Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/16271914-dc77-4545-b526-a3ebfab5d63a.roa
File: 16271914-dc77-4545-b526-a3ebfab5d63a.roa (raw, json)
Hash identifier: ovTqLy3H76xdFeR5GA4pKxnqyWf+jLwCmuku9MJFb/Q=
Subject key identifier: 3E:4E:4E:5C:32:86:9B:2C:CA:E2:86:76:EF:25:01:7A:D5:9F:3C:D8
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 226FD99DB44211298DCDB01AA2B7DFDEEA5952B5
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/16271914-dc77-4545-b526-a3ebfab5d63a.roa
Signing time: Sun 17 May 2026 02:00:24 +0000
ROA not before: Sun 17 May 2026 02:00:24 +0000
ROA not after: Sat 15 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.224.192.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 May 2026 08:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:6f:d9:9d:b4:42:11:29:8d:cd:b0:1a:a2:b7:df:de:ea:59:52:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: May 17 02:00:24 2026 GMT
Not After : Aug 15 23:59:59 2026 GMT
Subject: serialNumber=b36521adeecf1f2e693859fbcf8412be6f6c254aee2b748ef4023e5a56c9e76d, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:56:c7:82:7e:27:eb:12:03:2a:1d:28:31:e8:
0e:5b:3f:cc:b4:84:e9:5d:09:84:37:d1:6c:9c:84:
6e:bb:ee:91:53:10:ec:77:df:1a:9c:79:d9:6b:f9:
e7:f3:09:0d:89:2a:62:e9:b7:d4:db:ce:b1:6b:8f:
11:2f:10:78:ff:28:85:d8:e5:a1:5f:f5:c1:4d:a8:
16:21:3e:98:8f:82:49:2b:35:c3:c6:f5:8f:35:20:
9f:15:ab:63:a0:3c:87:51:8a:7f:0f:82:0e:87:a7:
8a:a6:df:83:15:c8:0e:b3:53:89:a8:d6:39:89:1d:
e1:78:f9:9b:31:39:16:85:74:92:75:de:9a:73:14:
1f:1c:ca:70:09:01:85:3e:44:2d:ea:1c:9d:a4:16:
43:ca:c3:99:40:19:88:b9:1d:45:d1:87:10:57:4a:
05:48:37:dd:19:8d:8f:ca:05:12:42:5b:df:68:a6:
7e:07:2f:7a:02:ca:1a:6d:17:e9:2c:4a:27:58:f7:
c3:ab:5f:c1:69:57:53:04:44:47:5a:5d:35:51:ca:
42:23:93:39:36:e9:37:33:d1:cb:6e:55:e5:72:e8:
2a:50:1d:2f:9a:52:ac:31:79:ac:de:73:7d:33:0e:
db:d7:ba:5b:e2:50:1d:61:ce:78:e9:f4:f5:1d:63:
22:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:4E:4E:5C:32:86:9B:2C:CA:E2:86:76:EF:25:01:7A:D5:9F:3C:D8
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/16271914-dc77-4545-b526-a3ebfab5d63a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.224.192.0/23
Signature Algorithm: sha256WithRSAEncryption
38:0c:d9:a1:e9:40:02:fe:a8:1b:f8:6b:2b:1d:8c:33:73:0e:
c3:fd:b6:28:ce:10:73:1c:d2:2d:ff:03:59:17:60:53:5b:91:
72:f2:d1:60:7d:2a:c7:4c:20:b6:1b:5a:20:9f:4a:73:8f:85:
39:5c:4f:78:72:77:7e:19:f5:98:22:b6:93:bb:b6:64:f1:4d:
64:9d:ac:1a:ad:8b:59:5d:bb:35:f4:37:dc:64:77:3e:3e:f6:
d6:b6:97:d2:a6:c8:d9:14:fd:30:23:6b:6c:69:21:cb:1d:8e:
f5:29:df:23:9b:e8:02:66:63:32:f0:65:57:45:43:78:b1:13:
14:44:2a:32:64:98:ce:a9:71:ec:66:bc:17:03:28:94:23:4c:
0b:7c:a0:21:b6:b5:7f:30:24:5a:09:2c:ee:7c:19:78:cc:b6:
2b:af:b7:e2:b9:cd:10:7c:b2:c5:5a:22:cd:c8:c4:62:ab:a8:
38:49:91:cc:f0:d9:b7:78:b6:4e:a9:e7:b5:19:3f:b1:43:10:
f9:30:23:39:b3:82:49:d6:37:0b:33:91:33:fd:33:6f:6d:5a:
c2:12:4a:aa:40:ad:9b:61:c4:8a:1e:d1:c3:29:a4:ee:28:ea:
27:38:19:77:a5:65:5b:2a:ca:e3:62:19:ad:47:62:24:c7:f1:
1c:b9:92:13
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUIm/ZnbRCESmNzbAaorff3upZUrUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjA1MTcwMjAwMjRaFw0yNjA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGIzNjUyMWFkZWVjZjFmMmU2OTM4NTlmYmNmODQxMmJlNmY2YzI1NGFlZTJi
NzQ4ZWY0MDIzZTVhNTZjOWU3NmQxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKJWx4J+J+sSAyodKDHoDls/zLSE6V0JhDfRbJyEbrvukVMQ7HffGpx52Wv5
5/MJDYkqYum31NvOsWuPES8QeP8ohdjloV/1wU2oFiE+mI+CSSs1w8b1jzUgnxWr
Y6A8h1GKfw+CDoeniqbfgxXIDrNTiajWOYkd4Xj5mzE5FoV0knXemnMUHxzKcAkB
hT5ELeocnaQWQ8rDmUAZiLkdRdGHEFdKBUg33RmNj8oFEkJb32imfgcvegLKGm0X
6SxKJ1j3w6tfwWlXUwRER1pdNVHKQiOTOTbpNzPRy25V5XLoKlAdL5pSrDF5rN5z
fTMO29e6W+JQHWHOeOn09R1jIuECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ+Tk5c
MoabLMrihnbvJQF61Z882DAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
MTYyNzE5MTQtZGM3Ny00NTQ1LWI1MjYtYTNlYmZhYjVkNjNhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEATPgwDAN
BgkqhkiG9w0BAQsFAAOCAQEAOAzZoelAAv6oG/hrKx2MM3MOw/22KM4QcxzSLf8D
WRdgU1uRcvLRYH0qx0wgthtaIJ9Kc4+FOVxPeHJ3fhn1mCK2k7u2ZPFNZJ2sGq2L
WV27NfQ33GR3Pj721raX0qbI2RT9MCNrbGkhyx2O9SnfI5voAmZjMvBlV0VDeLET
FEQqMmSYzqlx7Ga8FwMolCNMC3ygIba1fzAkWgks7nwZeMy2K6+34rnNEHyyxVoi
zcjEYquoOEmRzPDZt3i2TqnntRk/sUMQ+TAjObOCSdY3CzORM/0zb21awhJKqkCt
m2HEih7Rwymk7ijqJzgZd6VlWyrK42IZrUdiJMfxHLmSEw==
-----END CERTIFICATE-----
Generated at Fri May 22 16:04:17 2026 by rpki-client