Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/51195615-aa01-4b44-ab00-63024ac9ba29.roa
File: 51195615-aa01-4b44-ab00-63024ac9ba29.roa (raw, json)
Hash identifier: Hxg52VcMKwNHb3gH6Bctc7YULVm+k5D4k6x1rVqWEeU=
Subject key identifier: DB:DC:49:10:2B:2A:37:C8:95:FD:E6:DB:54:8C:31:5F:7C:7F:CB:BE
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 3AF729B220A5E5D89874B308C912FBB8C4329F9C
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/51195615-aa01-4b44-ab00-63024ac9ba29.roa
Signing time: Sun 17 May 2026 02:00:28 +0000
ROA not before: Sun 17 May 2026 02:00:28 +0000
ROA not after: Sat 15 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.224.196.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 May 2026 08:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:f7:29:b2:20:a5:e5:d8:98:74:b3:08:c9:12:fb:b8:c4:32:9f:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: May 17 02:00:28 2026 GMT
Not After : Aug 15 23:59:59 2026 GMT
Subject: serialNumber=527d10101b5f728f00781ec0f2fff14f97b00d0068f6dac7143fbe03ebda3a6e, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:64:56:68:7b:77:e9:51:96:f7:ec:ce:aa:10:
0b:3e:54:13:40:c2:f1:bc:e7:e8:5f:3e:56:c0:04:
47:cc:9f:22:4a:9f:32:4f:22:a3:a4:7f:c5:94:34:
f8:07:7f:5c:b6:e5:86:3a:7a:80:18:d8:46:d6:9a:
f4:f9:51:42:47:25:f5:da:1a:ad:e9:16:5c:75:99:
4f:dc:ff:26:0a:1e:87:fb:ed:9e:98:b8:47:71:7e:
fa:20:61:47:74:35:34:7f:ac:bc:8e:b8:dd:0e:49:
71:49:1f:c0:ac:93:1a:71:d5:a5:3f:e4:18:ed:59:
e1:61:1e:d8:f2:a7:f7:2e:b2:4c:4a:f0:ef:1a:b3:
3e:bd:9a:8c:20:52:59:06:de:37:5f:ba:60:4e:69:
f9:0a:5e:f1:0c:c6:25:c1:dc:d3:74:fb:03:05:84:
03:ca:4c:ca:cf:21:40:0d:7f:e4:ca:ca:cd:bc:82:
58:28:0e:ba:c7:43:2f:c6:81:81:58:31:bf:62:1e:
b3:b0:76:b9:e5:8b:09:51:01:63:2b:5b:4c:2e:2f:
c3:fc:6f:af:75:28:42:00:6c:fb:59:19:db:45:09:
d7:35:12:d5:a2:0e:d7:01:51:07:13:10:76:be:ab:
16:95:16:03:1d:c0:75:5f:4d:f3:ad:66:75:6c:15:
b8:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:DC:49:10:2B:2A:37:C8:95:FD:E6:DB:54:8C:31:5F:7C:7F:CB:BE
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/51195615-aa01-4b44-ab00-63024ac9ba29.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.224.196.0/23
Signature Algorithm: sha256WithRSAEncryption
07:11:64:7b:f6:a7:6a:e9:1c:ce:68:f6:d9:a3:0d:2b:41:c4:
a2:c4:e3:2b:2c:b7:c7:17:17:60:0b:16:73:23:f4:70:65:64:
92:d3:82:2a:06:9a:e7:5b:a3:2f:c5:47:3f:4b:12:9d:d4:6a:
03:33:b9:53:e9:c3:34:42:95:b5:85:34:7d:72:ba:4d:4f:e7:
9c:f3:c6:57:16:54:db:19:6c:ca:8a:54:12:c5:d1:cf:c4:08:
00:cb:46:60:49:85:3c:ca:d6:42:27:3f:05:5f:b6:43:f1:95:
35:5c:df:89:49:82:7c:90:5d:a5:79:77:b0:59:13:e3:1e:a0:
bc:ed:b5:51:79:3c:3a:53:55:7b:59:bf:23:89:3d:cb:7b:7a:
34:1a:70:a3:02:54:56:23:15:bf:ff:88:bd:7c:22:d1:49:72:
18:14:37:da:d1:72:65:69:dd:e9:b1:a2:a6:ff:25:35:54:e2:
a4:f5:39:01:5c:12:f4:66:dd:36:21:51:db:7d:d1:b4:4e:25:
4e:ac:e7:eb:98:31:55:5f:02:58:6a:47:69:41:61:41:9e:fc:
dd:be:77:68:06:bc:41:db:70:6c:1b:92:42:c4:dd:a7:5f:2c:
95:e6:d7:14:76:42:e6:1d:4c:c4:bd:f1:53:6d:50:f3:d5:7b:
13:d8:b3:6c
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUOvcpsiCl5diYdLMIyRL7uMQyn5wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjA1MTcwMjAwMjhaFw0yNjA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDUyN2QxMDEwMWI1ZjcyOGYwMDc4MWVjMGYyZmZmMTRmOTdiMDBkMDA2OGY2
ZGFjNzE0M2ZiZTAzZWJkYTNhNmUxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMRkVmh7d+lRlvfszqoQCz5UE0DC8bzn6F8+VsAER8yfIkqfMk8io6R/xZQ0
+Ad/XLblhjp6gBjYRtaa9PlRQkcl9doarekWXHWZT9z/Jgoeh/vtnpi4R3F++iBh
R3Q1NH+svI643Q5JcUkfwKyTGnHVpT/kGO1Z4WEe2PKn9y6yTErw7xqzPr2ajCBS
WQbeN1+6YE5p+Qpe8QzGJcHc03T7AwWEA8pMys8hQA1/5MrKzbyCWCgOusdDL8aB
gVgxv2Ies7B2ueWLCVEBYytbTC4vw/xvr3UoQgBs+1kZ20UJ1zUS1aIO1wFRBxMQ
dr6rFpUWAx3AdV9N861mdWwVuH0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTb3EkQ
Kyo3yJX95ttUjDFffH/LvjAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
NTExOTU2MTUtYWEwMS00YjQ0LWFiMDAtNjMwMjRhYzliYTI5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEATPgxDAN
BgkqhkiG9w0BAQsFAAOCAQEABxFke/anaukczmj22aMNK0HEosTjKyy3xxcXYAsW
cyP0cGVkktOCKgaa51ujL8VHP0sSndRqAzO5U+nDNEKVtYU0fXK6TU/nnPPGVxZU
2xlsyopUEsXRz8QIAMtGYEmFPMrWQic/BV+2Q/GVNVzfiUmCfJBdpXl3sFkT4x6g
vO21UXk8OlNVe1m/I4k9y3t6NBpwowJUViMVv/+IvXwi0UlyGBQ32tFyZWnd6bGi
pv8lNVTipPU5AVwS9GbdNiFR233RtE4lTqzn65gxVV8CWGpHaUFhQZ783b53aAa8
QdtwbBuSQsTdp18slebXFHZC5h1MxL3xU21Q89V7E9izbA==
-----END CERTIFICATE-----
Generated at Fri May 22 17:37:13 2026 by rpki-client