Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/01b25f37-a868-47f9-bc61-95397088dcdf.roa
File: 01b25f37-a868-47f9-bc61-95397088dcdf.roa (raw, json)
Hash identifier: zwHzqX27bNRGW+Y70I7QYZqmZgIHb+BWNz/h3aQm0uw=
Subject key identifier: 62:66:97:AA:29:C4:42:39:CD:D7:8B:E9:A3:50:B8:A5:A7:3D:06:9B
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 69B8AA2DE8265293A4FD69D0873794201FF9CCC1
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/01b25f37-a868-47f9-bc61-95397088dcdf.roa
Signing time: Sun 17 May 2026 02:00:07 +0000
ROA not before: Sun 17 May 2026 02:00:07 +0000
ROA not after: Sat 15 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.224.190.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 May 2026 08:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:b8:aa:2d:e8:26:52:93:a4:fd:69:d0:87:37:94:20:1f:f9:cc:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: May 17 02:00:07 2026 GMT
Not After : Aug 15 23:59:59 2026 GMT
Subject: serialNumber=5c00782b7ded4df648f7d7ee4ec4a97be182dd6e3f6eee8d2b3209f9de0c7747, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:0f:d7:35:79:ef:2e:70:fa:49:e4:e3:be:1d:
1a:57:e8:cc:49:cf:3d:d6:dd:a9:0a:24:d6:9b:95:
32:5f:b3:98:3b:1e:15:2c:5c:af:67:c3:86:3c:f7:
86:f2:68:61:63:27:f1:a6:d7:97:b2:74:cd:60:74:
50:ce:fd:5d:83:b5:69:89:c5:e7:1e:8b:d1:9e:6a:
49:1b:04:ce:36:33:31:74:85:63:d7:61:ec:9a:87:
cd:19:f4:77:3d:35:e4:a3:67:f7:fc:58:c8:21:81:
ba:95:76:65:92:c5:c3:bb:9d:c6:00:10:95:89:e9:
ac:a5:21:62:09:14:29:de:31:9d:2e:89:ed:db:bd:
86:ea:6b:56:f9:b4:30:6e:c8:4c:30:78:9e:90:0b:
cc:8a:d8:5f:4e:2b:5a:a0:5e:ad:30:bd:8f:19:91:
f0:57:6b:76:cf:eb:61:ce:40:bc:2f:84:7f:0e:1e:
85:37:43:ca:9c:64:b3:6b:15:83:7c:78:2b:ec:6d:
5a:c3:e7:f0:10:e0:8d:79:b5:44:71:18:ce:90:1c:
13:ec:f4:11:72:5f:da:49:81:ca:08:3c:8d:86:47:
4a:c2:06:4c:3d:8c:21:94:2c:82:c3:a0:e6:ca:82:
4c:4f:ba:f0:80:15:a5:87:ec:d4:e0:92:68:30:6f:
98:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:66:97:AA:29:C4:42:39:CD:D7:8B:E9:A3:50:B8:A5:A7:3D:06:9B
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/01b25f37-a868-47f9-bc61-95397088dcdf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.224.190.0/23
Signature Algorithm: sha256WithRSAEncryption
8a:7c:f2:ce:ee:b4:94:8e:56:48:1f:01:8c:25:0e:ca:04:e9:
d5:8b:08:f7:13:8f:76:b4:ee:8f:eb:e8:f9:ac:6b:14:d6:da:
ea:bc:5b:47:fb:01:f4:71:62:52:5a:6c:62:dc:dd:22:40:fc:
f7:8d:3b:13:e2:f5:64:21:55:a1:1e:e7:65:36:f4:40:d3:54:
82:60:07:a2:65:df:70:53:9b:ed:8c:67:60:74:ea:79:a6:11:
db:30:a0:e3:e7:d4:b3:53:26:1b:99:b4:0f:ec:32:a0:ce:6c:
fa:c8:4a:60:24:63:7b:68:f9:2d:34:6c:54:60:fd:72:56:9a:
41:f7:c6:fd:9e:06:a6:93:31:e0:76:9f:eb:d6:23:c6:86:6e:
d3:77:2d:63:b2:e5:b5:7a:d3:9c:ca:98:53:82:75:1a:8f:49:
50:e2:f4:f7:b3:d4:04:3b:f6:95:4a:09:ce:94:2c:22:e1:b7:
7c:88:aa:3a:aa:75:0d:4e:00:f7:39:73:c2:74:ad:52:55:0d:
21:52:e4:42:3f:38:0e:93:ca:85:27:e9:96:22:1a:f8:20:cf:
eb:42:f8:4a:4d:2c:dc:54:29:48:a6:a1:6d:fc:f0:0a:f5:14:
89:65:71:c7:ed:01:36:6c:0b:47:97:57:87:96:70:d3:48:96:
de:e4:34:bf
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUabiqLegmUpOk/WnQhzeUIB/5zMEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjA1MTcwMjAwMDdaFw0yNjA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDVjMDA3ODJiN2RlZDRkZjY0OGY3ZDdlZTRlYzRhOTdiZTE4MmRkNmUzZjZl
ZWU4ZDJiMzIwOWY5ZGUwYzc3NDcxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMcP1zV57y5w+knk474dGlfozEnPPdbdqQok1puVMl+zmDseFSxcr2fDhjz3
hvJoYWMn8abXl7J0zWB0UM79XYO1aYnF5x6L0Z5qSRsEzjYzMXSFY9dh7JqHzRn0
dz015KNn9/xYyCGBupV2ZZLFw7udxgAQlYnprKUhYgkUKd4xnS6J7du9huprVvm0
MG7ITDB4npALzIrYX04rWqBerTC9jxmR8Fdrds/rYc5AvC+Efw4ehTdDypxks2sV
g3x4K+xtWsPn8BDgjXm1RHEYzpAcE+z0EXJf2kmBygg8jYZHSsIGTD2MIZQsgsOg
5sqCTE+68IAVpYfs1OCSaDBvmD0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRiZpeq
KcRCOc3Xi+mjULilpz0GmzAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
MDFiMjVmMzctYTg2OC00N2Y5LWJjNjEtOTUzOTcwODhkY2RmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEATPgvjAN
BgkqhkiG9w0BAQsFAAOCAQEAinzyzu60lI5WSB8BjCUOygTp1YsI9xOPdrTuj+vo
+axrFNba6rxbR/sB9HFiUlpsYtzdIkD89407E+L1ZCFVoR7nZTb0QNNUgmAHomXf
cFOb7YxnYHTqeaYR2zCg4+fUs1MmG5m0D+wyoM5s+shKYCRje2j5LTRsVGD9claa
QffG/Z4GppMx4Haf69YjxoZu03ctY7LltXrTnMqYU4J1Go9JUOL097PUBDv2lUoJ
zpQsIuG3fIiqOqp1DU4A9zlzwnStUlUNIVLkQj84DpPKhSfpliIa+CDP60L4Sk0s
3FQpSKahbfzwCvUUiWVxx+0BNmwLR5dXh5Zw00iW3uQ0vw==
-----END CERTIFICATE-----
Generated at Fri May 22 16:04:15 2026 by rpki-client