Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/01b25f37-a868-47f9-bc61-95397088dcdf.roa
File: 01b25f37-a868-47f9-bc61-95397088dcdf.roa (raw, json)
Hash identifier: ziwEup+geC2+v2jzUJddcaeat9xlKvuETObKxkcUHmk=
Subject key identifier: 71:5E:8E:5C:F1:50:3A:69:72:D6:D7:D5:A5:18:52:75:4B:F1:77:65
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 7B5C58DA992755EE6290D1B918329437C9BB713B
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/01b25f37-a868-47f9-bc61-95397088dcdf.roa
Signing time: Thu 13 Nov 2025 16:37:46 +0000
ROA not before: Thu 13 Nov 2025 16:37:46 +0000
ROA not after: Thu 18 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.224.190.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 18 Nov 2025 23:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:5c:58:da:99:27:55:ee:62:90:d1:b9:18:32:94:37:c9:bb:71:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: Nov 13 16:37:46 2025 GMT
Not After : Dec 18 23:59:59 2025 GMT
Subject: serialNumber=24fecca5ced9eb9b7bf4f845def0991f1aa03c256651b5c5c81280fab8be626b, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:68:53:76:6c:14:55:60:3f:31:27:2f:c9:8a:
ae:6b:a6:48:2a:6a:47:eb:55:3d:6a:5a:45:cd:91:
00:ac:d2:61:4b:e3:5c:24:4f:ae:fe:60:03:91:50:
75:c9:f8:b1:00:98:1d:3e:dd:3e:9f:7e:19:21:20:
f2:ee:30:23:1f:94:06:dd:83:2e:29:ad:63:50:e3:
46:52:75:98:49:88:d6:ac:88:17:f9:63:de:38:64:
6c:3f:3c:ae:12:ee:6a:61:09:a3:36:2b:5a:67:f2:
77:6f:83:c6:15:97:77:ed:38:ac:20:b7:d9:ab:43:
a3:d4:65:83:30:2f:97:17:c5:15:a2:3b:c8:ff:21:
39:ab:b2:64:77:cb:0a:85:da:99:1c:c8:d7:a2:2d:
5f:ed:ad:5a:0d:ee:d6:81:60:79:e5:25:b7:80:6d:
6c:a1:42:a5:8a:ed:5d:5d:47:c8:d4:1e:b2:f3:ce:
2e:d7:4b:22:15:f0:e0:36:ae:ab:4c:7d:d2:41:b1:
a8:06:a1:a9:22:5c:46:a1:00:83:4b:b6:e0:ed:b3:
9e:eb:16:b1:ac:57:ba:4e:9d:cb:ec:d5:a3:52:33:
88:c2:3a:d2:af:fc:c1:43:f5:ff:66:40:b5:0e:40:
b9:5b:17:12:4c:97:67:f1:c7:ad:02:14:e2:53:a2:
61:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:5E:8E:5C:F1:50:3A:69:72:D6:D7:D5:A5:18:52:75:4B:F1:77:65
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/01b25f37-a868-47f9-bc61-95397088dcdf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.224.190.0/23
Signature Algorithm: sha256WithRSAEncryption
2b:03:1c:f7:b2:ca:9a:e2:17:87:b5:66:ec:1f:43:19:88:d0:
6e:23:96:47:ae:58:d9:84:88:3d:4d:9c:40:59:ee:19:a7:21:
93:2f:68:88:c4:cb:cb:d6:55:b2:46:46:02:a3:84:37:35:e8:
ec:20:8b:02:71:ab:77:2a:c3:54:43:69:ae:43:bd:2c:d1:6d:
ce:5d:e7:d2:be:04:23:55:e2:a5:a4:84:9e:a4:6f:e8:e0:de:
6c:7d:11:16:3a:c5:85:42:00:49:b5:b9:a6:3c:a4:e1:6d:ba:
94:31:89:37:dc:04:9f:96:58:14:04:fe:14:d8:e4:a7:3a:17:
9f:9a:11:d7:a9:32:a5:f0:59:de:49:fc:ec:5a:e1:47:b1:f7:
aa:4b:79:9f:95:ed:bc:07:b6:ea:d6:86:22:68:fd:9d:c1:a6:
52:5f:7e:d0:23:dd:e5:3e:8f:cd:69:bb:59:b8:46:50:23:02:
78:8b:bb:00:1e:5f:d7:99:a4:93:ef:bd:2d:f8:5c:b0:e8:c9:
94:e7:30:88:7f:0e:81:51:cd:6f:92:fb:7a:fd:68:ba:54:ad:
65:d3:5e:a8:ea:3b:38:86:5d:b8:59:ae:c0:45:e6:3f:95:da:
15:b2:be:b6:bd:9a:37:51:ce:3c:f2:c1:49:61:4a:2b:2a:5b:
e5:10:ca:65
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUe1xY2pknVe5ikNG5GDKUN8m7cTswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNTExMTMxNjM3NDZaFw0yNTEyMTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDI0ZmVjY2E1Y2VkOWViOWI3YmY0Zjg0NWRlZjA5OTFmMWFhMDNjMjU2NjUx
YjVjNWM4MTI4MGZhYjhiZTYyNmIxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKZoU3ZsFFVgPzEnL8mKrmumSCpqR+tVPWpaRc2RAKzSYUvjXCRPrv5gA5FQ
dcn4sQCYHT7dPp9+GSEg8u4wIx+UBt2DLimtY1DjRlJ1mEmI1qyIF/lj3jhkbD88
rhLuamEJozYrWmfyd2+DxhWXd+04rCC32atDo9RlgzAvlxfFFaI7yP8hOauyZHfL
CoXamRzI16ItX+2tWg3u1oFgeeUlt4BtbKFCpYrtXV1HyNQesvPOLtdLIhXw4Dau
q0x90kGxqAahqSJcRqEAg0u24O2znusWsaxXuk6dy+zVo1IziMI60q/8wUP1/2ZA
tQ5AuVsXEkyXZ/HHrQIU4lOiYZkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRxXo5c
8VA6aXLW19WlGFJ1S/F3ZTAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
MDFiMjVmMzctYTg2OC00N2Y5LWJjNjEtOTUzOTcwODhkY2RmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEATPgvjAN
BgkqhkiG9w0BAQsFAAOCAQEAKwMc97LKmuIXh7Vm7B9DGYjQbiOWR65Y2YSIPU2c
QFnuGachky9oiMTLy9ZVskZGAqOENzXo7CCLAnGrdyrDVENprkO9LNFtzl3n0r4E
I1XipaSEnqRv6ODebH0RFjrFhUIASbW5pjyk4W26lDGJN9wEn5ZYFAT+FNjkpzoX
n5oR16kypfBZ3kn87FrhR7H3qkt5n5XtvAe26taGImj9ncGmUl9+0CPd5T6PzWm7
WbhGUCMCeIu7AB5f15mkk++9LfhcsOjJlOcwiH8OgVHNb5L7ev1oulStZdNeqOo7
OIZduFmuwEXmP5XaFbK+tr2aN1HOPPLBSWFKKypb5RDKZQ==
-----END CERTIFICATE-----
Generated at Tue Nov 18 06:47:48 2025 by rpki-client