Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b1f2e92a-59bb-45af-9b7f-630a07248560.roa
File: b1f2e92a-59bb-45af-9b7f-630a07248560.roa (raw, json)
Hash identifier: YSAAWP6dlsl9ZqHp9xmi20WijmOjmPjCC4rUKAHtHas=
Subject key identifier: 3D:D7:F0:58:0D:46:30:E7:02:7C:A0:8C:41:0E:D2:26:0B:05:07:7E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4637E9D00F02C38D1465999485826711B70C9DFB
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b1f2e92a-59bb-45af-9b7f-630a07248560.roa
Signing time: Mon 04 May 2026 15:30:24 +0000
ROA not before: Mon 04 May 2026 15:30:24 +0000
ROA not after: Sun 02 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.240.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:37:e9:d0:0f:02:c3:8d:14:65:99:94:85:82:67:11:b7:0c:9d:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 4 15:30:24 2026 GMT
Not After : Aug 2 23:59:59 2026 GMT
Subject: serialNumber=f8d514188331072d79b480746a1a2970cdc2d8a97af314757125a605f7949259, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:be:30:85:0e:f1:5d:80:eb:bb:e6:20:be:c6:
5e:3c:d4:9e:82:ba:e5:87:bf:ac:73:ef:38:97:84:
fc:a8:48:ad:ef:38:a8:ee:b4:75:19:67:30:ba:05:
13:91:2c:c4:c2:61:d6:7f:75:f2:b1:91:96:63:da:
90:36:79:de:d4:41:bf:9a:dc:f2:13:c6:c0:f8:a6:
2e:3b:61:79:de:41:87:08:12:c4:43:23:35:3a:fc:
08:81:f2:ce:dc:82:78:49:6d:49:43:9e:86:6b:d9:
ee:49:55:bd:49:d8:db:50:98:89:4b:56:a8:aa:df:
5e:d6:42:78:67:cf:02:07:88:70:fa:01:a6:61:2e:
63:b1:33:ae:d8:da:b9:90:25:57:fa:b2:82:e8:93:
73:7c:e8:c6:7e:1c:87:1b:2e:e9:ad:72:bc:b9:f8:
84:c4:22:48:7b:77:6b:11:5b:82:4e:0e:61:95:5e:
03:f8:c8:f7:86:02:2d:53:a5:dd:0f:a3:3d:60:36:
df:b3:1b:07:5b:78:f2:76:96:c2:c7:ef:d2:6b:8c:
b3:e9:df:85:24:2c:c8:ce:ae:bc:c3:7f:2c:2c:38:
b3:1e:17:7d:c9:3d:55:cb:35:2e:8f:47:62:42:5d:
38:70:6a:b4:b6:22:70:96:b9:19:35:ef:9e:1b:f7:
63:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:D7:F0:58:0D:46:30:E7:02:7C:A0:8C:41:0E:D2:26:0B:05:07:7E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b1f2e92a-59bb-45af-9b7f-630a07248560.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.240.0.0/16
Signature Algorithm: sha256WithRSAEncryption
49:c1:6b:d6:6e:33:e4:b6:03:dc:85:25:73:4c:48:ea:50:17:
29:10:07:59:28:6a:69:72:84:88:f3:8c:0e:97:18:a5:84:0e:
92:b7:70:f3:4c:5b:5a:25:50:39:10:ed:d5:72:c6:3d:5d:9f:
64:77:05:9d:42:fc:1e:e2:63:e8:39:32:6b:a0:29:94:e3:67:
5f:d9:cd:35:5f:11:81:e0:2a:0d:64:7c:1f:bb:79:77:f4:c6:
03:bb:2c:b6:9e:92:9a:01:64:cb:7e:8e:9b:39:a7:dc:4b:2d:
1b:c4:0c:6f:97:60:87:7b:13:eb:e9:2c:89:98:2b:e2:f4:15:
2e:22:94:19:17:cf:b7:5b:1a:66:96:a2:fb:f3:32:a0:ac:9b:
1f:c2:20:08:39:1a:d0:5b:be:d3:1e:58:f7:9c:5d:07:15:dd:
87:c3:56:89:7d:c1:a7:a0:b3:2d:d4:ce:24:05:cd:25:86:06:
84:28:9e:b9:14:a2:e5:76:e9:1b:d2:7c:87:f1:7d:2d:34:a5:
1c:74:f7:cb:6f:8c:8b:72:e0:cf:12:56:c7:95:1f:eb:fe:f9:
29:ad:fd:f2:47:a9:bb:be:39:36:8b:1d:57:c9:da:d6:4d:a9:
cf:55:22:9c:c3:63:41:ef:0e:78:5b:97:95:97:b1:9c:61:7e:
92:b9:d0:af
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIURjfp0A8Cw40UZZmUhYJnEbcMnfswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MDQxNTMwMjRaFw0yNjA4MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQGY4ZDUxNDE4ODMzMTA3MmQ3OWI0ODA3NDZhMWEyOTcwY2RjMmQ4YTk3YWYz
MTQ3NTcxMjVhNjA1Zjc5NDkyNTkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPG+MIUO8V2A67vmIL7GXjzUnoK65Ye/rHPvOJeE/KhIre84qO60dRlnMLoF
E5EsxMJh1n918rGRlmPakDZ53tRBv5rc8hPGwPimLjthed5BhwgSxEMjNTr8CIHy
ztyCeEltSUOehmvZ7klVvUnY21CYiUtWqKrfXtZCeGfPAgeIcPoBpmEuY7Ezrtja
uZAlV/qyguiTc3zoxn4chxsu6a1yvLn4hMQiSHt3axFbgk4OYZVeA/jI94YCLVOl
3Q+jPWA237MbB1t48naWwsfv0muMs+nfhSQsyM6uvMN/LCw4sx4Xfck9Vcs1Lo9H
YkJdOHBqtLYicJa5GTXvnhv3Y5ECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ91/BY
DUYw5wJ8oIxBDtImCwUHfjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjFmMmU5MmEtNTliYi00NWFmLTliN2YtNjMwYTA3MjQ4NTYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADPwMA0G
CSqGSIb3DQEBCwUAA4IBAQBJwWvWbjPktgPchSVzTEjqUBcpEAdZKGppcoSI84wO
lxilhA6St3DzTFtaJVA5EO3VcsY9XZ9kdwWdQvwe4mPoOTJroCmU42df2c01XxGB
4CoNZHwfu3l39MYDuyy2npKaAWTLfo6bOafcSy0bxAxvl2CHexPr6SyJmCvi9BUu
IpQZF8+3WxpmlqL78zKgrJsfwiAIORrQW77THlj3nF0HFd2Hw1aJfcGnoLMt1M4k
Bc0lhgaEKJ65FKLldukb0nyH8X0tNKUcdPfLb4yLcuDPElbHlR/r/vkprf3yR6m7
vjk2ix1XydrWTanPVSKcw2NB7w54W5eVl7GcYX6SudCv
-----END CERTIFICATE-----
Generated at Tue May 12 23:38:38 2026 by rpki-client