Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/55e704e8-470f-4c3e-82e8-03868da744a2.roa
File: 55e704e8-470f-4c3e-82e8-03868da744a2.roa (raw, json)
Hash identifier: q19Ly9BsKOuyyVxPUg9zu30qcXdZKKB8vuuczQKvZ6s=
Subject key identifier: 34:68:37:8C:C6:6B:32:38:E2:44:69:11:EC:B8:F7:88:5D:AE:34:A7
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: FC8F3F2FD7E3BE51E6C3C139BD894D025BEA6B
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/55e704e8-470f-4c3e-82e8-03868da744a2.roa
Signing time: Fri 15 May 2026 00:30:09 +0000
ROA not before: Fri 15 May 2026 00:30:09 +0000
ROA not after: Thu 13 Aug 2026 23:59:59 +0000
asID: 14618
IP address blocks: 51.74.0.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 May 2026 08:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
fc:8f:3f:2f:d7:e3:be:51:e6:c3:c1:39:bd:89:4d:02:5b:ea:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: May 15 00:30:09 2026 GMT
Not After : Aug 13 23:59:59 2026 GMT
Subject: serialNumber=7e78c405277c04170200fd93e0f3e5d9548d0a6de0d4800d7c5e76e9e361dd21, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:20:f0:11:af:4f:11:ed:09:60:ab:df:82:ad:
e4:cd:30:4b:ad:5e:bf:2c:ac:2a:30:a6:79:1c:35:
ae:41:a1:82:50:83:95:79:78:8a:0d:10:0b:d6:74:
f5:55:17:26:69:39:6b:0d:af:5a:1b:31:6e:c3:9c:
8e:b5:08:bc:0f:d2:f2:34:8c:5b:19:15:af:41:9b:
ab:64:7b:93:b5:79:f0:83:76:ee:29:da:21:00:34:
eb:71:8b:8f:32:da:29:2a:97:ed:c0:21:24:91:a7:
ea:41:cb:b8:30:66:ab:2d:29:db:7e:56:54:05:af:
ce:e7:80:d7:9c:d0:a9:45:1b:4c:43:36:0c:ee:42:
bf:8c:61:44:7e:47:f6:f7:52:c2:61:de:7e:ea:75:
e4:d8:76:40:f3:60:65:f6:7c:9c:04:d6:e5:f8:69:
43:65:6c:22:08:34:4c:5e:4d:9b:56:50:59:48:20:
09:a9:a3:a4:50:5f:bc:15:ad:72:5e:5a:c5:8b:b3:
64:ec:40:d9:0c:9b:b1:b4:77:71:0a:2e:36:77:da:
20:3e:6c:04:4b:39:4a:62:e4:d1:85:dd:af:a8:95:
2e:b0:c1:e8:eb:95:6c:a9:4d:07:5d:92:d9:ab:d5:
51:60:73:bf:53:35:72:08:90:92:28:43:45:c7:d5:
4a:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:68:37:8C:C6:6B:32:38:E2:44:69:11:EC:B8:F7:88:5D:AE:34:A7
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/55e704e8-470f-4c3e-82e8-03868da744a2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.74.0.0/20
Signature Algorithm: sha256WithRSAEncryption
87:bb:8f:c9:9f:16:7f:81:45:81:03:eb:52:a3:8f:85:59:65:
bf:0c:cc:b4:92:e9:b7:ea:01:d6:d1:03:26:df:ac:1d:a4:c4:
67:4e:97:b4:a5:66:73:9d:fc:e2:19:ba:d0:27:54:f0:d5:7a:
01:99:3a:8b:01:47:fb:9f:d9:8a:c3:c3:16:f3:15:78:f5:86:
09:d0:5a:91:b2:cf:ba:45:c7:01:47:2a:68:68:72:1f:7f:ce:
3e:ff:c0:17:9a:d4:2c:f0:50:69:2a:2d:4f:9f:93:f5:ec:ab:
d8:20:59:c9:dd:13:98:d3:c3:0f:12:06:7b:b1:ab:99:a9:68:
b9:70:66:05:f4:24:89:01:06:80:3a:c4:5d:ec:b5:05:45:b6:
b9:1e:e9:74:4f:b7:6f:ff:60:4e:b7:c1:c2:98:2c:f9:0e:7d:
15:ec:e8:be:63:32:b0:37:91:e2:36:4a:93:25:69:5f:55:38:
1c:4a:8f:10:20:ff:46:9c:b9:c8:23:34:fc:c3:4f:03:d5:c8:
40:96:15:7d:6b:87:0e:f9:1b:f4:c7:6b:02:09:4a:08:fc:b8:
ec:31:d1:97:57:a1:d2:14:12:ce:c1:99:82:28:86:01:bc:b6:
e4:2a:6b:10:03:9e:8d:ba:10:87:f1:84:c0:4b:92:58:c1:a5:
41:07:30:51
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUAPyPPy/X475R5sPBOb2JTQJb6mswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjA1MTUwMDMwMDlaFw0yNjA4MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDdlNzhjNDA1Mjc3YzA0MTcwMjAwZmQ5M2UwZjNlNWQ5NTQ4ZDBhNmRlMGQ0
ODAwZDdjNWU3NmU5ZTM2MWRkMjExLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIwg8BGvTxHtCWCr34Kt5M0wS61evyysKjCmeRw1rkGhglCDlXl4ig0QC9Z0
9VUXJmk5aw2vWhsxbsOcjrUIvA/S8jSMWxkVr0Gbq2R7k7V58IN27inaIQA063GL
jzLaKSqX7cAhJJGn6kHLuDBmqy0p235WVAWvzueA15zQqUUbTEM2DO5Cv4xhRH5H
9vdSwmHefup15Nh2QPNgZfZ8nATW5fhpQ2VsIgg0TF5Nm1ZQWUggCamjpFBfvBWt
cl5axYuzZOxA2QybsbR3cQouNnfaID5sBEs5SmLk0YXdr6iVLrDB6OuVbKlNB12S
2avVUWBzv1M1cgiQkihDRcfVSg0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ0aDeM
xmsyOOJEaRHsuPeIXa40pzAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
NTVlNzA0ZTgtNDcwZi00YzNlLTgyZTgtMDM4NjhkYTc0NGEyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBDNKADAN
BgkqhkiG9w0BAQsFAAOCAQEAh7uPyZ8Wf4FFgQPrUqOPhVllvwzMtJLpt+oB1tED
Jt+sHaTEZ06XtKVmc5384hm60CdU8NV6AZk6iwFH+5/ZisPDFvMVePWGCdBakbLP
ukXHAUcqaGhyH3/OPv/AF5rULPBQaSotT5+T9eyr2CBZyd0TmNPDDxIGe7Grmalo
uXBmBfQkiQEGgDrEXey1BUW2uR7pdE+3b/9gTrfBwpgs+Q59FezovmMysDeR4jZK
kyVpX1U4HEqPECD/Rpy5yCM0/MNPA9XIQJYVfWuHDvkb9MdrAglKCPy47DHRl1eh
0hQSzsGZgiiGAby25CprEAOejboQh/GEwEuSWMGlQQcwUQ==
-----END CERTIFICATE-----
Generated at Fri May 22 14:19:15 2026 by rpki-client