Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/98c39c27-f261-4d67-a85e-ec7479538084.roa
File: 98c39c27-f261-4d67-a85e-ec7479538084.roa (raw, json)
Hash identifier: wdte9e8GephBOovSiVktyA2BEbU8Nlrk0VKLmYfBJgY=
Subject key identifier: 6E:30:36:2B:F3:CF:55:0A:A0:EB:B3:3F:D2:6F:D0:A4:22:82:91:10
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 68F78097DEEC6D83AD83514BA9DF01BC88DD5D10
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/98c39c27-f261-4d67-a85e-ec7479538084.roa
Signing time: Sun 17 May 2026 02:00:05 +0000
ROA not before: Sun 17 May 2026 02:00:05 +0000
ROA not after: Sat 15 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.132.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 May 2026 08:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:f7:80:97:de:ec:6d:83:ad:83:51:4b:a9:df:01:bc:88:dd:5d:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: May 17 02:00:05 2026 GMT
Not After : Aug 15 23:59:59 2026 GMT
Subject: serialNumber=332bfc3bd5539c2e58cf8098875fa0cba0cf188c89b6dddce0b24c61f2150c3b, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:dc:23:ed:0a:79:52:5c:29:e5:43:4d:cb:3b:
a2:db:59:e8:9d:03:68:f3:59:25:34:9c:9f:bf:53:
f8:97:52:cc:82:b6:77:9d:15:c8:40:a4:44:ab:c7:
2b:d2:b9:1f:7c:25:fa:02:8b:a3:ed:4e:7e:ff:58:
48:db:d9:b3:42:56:8a:79:ae:75:07:9d:a7:01:02:
d6:b3:4f:3a:b7:e1:98:d6:7a:df:ad:bc:39:bb:c4:
4d:79:38:d2:2b:0a:8f:da:72:dc:40:bb:97:49:92:
29:1f:f7:25:7f:3d:b8:bf:6f:23:99:ec:30:30:6e:
d0:4d:99:d3:35:81:08:5e:14:fe:41:67:7e:d7:6e:
7c:e6:aa:f5:5e:01:5c:c7:35:32:2f:00:b0:56:37:
8d:9f:4c:49:46:f1:b2:a7:2b:aa:f6:b3:82:dd:ec:
ce:da:53:a2:d9:ce:c7:e7:1f:34:48:18:24:65:08:
04:96:82:cb:4e:9c:13:a8:de:28:4a:f6:60:28:bf:
cf:be:6a:06:4d:9b:7d:ba:80:f0:64:99:76:76:70:
ea:16:9f:88:8d:d5:dc:bf:f4:db:3a:74:67:04:a5:
52:59:88:a6:b3:5a:9a:27:7d:f9:26:7d:19:ce:16:
7d:e6:8f:37:37:16:ce:16:f4:56:82:42:16:d5:8f:
dd:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:30:36:2B:F3:CF:55:0A:A0:EB:B3:3F:D2:6F:D0:A4:22:82:91:10
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/98c39c27-f261-4d67-a85e-ec7479538084.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.132.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:26:c5:66:23:2d:a4:45:c7:8f:08:b4:5d:43:f5:c1:63:a8:
79:e2:87:51:5f:a1:1f:01:60:ba:5a:ab:fd:9a:37:3e:26:d0:
52:28:9f:07:1c:68:a2:59:ea:5c:19:be:b4:09:17:d9:9e:59:
27:a9:b7:95:b9:64:a6:de:f8:af:06:df:d6:c1:66:5a:c1:85:
44:e4:44:05:e1:5c:dd:a8:b6:23:2c:a4:68:6d:f1:95:95:31:
d3:7a:c5:10:6d:cb:7b:62:14:3d:4c:85:91:53:7f:a4:25:e7:
02:2f:22:20:54:c3:cb:99:1d:8c:7d:bc:b3:47:74:db:af:3a:
a5:84:e2:fe:5e:55:f8:29:41:7c:60:bf:24:4c:68:e6:56:8d:
92:f2:f4:76:a8:ed:38:a9:af:f8:77:55:9f:f9:96:f4:65:55:
fa:79:49:5e:02:48:6c:e1:8b:d5:e8:bd:1f:1d:48:e5:ae:40:
d7:65:a5:39:b8:3a:4c:7e:d7:b7:21:0c:39:5f:d7:09:32:36:
05:7d:15:fe:aa:ed:38:95:5f:1c:ec:b6:00:e2:fd:33:b1:2c:
aa:e9:84:c4:ae:54:2e:81:c8:e7:23:a8:41:9a:d9:e2:03:0c:
7c:8a:1d:49:58:84:89:4f:51:61:be:6b:d8:63:ab:55:37:1a:
5a:fd:32:83
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUaPeAl97sbYOtg1FLqd8BvIjdXRAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjA1MTcwMjAwMDVaFw0yNjA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDMzMmJmYzNiZDU1MzljMmU1OGNmODA5ODg3NWZhMGNiYTBjZjE4OGM4OWI2
ZGRkY2UwYjI0YzYxZjIxNTBjM2IxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN7cI+0KeVJcKeVDTcs7ottZ6J0DaPNZJTScn79T+JdSzIK2d50VyECkRKvH
K9K5H3wl+gKLo+1Ofv9YSNvZs0JWinmudQedpwEC1rNPOrfhmNZ63628ObvETXk4
0isKj9py3EC7l0mSKR/3JX89uL9vI5nsMDBu0E2Z0zWBCF4U/kFnftdufOaq9V4B
XMc1Mi8AsFY3jZ9MSUbxsqcrqvazgt3sztpTotnOx+cfNEgYJGUIBJaCy06cE6je
KEr2YCi/z75qBk2bfbqA8GSZdnZw6hafiI3V3L/02zp0ZwSlUlmIprNamid9+SZ9
Gc4WfeaPNzcWzhb0VoJCFtWP3U8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRuMDYr
889VCqDrsz/Sb9CkIoKREDAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
OThjMzljMjctZjI2MS00ZDY3LWE4NWUtZWM3NDc5NTM4MDg0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADMAhDAN
BgkqhkiG9w0BAQsFAAOCAQEAtybFZiMtpEXHjwi0XUP1wWOoeeKHUV+hHwFgulqr
/Zo3PibQUiifBxxoolnqXBm+tAkX2Z5ZJ6m3lblkpt74rwbf1sFmWsGFROREBeFc
3ai2IyykaG3xlZUx03rFEG3Le2IUPUyFkVN/pCXnAi8iIFTDy5kdjH28s0d02686
pYTi/l5V+ClBfGC/JExo5laNkvL0dqjtOKmv+HdVn/mW9GVV+nlJXgJIbOGL1ei9
Hx1I5a5A12WlObg6TH7XtyEMOV/XCTI2BX0V/qrtOJVfHOy2AOL9M7EsqumExK5U
LoHI5yOoQZrZ4gMMfIodSViEiU9RYb5r2GOrVTcaWv0ygw==
-----END CERTIFICATE-----
Generated at Fri May 22 17:37:07 2026 by rpki-client