Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/736aa60e-d4e2-4ca5-b96b-c64d8fa18dc1.roa
File: 736aa60e-d4e2-4ca5-b96b-c64d8fa18dc1.roa (raw, json)
Hash identifier: 6pt2X7OtaKkzqzZCk4fMY/YcuxE4B8UiHTuY432VG+E=
Subject key identifier: 35:3A:74:F3:BB:C4:D4:A0:3F:C7:97:D8:96:DD:26:5F:7D:56:C9:77
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 33DF5AC49B2DEB8FF382A2BD6A0A2386747EBC31
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/736aa60e-d4e2-4ca5-b96b-c64d8fa18dc1.roa
Signing time: Thu 13 Nov 2025 16:37:45 +0000
ROA not before: Thu 13 Nov 2025 16:37:45 +0000
ROA not after: Thu 18 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.224.186.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 18 Nov 2025 23:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:df:5a:c4:9b:2d:eb:8f:f3:82:a2:bd:6a:0a:23:86:74:7e:bc:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: Nov 13 16:37:45 2025 GMT
Not After : Dec 18 23:59:59 2025 GMT
Subject: serialNumber=cb2663304b12faee8bb8873057dc574a528ef0f9f89414d97e4f33b7afce1f2c, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:60:1b:1f:76:25:be:1c:ea:bc:bf:9f:ce:88:
13:48:d0:68:f6:d4:18:2d:e0:be:17:57:b5:b3:3b:
52:50:5e:61:ce:c6:eb:10:18:c8:38:43:9c:34:4f:
bd:ad:78:4f:6f:42:93:9e:ff:60:50:78:e3:18:4f:
27:ff:17:eb:8d:81:7b:6f:b7:49:09:10:fb:e1:a7:
14:49:81:7d:16:c6:20:48:b8:10:d4:2e:e0:ad:46:
14:03:3b:27:83:33:b7:f2:81:0b:ab:90:04:2c:d7:
12:55:3b:b7:5a:33:95:2b:09:0e:06:ac:f6:5c:c3:
8d:3c:02:7d:d1:0c:77:32:be:d4:25:5c:74:61:0e:
23:21:77:b8:56:75:a3:04:38:35:81:91:cc:e1:83:
62:6b:e3:a7:c1:b0:5d:aa:25:7c:30:75:b0:aa:87:
c9:95:ed:dd:c5:3f:13:f2:9f:6a:63:5f:f1:af:c9:
c7:89:79:65:d9:9b:67:9d:d6:d2:e3:df:cc:75:9b:
06:5e:5e:cd:2a:e9:2c:a3:b1:07:f6:c7:5c:37:50:
4e:75:de:56:3e:48:05:be:f7:9c:b9:ec:04:d8:c6:
df:db:39:e9:ea:ad:b4:9d:74:59:08:44:e6:86:ed:
69:08:3f:83:f2:0d:ad:c8:45:64:d0:7c:a4:27:28:
ce:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:3A:74:F3:BB:C4:D4:A0:3F:C7:97:D8:96:DD:26:5F:7D:56:C9:77
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/736aa60e-d4e2-4ca5-b96b-c64d8fa18dc1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.224.186.0/23
Signature Algorithm: sha256WithRSAEncryption
45:9b:2e:48:96:a2:39:21:d9:fd:a0:99:7a:ce:48:5d:b0:2e:
fd:75:38:47:b8:b5:ec:5f:d3:21:87:ad:90:54:24:c2:a9:e8:
10:ec:21:29:6e:14:ae:f4:da:c1:88:fc:35:7b:46:45:70:5c:
e1:e0:e9:a2:b8:83:69:42:d0:91:a8:2e:b9:68:eb:19:e5:09:
d4:24:6c:e8:15:f8:5a:4e:de:da:d5:7e:6b:87:ca:05:89:d8:
03:b3:c8:99:df:5b:64:56:fb:8b:6e:98:0a:4e:bf:bc:d2:dc:
df:58:e2:33:f7:b1:7f:8a:0a:d6:6b:62:49:27:10:c1:cb:50:
33:8c:24:f8:3a:4f:36:d6:07:12:81:9b:57:36:0c:fd:35:99:
a5:d1:98:7c:46:66:4e:bd:03:1e:c8:96:48:c4:53:f8:9a:fb:
39:2d:b9:2a:fb:0b:7d:e8:d3:e4:6f:cc:df:bb:f9:3a:ea:60:
c5:59:c0:f4:bd:5f:fa:2e:71:76:c5:d6:ee:e5:3b:bf:32:e7:
52:eb:08:5e:df:bc:a6:a9:34:51:02:70:a8:36:a5:ec:26:3b:
88:35:b7:e9:6a:d7:2e:cc:0f:7e:87:68:c7:4b:cc:4d:80:b2:
b1:bf:0c:57:38:04:f8:37:6f:42:40:a0:bb:02:23:c3:94:a3:
91:bc:f3:b7
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUM99axJst64/zgqK9agojhnR+vDEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNTExMTMxNjM3NDVaFw0yNTEyMTgyMzU5NTlaMHoxSTBHBgNV
BAUTQGNiMjY2MzMwNGIxMmZhZWU4YmI4ODczMDU3ZGM1NzRhNTI4ZWYwZjlmODk0
MTRkOTdlNGYzM2I3YWZjZTFmMmMxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMlgGx92Jb4c6ry/n86IE0jQaPbUGC3gvhdXtbM7UlBeYc7G6xAYyDhDnDRP
va14T29Ck57/YFB44xhPJ/8X642Be2+3SQkQ++GnFEmBfRbGIEi4ENQu4K1GFAM7
J4Mzt/KBC6uQBCzXElU7t1ozlSsJDgas9lzDjTwCfdEMdzK+1CVcdGEOIyF3uFZ1
owQ4NYGRzOGDYmvjp8GwXaolfDB1sKqHyZXt3cU/E/KfamNf8a/Jx4l5ZdmbZ53W
0uPfzHWbBl5ezSrpLKOxB/bHXDdQTnXeVj5IBb73nLnsBNjG39s56eqttJ10WQhE
5obtaQg/g/INrchFZNB8pCcozmkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ1OnTz
u8TUoD/Hl9iW3SZffVbJdzAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
NzM2YWE2MGUtZDRlMi00Y2E1LWI5NmItYzY0ZDhmYTE4ZGMxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEATPgujAN
BgkqhkiG9w0BAQsFAAOCAQEARZsuSJaiOSHZ/aCZes5IXbAu/XU4R7i17F/TIYet
kFQkwqnoEOwhKW4UrvTawYj8NXtGRXBc4eDporiDaULQkaguuWjrGeUJ1CRs6BX4
Wk7e2tV+a4fKBYnYA7PImd9bZFb7i26YCk6/vNLc31jiM/exf4oK1mtiSScQwctQ
M4wk+DpPNtYHEoGbVzYM/TWZpdGYfEZmTr0DHsiWSMRT+Jr7OS25KvsLfejT5G/M
37v5OupgxVnA9L1f+i5xdsXW7uU7vzLnUusIXt+8pqk0UQJwqDal7CY7iDW36WrX
LswPfodox0vMTYCysb8MVzgE+DdvQkCguwIjw5Sjkbzztw==
-----END CERTIFICATE-----
Generated at Tue Nov 18 07:59:09 2025 by rpki-client