Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/4ba2e613-2f39-43d0-bd95-5a21ce239ff0.roa
File: 4ba2e613-2f39-43d0-bd95-5a21ce239ff0.roa (raw, json)
Hash identifier: e5yM59DnqmEn5y8JB2cSSlUH6k391qjisfrqbxhpzqI=
Subject key identifier: FC:69:38:70:C1:F1:A8:36:AB:07:AE:7B:7A:38:86:B8:43:1F:D5:06
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 746DB5CE9A281F5301F4A7192CB6040E5043B172
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/4ba2e613-2f39-43d0-bd95-5a21ce239ff0.roa
Signing time: Thu 13 Nov 2025 16:37:45 +0000
ROA not before: Thu 13 Nov 2025 16:37:45 +0000
ROA not after: Thu 18 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.224.182.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 18 Nov 2025 23:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:6d:b5:ce:9a:28:1f:53:01:f4:a7:19:2c:b6:04:0e:50:43:b1:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: Nov 13 16:37:45 2025 GMT
Not After : Dec 18 23:59:59 2025 GMT
Subject: serialNumber=22d39deee93747050dcdd9c1a300ce670077f476bd929f56c1f06a7e507ec723, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:59:5d:07:76:eb:50:74:84:65:92:29:a6:0d:
63:a8:11:f7:27:af:fc:a7:63:b7:23:3d:e3:ae:8b:
ed:10:e0:cc:2e:b4:c9:f3:42:3e:66:53:9f:b6:de:
84:66:f3:2e:d4:53:78:06:a3:37:02:61:d4:ea:e1:
06:97:fd:c8:86:ec:ff:f2:ec:e3:bf:3d:37:6c:56:
11:63:5a:5b:f8:47:08:2a:00:fb:a5:7b:b8:fe:48:
1f:05:71:2d:bb:99:82:3b:1e:18:59:12:8c:4e:cb:
7e:7f:58:93:d3:2b:b9:99:20:48:a0:d0:ee:f0:db:
c8:e1:30:88:2e:1a:07:46:56:57:9a:57:91:19:76:
f1:63:da:5c:b8:f5:87:3e:48:7e:39:ca:58:3b:db:
94:44:df:ec:33:cd:cd:a9:e4:82:f7:46:81:04:1c:
95:93:e5:3c:ac:e5:6c:38:18:60:85:10:31:82:1f:
a8:e6:3a:25:bd:fd:46:96:ed:b2:dd:5e:df:ab:6b:
88:3b:26:c9:05:73:9d:91:c8:bc:e3:4c:c2:e6:99:
55:e0:de:a7:0c:95:48:3c:5a:5b:32:41:38:0c:f7:
04:2e:cf:70:f6:ce:99:09:8e:cc:69:18:7f:87:ff:
b4:0a:26:3c:22:54:aa:db:4e:6a:67:3d:08:fd:65:
5e:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:69:38:70:C1:F1:A8:36:AB:07:AE:7B:7A:38:86:B8:43:1F:D5:06
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/4ba2e613-2f39-43d0-bd95-5a21ce239ff0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.224.182.0/23
Signature Algorithm: sha256WithRSAEncryption
52:42:92:e4:c0:e6:3a:d0:34:26:57:18:6c:63:ec:85:e8:8c:
52:18:0a:25:67:d8:a3:e1:92:3c:a4:eb:8a:a6:e0:ef:14:8d:
b3:0e:7f:57:4a:ac:72:c5:4d:7b:c3:ed:38:ae:08:4d:c4:de:
21:97:8c:96:2f:28:ef:b6:fd:40:c7:4c:b0:a0:14:c5:41:58:
73:1f:59:73:4c:6c:6f:45:ca:70:ff:c4:3b:20:a3:7f:3f:9e:
3a:b8:ae:9e:5e:5d:ae:46:92:50:0b:84:15:82:96:82:1d:3f:
7c:79:f8:bf:7f:25:90:be:13:6e:dd:54:e0:69:05:7e:7d:b8:
48:00:3e:29:6f:f3:be:71:5a:53:c4:03:ae:a0:0a:e6:95:33:
5e:09:f7:2d:33:3c:de:51:00:0e:8a:5b:20:02:36:62:ab:9d:
f0:68:99:bc:15:ba:c7:82:3c:0a:33:d6:65:d4:78:c4:27:a9:
83:d3:00:a0:85:cb:ac:0e:1a:49:45:4a:d6:3d:2c:e4:9a:78:
21:7d:3b:4a:5b:28:18:a9:ba:1b:5d:6b:74:f3:65:be:76:5a:
af:85:ee:dc:07:7f:32:22:7c:80:59:bf:ae:c8:bc:a0:7d:99:
d2:74:05:18:6a:22:81:88:0c:d0:81:a8:bb:ff:fb:bf:5e:42:
10:bf:69:a2
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUdG21zpooH1MB9KcZLLYEDlBDsXIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNTExMTMxNjM3NDVaFw0yNTEyMTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDIyZDM5ZGVlZTkzNzQ3MDUwZGNkZDljMWEzMDBjZTY3MDA3N2Y0NzZiZDky
OWY1NmMxZjA2YTdlNTA3ZWM3MjMxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMxZXQd261B0hGWSKaYNY6gR9yev/KdjtyM9466L7RDgzC60yfNCPmZTn7be
hGbzLtRTeAajNwJh1OrhBpf9yIbs//Ls4789N2xWEWNaW/hHCCoA+6V7uP5IHwVx
LbuZgjseGFkSjE7Lfn9Yk9MruZkgSKDQ7vDbyOEwiC4aB0ZWV5pXkRl28WPaXLj1
hz5IfjnKWDvblETf7DPNzankgvdGgQQclZPlPKzlbDgYYIUQMYIfqOY6Jb39Rpbt
st1e36triDsmyQVznZHIvONMwuaZVeDepwyVSDxaWzJBOAz3BC7PcPbOmQmOzGkY
f4f/tAomPCJUqttOamc9CP1lXucCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT8aThw
wfGoNqsHrnt6OIa4Qx/VBjAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
NGJhMmU2MTMtMmYzOS00M2QwLWJkOTUtNWEyMWNlMjM5ZmYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEATPgtjAN
BgkqhkiG9w0BAQsFAAOCAQEAUkKS5MDmOtA0JlcYbGPsheiMUhgKJWfYo+GSPKTr
iqbg7xSNsw5/V0qscsVNe8PtOK4ITcTeIZeMli8o77b9QMdMsKAUxUFYcx9Zc0xs
b0XKcP/EOyCjfz+eOriunl5drkaSUAuEFYKWgh0/fHn4v38lkL4Tbt1U4GkFfn24
SAA+KW/zvnFaU8QDrqAK5pUzXgn3LTM83lEADopbIAI2Yqud8GiZvBW6x4I8CjPW
ZdR4xCepg9MAoIXLrA4aSUVK1j0s5Jp4IX07SlsoGKm6G11rdPNlvnZar4Xu3Ad/
MiJ8gFm/rsi8oH2Z0nQFGGoigYgM0IGou//7v15CEL9pog==
-----END CERTIFICATE-----
Generated at Tue Nov 18 06:46:00 2025 by rpki-client