Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/16271914-dc77-4545-b526-a3ebfab5d63a.roa
File: 16271914-dc77-4545-b526-a3ebfab5d63a.roa (raw, json)
Hash identifier: +fediXwaH7L+lioiAELtL/1RGDzCm/peauEVVc3Ad9I=
Subject key identifier: EA:1C:1A:24:65:B4:28:79:42:EB:5B:94:EF:D2:28:43:96:02:21:77
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 1C727BA9A77D6EC8924F9A89F447ABCB6070BCE2
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/16271914-dc77-4545-b526-a3ebfab5d63a.roa
Signing time: Thu 13 Nov 2025 16:37:47 +0000
ROA not before: Thu 13 Nov 2025 16:37:47 +0000
ROA not after: Thu 18 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.224.192.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 18 Nov 2025 23:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:72:7b:a9:a7:7d:6e:c8:92:4f:9a:89:f4:47:ab:cb:60:70:bc:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: Nov 13 16:37:47 2025 GMT
Not After : Dec 18 23:59:59 2025 GMT
Subject: serialNumber=001879af329640a2ea1458af2c0b7a671d03df93e89b1ec4de5b7978665f05d5, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:57:1d:1c:a4:79:8b:e1:8f:75:66:cc:55:9a:
57:1d:32:c8:f5:e5:c0:ff:a4:af:13:7f:9d:d2:28:
ec:6d:9a:0a:85:14:1f:29:b5:d5:4d:ab:20:41:95:
09:d6:30:0f:02:f9:2e:0b:81:d8:c1:9e:b5:a4:72:
d8:67:ef:bc:7d:80:76:44:2e:ac:0f:4c:75:da:84:
a9:bd:66:6f:c5:a6:1d:36:8c:dd:ce:02:a4:df:89:
1a:4c:94:78:ad:a4:1e:0d:ac:5e:f2:26:03:46:5c:
cc:62:77:92:1f:87:73:70:ac:04:e1:64:bd:f6:d3:
72:e5:44:cb:e9:80:8e:2c:6f:da:10:19:7d:92:e6:
a6:26:5a:1e:07:e3:44:cc:20:5d:86:21:ca:d9:cd:
ec:1d:7e:5e:2e:2d:2f:7a:3c:5c:2b:ac:78:2c:c7:
9a:2b:04:ba:bc:21:02:18:8b:c6:98:95:62:9b:e2:
76:87:30:e3:cd:ff:f3:9b:0b:32:29:b7:bb:72:36:
e3:34:a1:be:83:5c:95:60:c3:7b:7d:b0:84:12:d1:
ae:06:f5:23:32:f7:50:71:f7:68:ef:3e:bb:f5:6c:
a6:4e:7d:ca:0f:93:7b:10:0a:03:58:08:31:f2:e6:
7b:38:d1:f9:23:74:0d:2b:17:f2:07:68:55:c2:7a:
b1:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:1C:1A:24:65:B4:28:79:42:EB:5B:94:EF:D2:28:43:96:02:21:77
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/16271914-dc77-4545-b526-a3ebfab5d63a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.224.192.0/23
Signature Algorithm: sha256WithRSAEncryption
51:b6:37:33:48:59:70:4f:d4:f2:9a:0b:3c:1a:de:2f:42:f9:
13:cf:05:6b:9e:fe:99:4f:42:30:83:03:8c:52:f1:6c:87:3c:
7a:91:c2:29:d8:b1:59:42:32:38:86:70:2c:e9:f7:95:89:01:
9e:ce:b2:d7:69:47:01:03:8f:41:c3:b7:f3:7b:36:eb:93:64:
62:6a:12:ea:6c:22:ec:87:b5:92:a3:28:c9:9e:89:c3:66:bd:
80:73:28:f4:ef:e2:24:8f:9b:68:9e:11:b4:64:44:66:a7:b3:
2c:7b:1e:bc:d5:b6:f2:02:ca:be:d2:1b:96:ef:93:53:c0:3d:
ee:c7:f5:25:80:3d:95:78:95:c1:c8:2d:5b:66:ff:44:e2:a7:
61:c3:d8:ee:0e:b1:b5:41:51:5f:46:1a:e6:1c:6d:c7:31:d9:
5f:dd:3f:9f:fc:ac:28:35:8a:67:09:d2:71:72:39:16:24:8e:
43:20:5d:65:2c:5f:2b:2e:38:2c:cb:db:a3:63:59:26:8d:99:
f8:c2:7d:d4:5f:27:ee:a4:8f:a5:72:fb:a0:cc:dc:5e:97:05:
d7:16:17:7d:b4:16:e9:b1:31:0b:58:c1:86:d0:69:d0:e7:a1:
6c:a1:da:d4:b7:ed:73:5b:97:61:f0:0c:7c:55:1b:af:3b:e4:
ec:4c:01:75
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUHHJ7qad9bsiST5qJ9Eery2BwvOIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNTExMTMxNjM3NDdaFw0yNTEyMTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDAwMTg3OWFmMzI5NjQwYTJlYTE0NThhZjJjMGI3YTY3MWQwM2RmOTNlODli
MWVjNGRlNWI3OTc4NjY1ZjA1ZDUxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKJXHRykeYvhj3VmzFWaVx0yyPXlwP+krxN/ndIo7G2aCoUUHym11U2rIEGV
CdYwDwL5LguB2MGetaRy2GfvvH2AdkQurA9MddqEqb1mb8WmHTaM3c4CpN+JGkyU
eK2kHg2sXvImA0ZczGJ3kh+Hc3CsBOFkvfbTcuVEy+mAjixv2hAZfZLmpiZaHgfj
RMwgXYYhytnN7B1+Xi4tL3o8XCuseCzHmisEurwhAhiLxpiVYpvidocw483/85sL
Mim3u3I24zShvoNclWDDe32whBLRrgb1IzL3UHH3aO8+u/Vspk59yg+TexAKA1gI
MfLmezjR+SN0DSsX8gdoVcJ6sXkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTqHBok
ZbQoeULrW5Tv0ihDlgIhdzAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
MTYyNzE5MTQtZGM3Ny00NTQ1LWI1MjYtYTNlYmZhYjVkNjNhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEATPgwDAN
BgkqhkiG9w0BAQsFAAOCAQEAUbY3M0hZcE/U8poLPBreL0L5E88Fa57+mU9CMIMD
jFLxbIc8epHCKdixWUIyOIZwLOn3lYkBns6y12lHAQOPQcO383s265NkYmoS6mwi
7Ie1kqMoyZ6Jw2a9gHMo9O/iJI+baJ4RtGREZqezLHsevNW28gLKvtIblu+TU8A9
7sf1JYA9lXiVwcgtW2b/ROKnYcPY7g6xtUFRX0Ya5hxtxzHZX90/n/ysKDWKZwnS
cXI5FiSOQyBdZSxfKy44LMvbo2NZJo2Z+MJ91F8n7qSPpXL7oMzcXpcF1xYXfbQW
6bExC1jBhtBp0OehbKHa1Lftc1uXYfAMfFUbrzvk7EwBdQ==
-----END CERTIFICATE-----
Generated at Tue Nov 18 08:20:35 2025 by rpki-client