:0b:4a:fd:bf:01:76:5b:6c:cf:eb:a3:75:
77:34:e2:24:ff:9e:2a:60:78:38:ff:e8:ed:63:dd:
92:20:de:7c:17:40:ce:84:4b:3d:15:f7:df:85:b8:
d3:09:82:9f:b9:ae:12:9e:c5:82:30:96:c7:b5:35:
79:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:9F:5C:6A:70:43:35:3C:7C:6E:69:D9:3A:09:65:17:0B:C0:35:83
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9c5a1a14-73c1-4c49-8b22-7d10c4379e08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.70.0.0/16
Signature Algorithm: sha256WithRSAEncryption
35:61:36:4c:f9:6d:87:75:9f:88:ec:72:10:96:d0:fe:06:34:
cd:41:48:94:e6:30:bb:35:e4:90:fa:a8:ed:3b:3d:c4:cf:5d:
93:03:ec:fb:a3:36:7e:14:74:59:48:6b:d3:e9:17:37:eb:5c:
57:82:2d:00:c9:3f:9b:d4:3f:76:e5:fe:bb:d3:ff:7c:f2:5d:
ec:c5:a0:37:f3:12:bc:dc:34:31:13:fd:cd:90:91:c7:34:1f:
de:59:9a:1a:92:86:b0:43:84:ab:28:3b:d7:d2:a7:c7:97:84:
14:55:55:c2:21:7b:d4:77:8e:bc:db:8e:ce:bb:19:69:58:2f:
27:9b:1c:43:9c:a1:05:04:8e:96:aa:0d:cd:be:8b:0c:b0:40:
be:9f:43:79:ed:5d:88:25:25:04:83:81:0d:79:a3:12:0b:aa:
45:32:8b:db:ae:27:c2:6e:ba:17:b3:b0:e5:12:67:63:82:01:
c9:59:b5:93:a2:de:db:f3:b7:0f:93:40:9f:79:d1:0d:fb:68:
22:d5:5c:e9:b6:4d:29:b6:a8:5f:ec:b1:02:99:aa:c6:ce:1a:
19:76:f1:28:13:d2:10:64:dc:65:56:54:83:07:c9:60:17:87:
ac:60:92:34:a6:3a:ce:5d:c1:fd:71:68:ef:cb:63:b6:52:b8:
42:53:85:4d
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUA54LmNeBRhCZ0z66lYE3wgUJu0owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MDQxNTMwMDlaFw0yNjA4MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQGRlOWEwOWViZWYxMTlhYjY5MjkwYTljZGRkZGYxOThlNzc2N2YwOTU1NjE1
NzNkNzc2MWY3OGZjNDEzZDE5MTMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ0XlMz6cPuaQoc2bqmgIdhGbSwyp2lEctyVU0nNnUjhWFfxVytibBWlIgGV
JFNJ9ho3N1LA6gVOTfEPJV/7TvS0Ptsv7vw9Bcr83oTKpB5MRv5hCC9AXVDYzGbJ
6bMsIJSDLpLaJG7eQY71ckUWQSt+N3NI2/+BOnO7IAB3taxEZo0e/kOt+kHmA3Ib
7ANyOL7dYLGGf7gx+yrhHkncp1zEVT2ZsdeXXBaf3Yv/66RJ/2WI4VycbLmsoWUc
QI6s5zj762u0C0r9vwF2W2zP66N1dzTiJP+eKmB4OP/o7WPdkiDefBdAzoRLPRX3
34W40wmCn7muEp7FgjCWx7U1eV0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ0n1xq
cEM1PHxuadk6CWUXC8A1gzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWM1YTFhMTQtNzNjMS00YzQ5LThiMjItN2QxMGM0Mzc5ZTA4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNGMA0G
CSqGSIb3DQEBCwUAA4IBAQA1YTZM+W2HdZ+I7HIQltD+BjTNQUiU5jC7NeSQ+qjt
Oz3Ez12TA+z7ozZ+FHRZSGvT6Rc361xXgi0AyT+b1D925f670/988l3sxaA38xK8
3DQxE/3NkJHHNB/eWZoakoawQ4SrKDvX0qfHl4QUVVXCIXvUd468247OuxlpWC8n
mxxDnKEFBI6Wqg3NvosMsEC+n0N57V2IJSUEg4ENeaMSC6pFMovbrifCbroXs7Dl
EmdjggHJWbWTot7b87cPk0CfedEN+2gi1Vzptk0ptqhf7LECmarGzhoZdvEoE9IQ
ZNxlVlSDB8lgF4esYJI0pjrOXcH9cWjvy2O2UrhCU4VN
-----END CERTIFICATE-----
Generated at Tue May 12 23:52:16 2026 by rpki-client