Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c8fd8c44-7514-40e6-9198-e0b6e37b4c69.roa
File: c8fd8c44-7514-40e6-9198-e0b6e37b4c69.roa (raw, json)
Hash identifier: iEzQEdK6ay58nGxWeJmPIcJ7bdzr7yoZd+Fn1wFi8pg=
Subject key identifier: 3F:4A:F0:A5:FD:44:CD:3B:7A:5A:01:C6:0E:F1:96:0F:86:6D:BA:63
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7C43C58F88B39C71E46AC192EE3D180D03C1C498
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c8fd8c44-7514-40e6-9198-e0b6e37b4c69.roa
Signing time: Mon 27 Apr 2026 00:40:02 +0000
ROA not before: Mon 27 Apr 2026 00:40:02 +0000
ROA not after: Sun 26 Jul 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.16.238.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:43:c5:8f:88:b3:9c:71:e4:6a:c1:92:ee:3d:18:0d:03:c1:c4:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 27 00:40:02 2026 GMT
Not After : Jul 26 23:59:59 2026 GMT
Subject: serialNumber=7eee11135efd15e71cd918d57a06770d7e58d294c735f3c84615409b17aef631, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:31:6d:94:2c:62:b4:8e:d4:aa:26:b0:8c:63:
a9:22:d9:d7:b3:fa:4a:ef:7f:12:48:53:c3:d8:eb:
c5:01:8d:23:db:21:37:9a:83:f5:f4:3e:1a:7d:b3:
46:0e:46:da:13:6c:e2:41:47:d0:72:a3:e5:cf:70:
c7:69:d5:3c:66:cb:17:51:3f:fb:c7:e8:c5:d8:2e:
fa:c9:d6:ef:8b:2e:4c:22:7c:4e:c1:be:d1:1a:51:
1d:64:05:78:5f:ae:8e:82:03:7c:a2:c9:5b:9a:e1:
28:96:a5:9a:b4:b9:2d:95:a6:91:8f:74:cc:64:1f:
ec:b7:1d:1c:91:dc:ca:64:52:b4:e0:b2:3f:bb:84:
1a:61:b9:8c:93:88:2e:06:9f:ac:f1:16:8c:91:4a:
a3:64:14:89:38:72:3a:22:55:10:91:43:b5:ed:c8:
d0:bd:77:44:d1:e8:fc:29:36:99:76:a8:0b:60:fa:
57:2c:0a:07:f6:99:6a:ab:5e:86:69:0a:a1:ef:a2:
54:0d:48:d1:df:a9:b2:2d:af:e0:af:f7:95:32:6d:
7e:b2:93:79:bf:11:26:73:4c:bf:6e:15:e4:2a:40:
10:10:44:3c:5e:2a:00:c2:55:c8:ec:06:a7:65:1c:
01:65:17:0c:f6:89:82:6a:0e:e4:e3:c7:59:ad:3f:
2d:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:4A:F0:A5:FD:44:CD:3B:7A:5A:01:C6:0E:F1:96:0F:86:6D:BA:63
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c8fd8c44-7514-40e6-9198-e0b6e37b4c69.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.16.238.0/23
Signature Algorithm: sha256WithRSAEncryption
07:54:ac:3c:21:b7:d3:db:50:bb:53:7d:46:80:c5:53:34:4e:
c2:ae:97:2c:80:0c:d9:41:74:25:4b:eb:e8:0f:78:78:6e:03:
98:46:8e:02:d1:e2:84:12:6c:aa:68:6d:4e:1c:ab:2f:b0:0f:
b5:ca:e6:17:bb:63:90:94:3f:71:ef:7f:de:c0:5e:02:0f:15:
f6:72:fa:27:e3:04:d1:68:6c:f1:45:c6:85:49:c5:00:7c:1e:
88:58:e9:a6:22:67:d5:fb:5b:62:03:7c:56:0d:13:de:8e:68:
b8:9a:ea:ed:eb:41:02:69:4b:86:fc:96:7c:5f:3c:ab:b4:62:
6a:46:4f:3e:f6:3c:2c:b1:73:1c:4e:c7:04:c7:c7:42:d4:f8:
c6:ba:62:29:f6:ab:1b:b5:0e:21:bc:66:0b:db:67:6a:5d:a9:
b6:e7:97:53:74:79:8e:47:44:09:22:f0:59:df:52:01:c7:87:
a7:04:79:72:c2:6f:19:d0:b9:1b:cb:bc:0a:fd:a4:13:54:28:
8f:c1:7d:c2:92:b8:13:d9:e0:c5:a5:b8:a5:76:26:ca:e9:31:
fb:07:75:2b:a6:35:0b:62:51:0e:ad:f3:68:d2:8c:53:a0:f3:
50:a6:ad:ae:f5:df:46:f5:07:7d:53:a2:2c:00:45:12:72:93:
ee:e1:78:24
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUfEPFj4iznHHkasGS7j0YDQPBxJgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA0MjcwMDQwMDJaFw0yNjA3MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDdlZWUxMTEzNWVmZDE1ZTcxY2Q5MThkNTdhMDY3NzBkN2U1OGQyOTRjNzM1
ZjNjODQ2MTU0MDliMTdhZWY2MzExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKYxbZQsYrSO1KomsIxjqSLZ17P6Su9/EkhTw9jrxQGNI9shN5qD9fQ+Gn2z
Rg5G2hNs4kFH0HKj5c9wx2nVPGbLF1E/+8foxdgu+snW74suTCJ8TsG+0RpRHWQF
eF+ujoIDfKLJW5rhKJalmrS5LZWmkY90zGQf7LcdHJHcymRStOCyP7uEGmG5jJOI
LgafrPEWjJFKo2QUiThyOiJVEJFDte3I0L13RNHo/Ck2mXaoC2D6VywKB/aZaqte
hmkKoe+iVA1I0d+psi2v4K/3lTJtfrKTeb8RJnNMv24V5CpAEBBEPF4qAMJVyOwG
p2UcAWUXDPaJgmoO5OPHWa0/LW8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ/SvCl
/UTNO3paAcYO8ZYPhm26YzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzhmZDhjNDQtNzUxNC00MGU2LTkxOTgtZTBiNmUzN2I0YzY5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEATMQ7jAN
BgkqhkiG9w0BAQsFAAOCAQEAB1SsPCG309tQu1N9RoDFUzROwq6XLIAM2UF0JUvr
6A94eG4DmEaOAtHihBJsqmhtThyrL7APtcrmF7tjkJQ/ce9/3sBeAg8V9nL6J+ME
0Whs8UXGhUnFAHweiFjppiJn1ftbYgN8Vg0T3o5ouJrq7etBAmlLhvyWfF88q7Ri
akZPPvY8LLFzHE7HBMfHQtT4xrpiKfarG7UOIbxmC9tnal2ptueXU3R5jkdECSLw
Wd9SAceHpwR5csJvGdC5G8u8Cv2kE1Qoj8F9wpK4E9ngxaW4pXYmyukx+wd1K6Y1
C2JRDq3zaNKMU6DzUKatrvXfRvUHfVOiLABFEnKT7uF4JA==
-----END CERTIFICATE-----
Generated at Tue May 12 23:14:48 2026 by rpki-client