Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/566f9159-e271-4224-9cc9-33a554331509.roa
File: 566f9159-e271-4224-9cc9-33a554331509.roa (raw, json)
Hash identifier: Ehl3ilZozXE2LeOl6BObZzpl7Ye+I9k/XIe9wuPSf3A=
Subject key identifier: 2C:19:4D:75:2B:C7:9A:E6:74:BB:D9:5E:1E:5C:CF:4D:41:DB:69:C2
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 5990431E7F4807F3C7237AFF0A825352E7B99BA4
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/566f9159-e271-4224-9cc9-33a554331509.roa
Signing time: Sun 17 May 2026 02:00:26 +0000
ROA not before: Sun 17 May 2026 02:00:26 +0000
ROA not after: Sat 15 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.0.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 May 2026 08:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:90:43:1e:7f:48:07:f3:c7:23:7a:ff:0a:82:53:52:e7:b9:9b:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: May 17 02:00:26 2026 GMT
Not After : Aug 15 23:59:59 2026 GMT
Subject: serialNumber=bf0db816e4a8b662ce6902c1d06d6e30532e14cc7e9d7eef1444362e97bdd6db, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:35:c5:88:d4:dc:b7:ba:aa:f0:15:67:2d:c5:
b1:0c:df:ba:8c:6f:33:65:4f:f4:86:21:f7:e6:d0:
00:28:a1:7e:5d:06:6c:73:57:48:a5:ad:ba:56:75:
4b:89:8d:a9:d2:8a:c4:d6:69:36:a4:17:62:38:7e:
8b:ff:7d:2f:89:ff:21:95:e8:82:ee:6c:b9:d5:2c:
58:ca:36:13:75:f6:56:01:96:92:29:e5:04:9e:2e:
24:51:64:16:2d:53:bb:6d:e0:9c:45:ae:f2:b4:40:
53:61:0b:6e:98:72:e5:4d:c3:e4:28:73:46:04:ce:
29:a6:e0:7e:3a:0f:b7:84:9b:16:41:a2:6f:7a:5b:
f0:34:c6:98:27:2e:b3:e4:87:59:1f:2e:45:ed:49:
42:e2:5c:7d:7b:8f:a4:74:1f:42:b9:eb:70:ae:0c:
e7:05:1c:06:48:3c:b7:ef:33:fb:89:9d:1d:3f:00:
a2:93:8a:c7:e1:2a:3e:22:a3:eb:86:6d:b6:3e:63:
00:e2:1e:78:5a:81:ec:b6:a9:0c:fb:d4:34:13:23:
08:2b:6d:95:c3:3d:52:ac:5a:16:2d:89:47:0a:ca:
d9:1d:bc:15:35:6a:ef:d2:d1:44:e4:dc:72:be:6f:
ed:d1:81:53:98:a5:f3:99:0e:06:ab:98:2b:06:41:
b2:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:19:4D:75:2B:C7:9A:E6:74:BB:D9:5E:1E:5C:CF:4D:41:DB:69:C2
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/566f9159-e271-4224-9cc9-33a554331509.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.0.0/19
Signature Algorithm: sha256WithRSAEncryption
25:68:0e:46:c6:8a:44:30:06:6d:45:5e:f2:28:ba:a0:8a:e5:
e9:da:fa:fd:45:7c:26:b7:69:04:62:d8:be:0b:d4:61:4d:73:
e1:54:40:df:01:ba:ac:2d:db:b8:60:4a:5d:43:95:f1:e8:d1:
65:f2:1e:dc:16:f0:e0:40:7a:c1:f8:4a:ce:08:11:a6:a0:b4:
b1:1f:d8:16:c3:2d:a7:56:00:84:de:a8:95:fb:fc:3d:bd:e7:
28:e5:ea:e8:17:45:9d:a5:9d:04:3e:69:32:1f:80:a0:ae:c2:
ab:32:18:92:1f:96:b7:7f:5c:68:ab:07:f1:07:b1:d4:98:63:
0e:a1:84:27:81:39:00:72:19:1c:27:ca:38:3e:71:4a:b9:7d:
a3:6e:1a:3a:aa:30:d8:8e:b1:8c:11:d6:55:71:49:ae:09:df:
c0:18:8a:3c:f5:2e:28:d5:15:85:5b:51:19:e1:f2:8c:3a:4b:
17:30:95:cc:94:5a:f7:ef:8d:fe:93:a2:c1:33:77:2f:37:c3:
c0:b0:4a:42:60:12:67:5c:20:ab:e2:65:ca:28:53:e1:0b:92:
0f:2b:95:57:23:2d:32:5e:1b:7b:3c:e5:60:ae:6b:58:ab:c5:
8a:8f:dc:37:65:e8:39:d1:5d:22:2c:9f:23:d1:0a:e3:a4:cb:
03:59:2c:85
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUWZBDHn9IB/PHI3r/CoJTUue5m6QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjA1MTcwMjAwMjZaFw0yNjA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGJmMGRiODE2ZTRhOGI2NjJjZTY5MDJjMWQwNmQ2ZTMwNTMyZTE0Y2M3ZTlk
N2VlZjE0NDQzNjJlOTdiZGQ2ZGIxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALQ1xYjU3Le6qvAVZy3FsQzfuoxvM2VP9IYh9+bQACihfl0GbHNXSKWtulZ1
S4mNqdKKxNZpNqQXYjh+i/99L4n/IZXogu5sudUsWMo2E3X2VgGWkinlBJ4uJFFk
Fi1Tu23gnEWu8rRAU2ELbphy5U3D5ChzRgTOKabgfjoPt4SbFkGib3pb8DTGmCcu
s+SHWR8uRe1JQuJcfXuPpHQfQrnrcK4M5wUcBkg8t+8z+4mdHT8AopOKx+EqPiKj
64Zttj5jAOIeeFqB7LapDPvUNBMjCCttlcM9UqxaFi2JRwrK2R28FTVq79LRROTc
cr5v7dGBU5il85kOBquYKwZBsnUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQsGU11
K8ea5nS72V4eXM9NQdtpwjAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
NTY2ZjkxNTktZTI3MS00MjI0LTljYzktMzNhNTU0MzMxNTA5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBTMAADAN
BgkqhkiG9w0BAQsFAAOCAQEAJWgORsaKRDAGbUVe8ii6oIrl6dr6/UV8JrdpBGLY
vgvUYU1z4VRA3wG6rC3buGBKXUOV8ejRZfIe3Bbw4EB6wfhKzggRpqC0sR/YFsMt
p1YAhN6olfv8Pb3nKOXq6BdFnaWdBD5pMh+AoK7CqzIYkh+Wt39caKsH8Qex1Jhj
DqGEJ4E5AHIZHCfKOD5xSrl9o24aOqow2I6xjBHWVXFJrgnfwBiKPPUuKNUVhVtR
GeHyjDpLFzCVzJRa9++N/pOiwTN3LzfDwLBKQmASZ1wgq+JlyihT4QuSDyuVVyMt
Ml4bezzlYK5rWKvFio/cN2XoOdFdIiyfI9EK46TLA1kshQ==
-----END CERTIFICATE-----
Generated at Fri May 22 16:04:28 2026 by rpki-client