Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b2cac574-b448-47b5-a751-22dfd7293698.roa
File: b2cac574-b448-47b5-a751-22dfd7293698.roa (raw, json)
Hash identifier: Jg5fOvl5C92R39QcUYExi25h/iNGPRKnw/nRAzGKObY=
Subject key identifier: F6:73:62:68:A5:3D:DC:B3:28:2F:D6:64:A4:3A:46:0D:E6:8B:F6:9E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2E685DA929167A0056D44C0DFB62DD9514B1B683
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b2cac574-b448-47b5-a751-22dfd7293698.roa
Signing time: Sat 09 May 2026 00:40:05 +0000
ROA not before: Sat 09 May 2026 00:40:05 +0000
ROA not after: Fri 07 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.102.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:68:5d:a9:29:16:7a:00:56:d4:4c:0d:fb:62:dd:95:14:b1:b6:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 9 00:40:05 2026 GMT
Not After : Aug 7 23:59:59 2026 GMT
Subject: serialNumber=9b17331193e5ad73d2d1395e3cd834fd6356b29c93660d180ee2f0885bd7118d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:37:81:e9:f7:b1:f2:22:7c:79:d2:8a:72:ac:
5f:c1:f8:02:a2:c2:24:04:be:38:cc:46:ad:d8:41:
04:00:ee:ce:89:35:57:79:ac:db:77:02:a4:f9:f8:
c0:08:c9:1e:15:0c:ef:c4:6d:89:15:30:5a:4b:d3:
0a:fe:f2:28:12:a3:7d:29:4d:71:02:0b:a3:fb:01:
98:6a:2e:a2:5e:20:e5:a7:92:e6:9e:19:b8:b5:6d:
60:7d:a8:dc:c1:80:99:64:83:29:5d:66:5e:dd:25:
b7:f8:e0:80:c3:82:80:f7:89:9b:2b:22:08:93:9f:
fe:2b:5b:e7:90:f2:86:6d:5a:d2:31:fd:25:b0:48:
7e:3e:e7:ed:30:49:6e:55:a7:8f:3c:a1:31:3a:f1:
11:3a:6a:50:e7:43:e9:4c:b6:1e:ba:5d:30:0d:e4:
8c:21:8e:3d:2c:87:1a:2f:21:63:ae:d2:8a:b4:e6:
f5:1d:64:0f:fc:0f:87:ee:0b:3a:de:f9:48:d6:78:
0c:8f:b7:8f:8f:4c:61:8c:dc:91:44:3d:9c:01:bb:
56:a1:5d:49:b1:9f:74:4f:2e:8a:07:bf:7e:84:5f:
bc:e8:ce:eb:f2:a9:db:56:b8:11:a2:4c:f5:36:65:
5b:c1:83:5f:97:a2:34:b2:3b:0b:d6:c2:a4:f5:af:
44:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:73:62:68:A5:3D:DC:B3:28:2F:D6:64:A4:3A:46:0D:E6:8B:F6:9E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b2cac574-b448-47b5-a751-22dfd7293698.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.102.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a6:9f:3a:fd:78:9d:53:ce:54:b4:61:f8:69:c7:75:eb:23:b2:
f1:20:24:cb:b2:fc:90:a8:21:c5:56:8c:32:c4:2a:3e:18:e4:
27:99:51:30:dc:99:99:b0:6b:af:b1:3e:1b:55:2a:db:8d:83:
97:40:52:e7:04:16:db:5e:56:61:02:8b:28:5d:c8:b3:1f:f9:
7a:c9:f0:c6:88:0a:33:69:08:66:f1:55:2a:ec:41:6c:c0:92:
d5:da:b8:a5:b8:6e:a1:87:fc:d2:f5:e9:d8:5a:a4:da:49:2f:
ed:92:53:2a:57:39:f1:d7:11:31:55:1e:7b:9f:3a:4f:d5:2a:
13:e8:66:18:d9:62:7d:77:9a:f2:b5:8f:b4:39:f5:30:ff:c5:
1a:7f:4e:88:63:16:f5:19:6b:99:4c:b3:8b:ed:c1:05:05:58:
ef:0d:5c:e0:48:28:5e:ea:29:d5:73:20:5e:ab:ec:e4:46:71:
99:7a:e0:01:2f:5a:a8:92:26:85:88:81:d6:b2:6a:df:ef:c8:
7a:13:c0:3d:62:00:78:19:fb:19:8d:2c:cc:62:5f:e7:74:b4:
d6:cc:dd:98:8e:fb:53:2c:51:45:d6:0e:02:a7:77:39:87:00:
d8:2f:e7:23:e7:3f:df:bf:35:33:ef:39:d7:cb:cb:ec:b6:0f:
a2:10:bd:24
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIULmhdqSkWegBW1EwN+2LdlRSxtoMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MDkwMDQwMDVaFw0yNjA4MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDliMTczMzExOTNlNWFkNzNkMmQxMzk1ZTNjZDgzNGZkNjM1NmIyOWM5MzY2
MGQxODBlZTJmMDg4NWJkNzExOGQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALA3gen3sfIifHnSinKsX8H4AqLCJAS+OMxGrdhBBADuzok1V3ms23cCpPn4
wAjJHhUM78RtiRUwWkvTCv7yKBKjfSlNcQILo/sBmGouol4g5aeS5p4ZuLVtYH2o
3MGAmWSDKV1mXt0lt/jggMOCgPeJmysiCJOf/itb55Dyhm1a0jH9JbBIfj7n7TBJ
blWnjzyhMTrxETpqUOdD6Uy2HrpdMA3kjCGOPSyHGi8hY67SirTm9R1kD/wPh+4L
Ot75SNZ4DI+3j49MYYzckUQ9nAG7VqFdSbGfdE8uige/foRfvOjO6/Kp21a4EaJM
9TZlW8GDX5eiNLI7C9bCpPWvRLMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT2c2Jo
pT3csygv1mSkOkYN5ov2njAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjJjYWM1NzQtYjQ0OC00N2I1LWE3NTEtMjJkZmQ3MjkzNjk4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNmMA0G
CSqGSIb3DQEBCwUAA4IBAQCmnzr9eJ1TzlS0Yfhpx3XrI7LxICTLsvyQqCHFVowy
xCo+GOQnmVEw3JmZsGuvsT4bVSrbjYOXQFLnBBbbXlZhAosoXcizH/l6yfDGiAoz
aQhm8VUq7EFswJLV2riluG6hh/zS9enYWqTaSS/tklMqVznx1xExVR57nzpP1SoT
6GYY2WJ9d5rytY+0OfUw/8Uaf06IYxb1GWuZTLOL7cEFBVjvDVzgSChe6inVcyBe
q+zkRnGZeuABL1qokiaFiIHWsmrf78h6E8A9YgB4GfsZjSzMYl/ndLTWzN2YjvtT
LFFF1g4Cp3c5hwDYL+cj5z/fvzUz7znXy8vstg+iEL0k
-----END CERTIFICATE-----
Generated at Tue May 12 22:50:20 2026 by rpki-client