Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a2d10e7d-a784-476d-9df5-f7efeb55cf39.roa
File: a2d10e7d-a784-476d-9df5-f7efeb55cf39.roa (raw, json)
Hash identifier: qXys/UafiYih0XDa6YApayhWvy524xDV9uxjkZO+JlQ=
Subject key identifier: A0:5E:CC:FD:EB:70:D0:4F:FC:1D:F3:B6:D8:A5:1B:30:64:30:6C:24
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2EF6CBF7A02DF1F952A4FEACC709361EC32EC509
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a2d10e7d-a784-476d-9df5-f7efeb55cf39.roa
Signing time: Mon 04 May 2026 15:30:19 +0000
ROA not before: Mon 04 May 2026 15:30:19 +0000
ROA not after: Sun 02 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.206.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:f6:cb:f7:a0:2d:f1:f9:52:a4:fe:ac:c7:09:36:1e:c3:2e:c5:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 4 15:30:19 2026 GMT
Not After : Aug 2 23:59:59 2026 GMT
Subject: serialNumber=06f0ce2039ec78e14e7c5f7e37819289f19c204a401b1ac759943c6f3af92135, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:66:f3:52:5b:a5:72:51:3a:aa:7e:6e:37:cc:
a6:e3:3b:35:b6:32:00:9e:6c:de:b0:2f:66:3e:5b:
bb:70:0c:88:2a:87:6d:bd:c3:bd:be:60:62:b6:53:
db:7a:ca:2c:d4:73:91:14:18:0c:de:2e:14:24:ba:
9b:8e:78:4e:6c:fa:fe:04:01:f8:b1:0b:69:10:d4:
42:00:0d:d1:4c:00:37:a1:c3:5e:3b:8c:3a:05:17:
04:a7:9e:c7:bd:28:4f:a1:6b:5a:a2:8e:1a:c2:03:
05:65:61:14:ea:75:6f:c8:d6:94:c4:c2:4e:72:69:
91:74:a9:1a:a9:4f:b5:f2:fd:2d:9c:2b:0e:7d:8c:
d7:fc:f5:f2:27:19:35:f0:aa:52:cc:e5:9e:cb:7f:
a9:40:0e:08:94:8b:6f:a7:b9:72:68:38:64:90:ae:
d1:99:48:bc:52:e9:b4:42:4a:d1:74:99:29:e3:16:
bd:53:14:8a:cc:fa:65:55:9d:22:09:e7:90:39:3b:
9a:fb:a0:8f:78:4e:9c:92:a4:e9:a6:2a:14:16:47:
b5:8f:ee:b7:f5:62:1f:23:38:b2:8e:90:d4:e1:ca:
34:07:70:58:4b:ae:ac:b5:4d:3f:f1:8d:ba:bd:c4:
e7:80:29:26:5b:17:69:b2:52:c0:2f:eb:d1:de:ff:
32:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:5E:CC:FD:EB:70:D0:4F:FC:1D:F3:B6:D8:A5:1B:30:64:30:6C:24
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a2d10e7d-a784-476d-9df5-f7efeb55cf39.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.206.0.0/15
Signature Algorithm: sha256WithRSAEncryption
bf:73:0e:f8:07:c6:bd:02:81:f4:32:e7:9e:bd:63:7c:25:31:
f6:7a:54:5b:1d:f5:0a:d2:39:80:09:69:1d:94:06:59:9e:33:
b8:68:86:29:26:01:0c:34:1b:2c:11:64:74:1d:56:0e:27:ec:
4c:50:f1:3b:d6:83:14:e2:dc:2b:7c:06:6b:6e:88:f3:5e:c2:
3b:f1:bd:f9:d1:30:07:e6:da:e2:f0:a1:a7:d4:22:32:70:74:
28:7b:67:e2:ef:e2:7c:04:6b:2e:76:87:7a:73:39:a7:07:ef:
52:08:57:2c:7a:02:88:99:a7:9e:2b:41:70:25:39:66:1f:4d:
ab:8d:d8:74:7d:24:ff:bf:7c:01:52:d0:1b:2f:f5:cf:ff:8d:
36:c6:fa:f1:de:3e:2f:2e:40:2a:e1:1b:e1:21:43:fe:b6:59:
51:f2:88:33:b2:2e:78:e4:f3:0e:f2:89:bd:98:95:21:39:2d:
c5:c7:a4:23:c3:0b:32:19:e7:f7:ca:93:73:f0:27:c8:a1:cd:
9f:30:e1:4b:28:7a:bd:66:14:52:36:82:39:31:4c:b0:c6:60:
11:6d:69:5a:e8:a4:f3:e3:22:9e:fb:27:4f:86:5a:dd:86:72:
2b:13:29:22:f6:ab:24:30:b3:ff:23:32:70:52:f2:06:77:3e:
0e:b3:cd:28
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIULvbL96At8flSpP6sxwk2HsMuxQkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MDQxNTMwMTlaFw0yNjA4MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDA2ZjBjZTIwMzllYzc4ZTE0ZTdjNWY3ZTM3ODE5Mjg5ZjE5YzIwNGE0MDFi
MWFjNzU5OTQzYzZmM2FmOTIxMzUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKlm81JbpXJROqp+bjfMpuM7NbYyAJ5s3rAvZj5bu3AMiCqHbb3Dvb5gYrZT
23rKLNRzkRQYDN4uFCS6m454Tmz6/gQB+LELaRDUQgAN0UwAN6HDXjuMOgUXBKee
x70oT6FrWqKOGsIDBWVhFOp1b8jWlMTCTnJpkXSpGqlPtfL9LZwrDn2M1/z18icZ
NfCqUszlnst/qUAOCJSLb6e5cmg4ZJCu0ZlIvFLptEJK0XSZKeMWvVMUisz6ZVWd
IgnnkDk7mvugj3hOnJKk6aYqFBZHtY/ut/ViHyM4so6Q1OHKNAdwWEuurLVNP/GN
ur3E54ApJlsXabJSwC/r0d7/MskCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSgXsz9
63DQT/wd87bYpRswZDBsJDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YTJkMTBlN2QtYTc4NC00NzZkLTlkZjUtZjdlZmViNTVjZjM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPOMA0G
CSqGSIb3DQEBCwUAA4IBAQC/cw74B8a9AoH0MueevWN8JTH2elRbHfUK0jmACWkd
lAZZnjO4aIYpJgEMNBssEWR0HVYOJ+xMUPE71oMU4twrfAZrbojzXsI78b350TAH
5tri8KGn1CIycHQoe2fi7+J8BGsudod6czmnB+9SCFcsegKImaeeK0FwJTlmH02r
jdh0fST/v3wBUtAbL/XP/402xvrx3j4vLkAq4RvhIUP+tllR8ogzsi545PMO8om9
mJUhOS3Fx6QjwwsyGef3ypNz8CfIoc2fMOFLKHq9ZhRSNoI5MUywxmARbWla6KTz
4yKe+ydPhlrdhnIrEyki9qskMLP/IzJwUvIGdz4Os80o
-----END CERTIFICATE-----
Generated at Wed May 13 00:24:26 2026 by rpki-client