Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/566f9159-e271-4224-9cc9-33a554331509.roa
File: 566f9159-e271-4224-9cc9-33a554331509.roa (raw, json)
Hash identifier: 1sKtEgZ3H//juqIT1s9zJPZrNy7HDDDuzffwUQU2PyA=
Subject key identifier: 73:0F:B9:A3:C4:6A:22:AE:98:1A:E6:FD:23:DD:73:82:DF:FF:A9:FC
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 5B3F56533F439860E7F5999A08441FE653342CA3
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/566f9159-e271-4224-9cc9-33a554331509.roa
Signing time: Thu 13 Nov 2025 16:21:51 +0000
ROA not before: Thu 13 Nov 2025 16:21:51 +0000
ROA not after: Thu 18 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.0.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 18 Nov 2025 23:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:3f:56:53:3f:43:98:60:e7:f5:99:9a:08:44:1f:e6:53:34:2c:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: Nov 13 16:21:51 2025 GMT
Not After : Dec 18 23:59:59 2025 GMT
Subject: serialNumber=e138dbe9424aa18ab2e626257103ab524e26d7c8288a24a8d011c562ae4a3d74, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:35:9f:cb:44:a9:bd:bd:b6:81:a4:49:ab:d7:
bc:02:ba:df:1d:91:53:b4:2f:56:47:a5:16:d0:10:
f3:db:da:11:4c:bb:66:c5:78:4d:82:0d:6a:db:1f:
b6:ee:f1:8d:d5:e6:dc:c8:5d:63:18:55:c9:2a:36:
f2:1d:d2:e0:58:bf:b0:c8:d8:0d:e3:ba:9e:cd:bd:
0e:df:23:c9:dd:d1:f9:27:bb:7b:fe:86:be:0a:05:
38:4c:69:2d:58:0a:6f:35:cc:8b:d6:be:c7:f7:09:
bf:e9:7c:e8:b9:fc:0e:ce:82:88:40:ca:13:5b:a8:
b5:93:58:c8:31:b1:e7:12:3d:4c:06:4d:be:68:84:
16:c4:4c:0c:72:a6:f0:c1:51:6a:4c:d4:59:82:32:
fa:93:a2:b2:55:47:e4:0f:9d:1d:84:b6:68:63:17:
5a:d2:f0:f4:c6:d2:fb:38:8b:c1:ae:07:ed:08:40:
84:3d:50:f9:02:3f:5b:ad:1e:a1:3c:1c:9b:71:3d:
19:a1:3f:48:ca:71:95:dd:c4:7c:ff:67:84:f7:f0:
40:d3:fb:c4:95:d9:cf:ee:56:76:26:0b:c5:18:e4:
7d:65:fc:cb:f0:85:a3:dd:22:35:bb:b4:b3:18:58:
07:43:6d:7b:42:94:cf:a3:41:42:b9:ec:ee:f4:8f:
90:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:0F:B9:A3:C4:6A:22:AE:98:1A:E6:FD:23:DD:73:82:DF:FF:A9:FC
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/566f9159-e271-4224-9cc9-33a554331509.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.0.0/19
Signature Algorithm: sha256WithRSAEncryption
8e:41:1e:68:18:9f:83:c3:94:30:5d:fb:16:7b:8e:d9:1c:48:
2c:0b:cf:11:f6:29:bb:ce:54:2c:db:89:f0:2b:d9:4e:73:83:
8c:28:f0:8a:2f:07:fc:0a:b0:51:17:cb:e5:d0:1b:a6:31:d3:
f1:84:eb:bd:cf:10:5b:e0:cd:cc:d4:b2:bf:4a:b3:7d:0b:c8:
8e:61:e6:ea:ce:a1:ff:3e:89:50:90:1b:cf:31:09:27:55:24:
12:2a:c9:6d:c7:d0:eb:ab:07:b0:af:08:b3:d2:14:d1:57:c8:
db:27:b4:17:cf:16:ac:df:c7:b6:be:a8:25:13:fc:f9:14:99:
1b:9d:be:2a:fa:94:6d:fe:fb:81:8b:c2:40:5b:a5:2b:6b:0e:
fd:21:f9:ce:e1:93:c1:ac:1c:3b:4e:6f:9a:4c:d2:3d:b4:0b:
3e:31:a7:9a:b3:a0:8f:4c:d7:b2:10:7e:98:c8:75:4b:57:f9:
4c:cd:d5:90:70:a5:1e:7f:bb:ad:61:5f:49:5c:b9:ab:78:9a:
7c:f3:12:8a:9e:c7:b5:31:f9:cc:c2:c3:29:ae:ea:86:fa:b8:
a1:8b:1f:51:b3:20:b0:a0:80:94:e0:7d:3b:25:b2:e3:06:d6:
ae:da:98:84:95:fe:fc:77:48:c7:fd:67:b1:b3:77:a3:68:83:
ff:f4:88:a6
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUWz9WUz9DmGDn9ZmaCEQf5lM0LKMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNTExMTMxNjIxNTFaFw0yNTEyMTgyMzU5NTlaMHoxSTBHBgNV
BAUTQGUxMzhkYmU5NDI0YWExOGFiMmU2MjYyNTcxMDNhYjUyNGUyNmQ3YzgyODhh
MjRhOGQwMTFjNTYyYWU0YTNkNzQxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANE1n8tEqb29toGkSavXvAK63x2RU7QvVkelFtAQ89vaEUy7ZsV4TYINatsf
tu7xjdXm3MhdYxhVySo28h3S4Fi/sMjYDeO6ns29Dt8jyd3R+Se7e/6GvgoFOExp
LVgKbzXMi9a+x/cJv+l86Ln8Ds6CiEDKE1uotZNYyDGx5xI9TAZNvmiEFsRMDHKm
8MFRakzUWYIy+pOislVH5A+dHYS2aGMXWtLw9MbS+ziLwa4H7QhAhD1Q+QI/W60e
oTwcm3E9GaE/SMpxld3EfP9nhPfwQNP7xJXZz+5WdiYLxRjkfWX8y/CFo90iNbu0
sxhYB0Nte0KUz6NBQrns7vSPkKsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRzD7mj
xGoirpga5v0j3XOC3/+p/DAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
NTY2ZjkxNTktZTI3MS00MjI0LTljYzktMzNhNTU0MzMxNTA5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBTMAADAN
BgkqhkiG9w0BAQsFAAOCAQEAjkEeaBifg8OUMF37FnuO2RxILAvPEfYpu85ULNuJ
8CvZTnODjCjwii8H/AqwURfL5dAbpjHT8YTrvc8QW+DNzNSyv0qzfQvIjmHm6s6h
/z6JUJAbzzEJJ1UkEirJbcfQ66sHsK8Is9IU0VfI2ye0F88WrN/Htr6oJRP8+RSZ
G52+KvqUbf77gYvCQFulK2sO/SH5zuGTwawcO05vmkzSPbQLPjGnmrOgj0zXshB+
mMh1S1f5TM3VkHClHn+7rWFfSVy5q3iafPMSip7HtTH5zMLDKa7qhvq4oYsfUbMg
sKCAlOB9OyWy4wbWrtqYhJX+/HdIx/1nsbN3o2iD//SIpg==
-----END CERTIFICATE-----
Generated at Tue Nov 18 05:44:06 2025 by rpki-client