Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/77c679c8-2cc0-4e9b-b3da-c3315ea2711c.roa
File: 77c679c8-2cc0-4e9b-b3da-c3315ea2711c.roa (raw, json)
Hash identifier: 7Clx06mYocgqT75NCw3hjOqkoZeG/9e9zXRIrlvGm0I=
Subject key identifier: 6D:66:9F:94:01:14:7A:CC:75:1B:14:95:D3:F2:08:8B:F2:2F:43:D0
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 23007932D9125F3D04A3B9FD0147626C96CA6EFB
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/77c679c8-2cc0-4e9b-b3da-c3315ea2711c.roa
Signing time: Sun 17 May 2026 02:00:05 +0000
ROA not before: Sun 17 May 2026 02:00:05 +0000
ROA not after: Sat 15 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.140.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 May 2026 08:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:00:79:32:d9:12:5f:3d:04:a3:b9:fd:01:47:62:6c:96:ca:6e:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: May 17 02:00:05 2026 GMT
Not After : Aug 15 23:59:59 2026 GMT
Subject: serialNumber=3d1f5464246c0b085682b3f8414f0f729698cf679f2b63c584548eea285a4b5a, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:a3:ff:6c:18:3b:ab:ed:99:13:51:d6:15:8a:
39:0a:9c:68:43:1c:7c:c7:29:14:d1:74:f6:d2:52:
e9:90:92:fb:6c:10:b9:e1:a4:70:75:d9:20:2e:22:
c9:a2:7c:c1:6d:3e:f7:06:34:52:0e:86:f0:a8:26:
1c:cb:bc:9f:d6:99:c6:d8:a0:7a:c8:a9:ea:9f:1e:
bd:ed:a2:47:d0:fa:1f:bb:3a:71:8c:b1:d7:b6:16:
2b:b1:62:cc:95:4c:f7:58:3c:f1:59:7c:b0:a2:cc:
1a:b1:67:ee:e4:ca:83:b0:2f:56:1e:60:d0:3f:6d:
eb:d4:49:7d:1f:91:7b:c4:d4:47:b4:6a:f2:8b:ec:
90:c1:43:54:72:e3:97:92:9a:b2:2f:c6:0e:8d:f4:
50:0e:6c:b0:07:c6:c9:67:9f:cf:0a:7e:44:ca:61:
f7:c9:8a:c6:9d:70:97:3a:78:23:08:5a:ca:16:00:
31:8c:a5:2a:0d:5b:ca:bc:da:90:d8:14:bb:d6:a6:
72:23:d5:a2:de:ad:d7:7d:66:e7:cf:12:31:a8:d6:
d5:ce:2d:52:f1:39:46:3b:0e:fa:82:29:2d:76:e9:
86:17:ea:87:ea:39:2b:48:ff:be:ea:fe:41:21:54:
dd:75:83:c0:d6:d5:22:d6:77:15:8d:3c:e3:49:bb:
c1:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:66:9F:94:01:14:7A:CC:75:1B:14:95:D3:F2:08:8B:F2:2F:43:D0
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/77c679c8-2cc0-4e9b-b3da-c3315ea2711c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.140.0/23
Signature Algorithm: sha256WithRSAEncryption
4e:e3:79:d9:41:0e:cf:a1:13:70:ce:71:8d:bb:06:de:2a:05:
1a:ce:db:31:cb:23:b6:03:95:3b:9f:41:75:83:7c:ad:a2:89:
e5:bf:9c:35:b6:8b:1e:c7:1a:3a:dc:a6:ee:6d:1b:3c:29:5a:
a8:91:c4:1b:1e:f8:f1:25:09:3f:4e:d1:d6:74:3f:ea:95:ec:
29:c2:f1:b4:96:90:7a:f9:e5:58:73:55:29:62:d6:6d:9a:d6:
0e:b5:75:b9:a1:cb:6d:95:67:d4:9a:c9:71:0d:aa:f2:c0:d3:
c3:98:65:c1:cf:37:24:a5:a7:fa:05:db:1c:76:96:2a:9e:ad:
cc:43:9a:2b:59:ac:d0:5d:40:a7:01:df:bc:d2:fa:bb:98:ba:
83:fa:3d:d2:f7:5f:53:be:ba:0d:27:6a:95:88:89:e4:93:59:
59:f4:d3:a5:ac:ec:db:66:6d:f2:2e:0d:74:2b:be:1a:2d:b4:
a9:39:2d:53:36:88:b5:d5:40:3c:55:b5:de:35:30:5e:2d:3e:
7e:79:5f:10:7b:c3:b3:cf:77:b5:f1:b7:48:d7:e7:40:cf:64:
d4:ea:21:f5:24:e5:c0:5f:be:fd:de:c2:9e:cf:a0:dc:04:cd:
eb:15:2d:31:eb:fd:de:97:76:e2:e9:69:df:7d:99:07:df:03:
ec:c1:57:85
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUIwB5MtkSXz0Eo7n9AUdibJbKbvswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjA1MTcwMjAwMDVaFw0yNjA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDNkMWY1NDY0MjQ2YzBiMDg1NjgyYjNmODQxNGYwZjcyOTY5OGNmNjc5ZjJi
NjNjNTg0NTQ4ZWVhMjg1YTRiNWExLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANaj/2wYO6vtmRNR1hWKOQqcaEMcfMcpFNF09tJS6ZCS+2wQueGkcHXZIC4i
yaJ8wW0+9wY0Ug6G8KgmHMu8n9aZxtigesip6p8eve2iR9D6H7s6cYyx17YWK7Fi
zJVM91g88Vl8sKLMGrFn7uTKg7AvVh5g0D9t69RJfR+Re8TUR7Rq8ovskMFDVHLj
l5Kasi/GDo30UA5ssAfGyWefzwp+RMph98mKxp1wlzp4IwhayhYAMYylKg1byrza
kNgUu9amciPVot6t131m588SMajW1c4tUvE5RjsO+oIpLXbphhfqh+o5K0j/vur+
QSFU3XWDwNbVItZ3FY0840m7wQMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRtZp+U
ARR6zHUbFJXT8giL8i9D0DAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
NzdjNjc5YzgtMmNjMC00ZTliLWIzZGEtYzMzMTVlYTI3MTFjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEATMAjDAN
BgkqhkiG9w0BAQsFAAOCAQEATuN52UEOz6ETcM5xjbsG3ioFGs7bMcsjtgOVO59B
dYN8raKJ5b+cNbaLHscaOtym7m0bPClaqJHEGx748SUJP07R1nQ/6pXsKcLxtJaQ
evnlWHNVKWLWbZrWDrV1uaHLbZVn1JrJcQ2q8sDTw5hlwc83JKWn+gXbHHaWKp6t
zEOaK1ms0F1ApwHfvNL6u5i6g/o90vdfU766DSdqlYiJ5JNZWfTTpazs22Zt8i4N
dCu+Gi20qTktUzaItdVAPFW13jUwXi0+fnlfEHvDs893tfG3SNfnQM9k1Ooh9STl
wF++/d7Cns+g3ATN6xUtMev93pd24ulp332ZB98D7MFXhQ==
-----END CERTIFICATE-----
Generated at Fri May 22 16:04:32 2026 by rpki-client