Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/28dd94b2-8e51-494f-9933-f9f2e07c6aa1.roa
File: 28dd94b2-8e51-494f-9933-f9f2e07c6aa1.roa (raw, json)
Hash identifier: H2f4vIS168ZRwLgzZTHULX3UbCRCUp7qe1mjILD3svM=
Subject key identifier: 6C:4C:69:F2:88:10:EB:C6:5D:02:AF:36:8C:5B:19:6B:49:9A:1F:48
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 5FFF733714B9920D5CF56EFC21F026EFFDF5FDB7
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/28dd94b2-8e51-494f-9933-f9f2e07c6aa1.roa
Signing time: Sun 17 May 2026 02:00:03 +0000
ROA not before: Sun 17 May 2026 02:00:03 +0000
ROA not after: Sat 15 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.224.0.0/15 maxlen: 15
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 May 2026 17:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:ff:73:37:14:b9:92:0d:5c:f5:6e:fc:21:f0:26:ef:fd:f5:fd:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: May 17 02:00:03 2026 GMT
Not After : Aug 15 23:59:59 2026 GMT
Subject: serialNumber=f62da2f2b7123e12395abb5073fa6e7a4c09d07e2fcf4034813b9de38fcbdb26, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:b6:2d:13:96:f2:4a:30:d5:f7:ac:23:b8:c4:
65:a9:99:65:07:aa:ca:a7:17:27:c3:0b:74:2a:29:
cd:52:83:73:94:44:16:b4:63:d6:fb:67:9f:89:3d:
56:85:c4:2a:88:94:16:bf:55:a1:b2:35:4d:88:8b:
6b:db:8c:31:88:ba:fd:08:8d:6f:b9:37:8d:af:37:
cf:2b:28:e6:a0:78:a3:a7:8a:ff:88:c2:b9:9d:85:
1f:28:ae:82:dd:57:7c:fb:2d:85:5e:78:bd:6b:6f:
3e:5e:0e:a7:b3:5c:59:ae:ab:be:c9:01:92:db:2e:
f1:7f:09:bb:c0:20:94:cc:ba:0f:18:cc:89:c6:da:
8b:0c:d0:f1:6e:50:0b:70:f9:b3:65:4a:c2:16:1c:
16:1c:75:06:e4:65:60:27:a1:24:5f:d5:87:ff:3e:
22:c0:17:29:e9:62:8a:ab:e6:39:40:2c:8d:64:bf:
1b:0e:54:31:dd:26:fb:5b:6b:c8:8d:21:61:9c:ed:
d7:de:2b:1c:63:b1:27:74:f7:77:d5:a8:19:82:b1:
25:09:21:02:8c:25:78:5b:72:59:53:a2:c5:50:b4:
66:fa:36:e8:0b:37:fb:2e:15:91:3c:74:1a:bf:4a:
d1:c2:d6:cf:a4:52:80:60:fa:fb:73:c0:2d:8a:25:
54:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:4C:69:F2:88:10:EB:C6:5D:02:AF:36:8C:5B:19:6B:49:9A:1F:48
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/28dd94b2-8e51-494f-9933-f9f2e07c6aa1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.224.0.0/15
Signature Algorithm: sha256WithRSAEncryption
ba:bd:ed:43:55:d2:72:ec:f4:25:33:fa:a0:89:0d:81:e9:70:
24:ce:a6:86:24:fa:c2:96:ef:63:dc:45:10:c3:51:6f:c5:49:
f2:19:5f:f9:1e:d8:58:0a:17:2b:6b:3b:04:a5:6d:23:17:0d:
6a:eb:dd:88:03:72:23:8b:fa:17:94:42:a2:72:e3:e2:5a:b3:
7c:1a:44:4a:ad:71:53:c3:6c:74:77:60:e1:9c:11:f5:24:8d:
2b:b9:17:74:43:cc:a3:2c:89:7f:13:e9:b0:c5:a5:b1:87:18:
64:d6:a0:fa:a1:1d:40:4d:3a:36:2c:ac:49:6b:00:df:dd:f5:
f8:a2:40:7f:2d:ce:68:bb:60:27:0f:6c:fd:c0:17:9e:fa:87:
b3:15:23:9f:7c:f7:58:8f:6e:14:6a:51:a6:1b:85:cb:05:45:
f7:8b:3f:d2:80:18:cd:b6:79:26:51:26:c3:d1:5b:6c:2b:62:
a5:2b:03:73:f3:38:99:17:f3:b3:f3:f1:49:d3:24:3a:1f:91:
e9:11:c0:cc:39:f0:93:d5:46:86:20:ce:e7:be:71:ac:6d:3c:
83:26:b6:38:54:18:09:94:cf:28:c3:65:f5:8c:5c:00:3a:d0:
47:7a:b2:00:0e:1e:be:df:60:de:09:a1:9c:7c:6b:4a:22:85:
42:7e:6e:2f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUX/9zNxS5kg1c9W78IfAm7/31/bcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjA1MTcwMjAwMDNaFw0yNjA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGY2MmRhMmYyYjcxMjNlMTIzOTVhYmI1MDczZmE2ZTdhNGMwOWQwN2UyZmNm
NDAzNDgxM2I5ZGUzOGZjYmRiMjYxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOa2LROW8kow1fesI7jEZamZZQeqyqcXJ8MLdCopzVKDc5REFrRj1vtnn4k9
VoXEKoiUFr9VobI1TYiLa9uMMYi6/QiNb7k3ja83zyso5qB4o6eK/4jCuZ2FHyiu
gt1XfPsthV54vWtvPl4Op7NcWa6rvskBktsu8X8Ju8AglMy6DxjMicbaiwzQ8W5Q
C3D5s2VKwhYcFhx1BuRlYCehJF/Vh/8+IsAXKeliiqvmOUAsjWS/Gw5UMd0m+1tr
yI0hYZzt194rHGOxJ3T3d9WoGYKxJQkhAowleFtyWVOixVC0Zvo26As3+y4VkTx0
Gr9K0cLWz6RSgGD6+3PALYolVIkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRsTGny
iBDrxl0CrzaMWxlrSZofSDAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
MjhkZDk0YjItOGU1MS00OTRmLTk5MzMtZjlmMmUwN2M2YWExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPgMA0G
CSqGSIb3DQEBCwUAA4IBAQC6ve1DVdJy7PQlM/qgiQ2B6XAkzqaGJPrClu9j3EUQ
w1FvxUnyGV/5HthYChcrazsEpW0jFw1q692IA3Iji/oXlEKicuPiWrN8GkRKrXFT
w2x0d2DhnBH1JI0ruRd0Q8yjLIl/E+mwxaWxhxhk1qD6oR1ATTo2LKxJawDf3fX4
okB/Lc5ou2AnD2z9wBee+oezFSOffPdYj24UalGmG4XLBUX3iz/SgBjNtnkmUSbD
0VtsK2KlKwNz8ziZF/Oz8/FJ0yQ6H5HpEcDMOfCT1UaGIM7nvnGsbTyDJrY4VBgJ
lM8ow2X1jFwAOtBHerIADh6+32DeCaGcfGtKIoVCfm4v
-----END CERTIFICATE-----
Generated at Fri May 22 18:28:31 2026 by rpki-client