Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/28dd94b2-8e51-494f-9933-f9f2e07c6aa1.roa
File: 28dd94b2-8e51-494f-9933-f9f2e07c6aa1.roa (raw, json)
Hash identifier: QrJ3MpSb45AUbRgaR2T1XhnfqHzc6eXyqNyO7JHahyk=
Subject key identifier: FE:32:80:4A:54:7F:B6:20:14:31:56:BE:85:F1:E2:DB:89:26:3C:E8
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 1EBEEA276F351AA3186682F66E0A368FB56C457D
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/28dd94b2-8e51-494f-9933-f9f2e07c6aa1.roa
Signing time: Thu 13 Nov 2025 16:37:48 +0000
ROA not before: Thu 13 Nov 2025 16:37:48 +0000
ROA not after: Thu 18 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.224.0.0/15 maxlen: 15
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 18 Nov 2025 23:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:be:ea:27:6f:35:1a:a3:18:66:82:f6:6e:0a:36:8f:b5:6c:45:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: Nov 13 16:37:48 2025 GMT
Not After : Dec 18 23:59:59 2025 GMT
Subject: serialNumber=99e6b010b24967cdd4f7ce93408d8175236269b58114f46e548fd3ecd4a8cdac, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:69:1d:99:42:e4:69:c4:33:e6:28:21:59:49:
ce:cd:ec:e1:93:ae:73:27:02:a5:3f:45:67:b0:13:
86:0b:00:d5:5d:12:41:80:d8:35:52:45:23:cf:e7:
57:a9:13:3b:9a:c6:80:9c:39:14:a2:e8:d9:b9:d8:
18:98:20:c8:5e:77:dd:00:b4:ce:42:6e:d7:08:5c:
b9:f8:cd:b0:f1:26:f7:3d:97:49:e0:53:f7:4c:b6:
51:73:a0:04:c6:37:08:19:75:d8:9e:ca:34:88:7b:
d4:eb:ee:30:7d:7c:2b:40:db:30:0d:fd:59:b6:d0:
69:6d:ad:18:13:17:50:6d:89:85:ce:92:bc:2d:7a:
36:05:1e:a2:df:39:89:b7:9b:33:68:b5:6e:70:4c:
22:8a:d0:99:4a:92:c2:c4:e3:9c:ba:69:2e:4a:f0:
11:29:a1:06:e1:19:ac:91:05:fc:ce:e2:d9:49:b6:
5a:fc:55:73:14:5b:94:4c:78:93:99:fe:c2:1f:1d:
6e:11:a2:07:06:7a:13:20:63:8f:0e:fb:66:8c:2b:
f9:05:e9:eb:fb:19:46:bc:c2:03:ee:96:53:e4:ae:
4c:34:8f:bf:ad:a6:e6:26:9b:da:81:88:9a:41:cd:
60:59:f6:75:4f:85:67:5f:f5:41:c6:30:ca:a3:2a:
e7:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:32:80:4A:54:7F:B6:20:14:31:56:BE:85:F1:E2:DB:89:26:3C:E8
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/28dd94b2-8e51-494f-9933-f9f2e07c6aa1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.224.0.0/15
Signature Algorithm: sha256WithRSAEncryption
64:e3:05:c3:ae:ca:12:8d:ed:bc:a9:f4:df:26:15:e2:c6:14:
4c:32:2a:75:6c:ce:7f:1f:a1:0c:ab:ad:f4:5d:7b:6b:87:1c:
f4:8c:0b:ff:81:9d:1f:e7:50:6d:34:15:5a:05:f2:ee:98:2d:
dc:de:10:5e:49:31:6e:6f:e3:f7:c2:b3:d8:a2:fe:80:1b:01:
02:31:d1:bb:15:5e:72:4f:5a:de:97:92:59:4d:0c:80:79:01:
39:81:79:06:da:e1:67:46:c8:18:f2:7e:86:39:d8:70:94:2f:
58:fa:6a:23:55:9c:78:ca:1d:fd:7c:eb:9c:3f:43:5a:f6:b3:
2a:50:1d:cb:5e:57:b7:40:84:da:41:f6:b9:32:36:7c:c6:57:
80:5a:99:51:eb:50:2a:10:a7:83:3b:e4:3e:0e:ef:02:37:26:
c3:74:cd:eb:44:7e:a5:61:d9:db:15:9b:f5:4d:6f:ac:26:f6:
59:fe:52:10:19:a5:5b:c2:5c:47:e3:4d:5e:c0:e1:90:13:b5:
51:43:6f:39:ae:12:71:de:3f:f8:07:59:cd:65:c1:e8:ff:c0:
e6:48:b1:86:e5:73:af:1e:11:62:04:5e:3a:b1:53:f3:ce:ca:
7e:41:f7:b5:de:4c:43:59:2c:ee:ce:7b:af:1b:f5:4a:2e:37:
57:07:45:39
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUHr7qJ281GqMYZoL2bgo2j7VsRX0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNTExMTMxNjM3NDhaFw0yNTEyMTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDk5ZTZiMDEwYjI0OTY3Y2RkNGY3Y2U5MzQwOGQ4MTc1MjM2MjY5YjU4MTE0
ZjQ2ZTU0OGZkM2VjZDRhOGNkYWMxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPVpHZlC5GnEM+YoIVlJzs3s4ZOucycCpT9FZ7AThgsA1V0SQYDYNVJFI8/n
V6kTO5rGgJw5FKLo2bnYGJggyF533QC0zkJu1whcufjNsPEm9z2XSeBT90y2UXOg
BMY3CBl12J7KNIh71OvuMH18K0DbMA39WbbQaW2tGBMXUG2Jhc6SvC16NgUeot85
ibebM2i1bnBMIorQmUqSwsTjnLppLkrwESmhBuEZrJEF/M7i2Um2WvxVcxRblEx4
k5n+wh8dbhGiBwZ6EyBjjw77Zowr+QXp6/sZRrzCA+6WU+SuTDSPv62m5iab2oGI
mkHNYFn2dU+FZ1/1QcYwyqMq518CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT+MoBK
VH+2IBQxVr6F8eLbiSY86DAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
MjhkZDk0YjItOGU1MS00OTRmLTk5MzMtZjlmMmUwN2M2YWExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPgMA0G
CSqGSIb3DQEBCwUAA4IBAQBk4wXDrsoSje28qfTfJhXixhRMMip1bM5/H6EMq630
XXtrhxz0jAv/gZ0f51BtNBVaBfLumC3c3hBeSTFub+P3wrPYov6AGwECMdG7FV5y
T1rel5JZTQyAeQE5gXkG2uFnRsgY8n6GOdhwlC9Y+mojVZx4yh39fOucP0Na9rMq
UB3LXle3QITaQfa5MjZ8xleAWplR61AqEKeDO+Q+Du8CNybDdM3rRH6lYdnbFZv1
TW+sJvZZ/lIQGaVbwlxH401ewOGQE7VRQ285rhJx3j/4B1nNZcHo/8DmSLGG5XOv
HhFiBF46sVPzzsp+Qfe13kxDWSzuznuvG/VKLjdXB0U5
-----END CERTIFICATE-----
Generated at Tue Nov 18 06:47:05 2025 by rpki-client