Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/de6a2853-3803-405e-9bac-2b96eb87582d.roa
File: de6a2853-3803-405e-9bac-2b96eb87582d.roa (raw, json)
Hash identifier: 1ATZx/d5iP05nRoQCg5NDinVfNk7KVi74gu9OWtsVJU=
Subject key identifier: E4:A9:20:7A:47:7B:7C:91:2F:F2:62:D2:63:95:46:26:DF:A5:C9:3A
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 591653DE5CD0D994193312734626A872BEB70DF7
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/de6a2853-3803-405e-9bac-2b96eb87582d.roa
Signing time: Thu 13 Nov 2025 16:21:51 +0000
ROA not before: Thu 13 Nov 2025 16:21:51 +0000
ROA not after: Thu 18 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.30.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 18 Nov 2025 21:55:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:16:53:de:5c:d0:d9:94:19:33:12:73:46:26:a8:72:be:b7:0d:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: Nov 13 16:21:51 2025 GMT
Not After : Dec 18 23:59:59 2025 GMT
Subject: serialNumber=9a17c84dee1bf6845c16b7f8d4b3269c8300a8a2efe764bdbfbb57a47d189b40, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:b7:b2:fe:c1:64:e9:17:e6:3e:4c:28:3e:3d:
ca:03:c5:6a:7a:57:e3:38:27:7b:d4:dd:f4:62:b2:
43:a2:e1:21:a7:d6:d6:52:46:59:8d:79:a9:4c:56:
5f:fa:b6:a1:69:6b:c4:45:19:76:5b:c7:74:1a:ee:
ce:96:f1:f3:62:c2:4e:83:44:ee:53:8a:e1:da:a7:
ec:00:f6:d3:4c:95:f3:f1:c4:3d:38:80:92:5e:b5:
c8:52:1a:a1:41:d1:74:78:8d:bf:ba:a5:75:90:a8:
72:cf:22:b9:6a:5b:81:4f:ba:60:21:2d:59:cf:34:
12:eb:74:18:d7:d8:e1:d7:df:ec:67:d7:5a:9c:76:
2c:e0:9b:35:78:99:2e:0a:f5:a9:52:ee:dd:29:04:
17:a1:11:0a:a9:11:5a:9e:4d:b1:b4:47:df:a3:23:
b7:71:65:11:a9:b0:d0:58:89:a2:07:16:e8:da:cf:
08:85:a3:96:1a:d9:45:2c:0a:7e:65:b6:fc:9e:d9:
bc:6d:83:99:72:34:2a:0f:76:48:6f:ac:4d:5f:b4:
3f:49:71:0d:76:6c:fb:d8:d3:06:0f:35:2a:c3:13:
63:ad:be:49:e0:dd:e1:05:89:da:00:c8:5a:db:2f:
66:c0:17:28:f5:53:c6:98:31:ee:ff:1a:91:e1:c2:
dc:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:A9:20:7A:47:7B:7C:91:2F:F2:62:D2:63:95:46:26:DF:A5:C9:3A
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/de6a2853-3803-405e-9bac-2b96eb87582d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.30.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:c4:06:a7:6b:3e:d0:43:fb:98:48:81:8a:ae:ec:9e:91:ac:
7b:5d:bf:54:3c:ae:6f:af:9e:56:93:17:77:13:75:fa:ab:fd:
bb:61:03:a1:85:a5:a6:4b:a4:31:d6:7f:d0:91:e6:73:cb:29:
ba:b5:3c:f1:f0:2d:05:6c:f8:8d:fa:24:8a:c8:95:58:8b:c5:
07:41:62:4e:9a:fe:58:3e:7c:7b:57:63:65:09:1c:6d:50:9c:
bc:59:a2:77:c0:d6:ff:47:27:55:a9:7a:b0:f9:c6:78:a5:4f:
ce:97:8f:db:c9:fe:ef:d1:29:0d:bf:20:cf:83:4f:db:e5:6b:
42:b0:74:64:3b:5f:6a:71:f3:e6:cb:76:6d:b4:0e:d5:77:19:
37:6c:2e:f2:65:d8:3d:e6:7d:08:61:c8:80:d3:b0:77:d7:57:
e7:93:b3:e8:49:99:dc:c2:6c:cd:d2:23:c9:40:f2:17:0a:dc:
f7:29:96:bd:1d:8e:fa:a5:ce:f6:5c:74:98:dc:c4:8d:d7:e6:
09:27:af:9d:32:fc:9d:f5:cc:90:0e:89:ee:39:2d:d1:23:12:
d0:aa:55:21:38:e3:07:20:62:ed:fe:51:90:43:82:00:67:ef:
99:f7:75:06:ab:ba:f0:d1:82:e7:72:05:ce:de:2f:2b:51:22:
11:a3:c5:05
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUWRZT3lzQ2ZQZMxJzRiaocr63DfcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNTExMTMxNjIxNTFaFw0yNTEyMTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDlhMTdjODRkZWUxYmY2ODQ1YzE2YjdmOGQ0YjMyNjljODMwMGE4YTJlZmU3
NjRiZGJmYmI1N2E0N2QxODliNDAxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN23sv7BZOkX5j5MKD49ygPFanpX4zgne9Td9GKyQ6LhIafW1lJGWY15qUxW
X/q2oWlrxEUZdlvHdBruzpbx82LCToNE7lOK4dqn7AD200yV8/HEPTiAkl61yFIa
oUHRdHiNv7qldZCocs8iuWpbgU+6YCEtWc80Eut0GNfY4dff7GfXWpx2LOCbNXiZ
Lgr1qVLu3SkEF6ERCqkRWp5NsbRH36Mjt3FlEamw0FiJogcW6NrPCIWjlhrZRSwK
fmW2/J7ZvG2DmXI0Kg92SG+sTV+0P0lxDXZs+9jTBg81KsMTY62+SeDd4QWJ2gDI
WtsvZsAXKPVTxpgx7v8akeHC3FsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTkqSB6
R3t8kS/yYtJjlUYm36XJOjAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
ZGU2YTI4NTMtMzgwMy00MDVlLTliYWMtMmI5NmViODc1ODJkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADMAHjAN
BgkqhkiG9w0BAQsFAAOCAQEAKsQGp2s+0EP7mEiBiq7snpGse12/VDyub6+eVpMX
dxN1+qv9u2EDoYWlpkukMdZ/0JHmc8spurU88fAtBWz4jfokisiVWIvFB0FiTpr+
WD58e1djZQkcbVCcvFmid8DW/0cnVal6sPnGeKVPzpeP28n+79EpDb8gz4NP2+Vr
QrB0ZDtfanHz5st2bbQO1XcZN2wu8mXYPeZ9CGHIgNOwd9dX55Oz6EmZ3MJszdIj
yUDyFwrc9ymWvR2O+qXO9lx0mNzEjdfmCSevnTL8nfXMkA6J7jkt0SMS0KpVITjj
ByBi7f5RkEOCAGfvmfd1Bqu68NGC53IFzt4vK1EiEaPFBQ==
-----END CERTIFICATE-----
Generated at Tue Nov 18 05:39:15 2025 by rpki-client