Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/9fc884bc-2b9f-4180-a386-f94e759f70bf.roa
File: 9fc884bc-2b9f-4180-a386-f94e759f70bf.roa (raw, json)
Hash identifier: sZ2fVCMKfR/WpioEWEtralwPEudtkYGd2h3FpnboXc4=
Subject key identifier: 0A:AA:4B:63:1E:23:E6:D1:5E:97:F0:CA:1C:F8:08:73:EA:4C:EA:A5
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 2D95D23D96ADA4DF1852AD242853F6E1712D6F3F
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/9fc884bc-2b9f-4180-a386-f94e759f70bf.roa
Signing time: Sun 17 May 2026 02:00:06 +0000
ROA not before: Sun 17 May 2026 02:00:06 +0000
ROA not after: Sat 15 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 May 2026 08:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:95:d2:3d:96:ad:a4:df:18:52:ad:24:28:53:f6:e1:71:2d:6f:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: May 17 02:00:06 2026 GMT
Not After : Aug 15 23:59:59 2026 GMT
Subject: serialNumber=8c3a84227e646e5644b57da1ee08f5a4e2aaf924fda1146f0276f03975036d70, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:02:08:ee:80:41:24:d2:7d:0d:2a:ae:d4:a7:
8c:e8:6b:6c:e8:45:92:17:69:ef:61:6c:79:32:0f:
7d:cb:62:c6:52:e7:6d:95:ac:2f:c3:31:d1:51:98:
fd:01:43:53:5f:58:80:df:1a:6f:01:48:d2:98:0e:
be:e4:dd:25:fb:36:06:00:62:5d:6b:b1:b5:14:c4:
bb:f6:3e:26:63:36:b8:5b:8d:b2:c6:92:f2:02:7d:
74:cb:b3:b1:1c:cb:f2:a0:5c:3c:a0:f8:af:9d:a4:
da:6c:fb:85:c3:9c:69:f2:db:d9:c6:f5:08:07:6b:
7f:dc:18:03:e8:89:dc:44:82:69:2c:85:76:36:f9:
5e:9b:2a:51:cd:4b:b7:0f:8d:a7:ba:bf:0b:52:49:
3d:88:a5:6e:62:62:66:34:57:ef:aa:4d:ba:7a:e0:
cc:94:17:ec:6b:77:01:c1:e7:33:b7:f9:6d:dd:13:
78:9c:fa:07:e4:ba:53:12:51:a9:56:6a:43:c2:ab:
a8:a8:b9:a3:6e:ea:e4:5a:5c:48:dd:c7:af:5e:19:
b1:75:76:07:2a:3d:e5:e7:6e:ad:50:e5:d0:81:9f:
ed:c9:2c:c2:f8:87:59:78:8c:7e:d7:bb:89:ce:07:
8e:b9:10:e5:79:1f:32:48:dc:34:1a:74:83:5f:0f:
a3:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:AA:4B:63:1E:23:E6:D1:5E:97:F0:CA:1C:F8:08:73:EA:4C:EA:A5
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/9fc884bc-2b9f-4180-a386-f94e759f70bf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.31.0/24
Signature Algorithm: sha256WithRSAEncryption
69:96:8f:ca:40:17:ca:45:4c:02:30:9a:d9:7c:1a:03:43:70:
44:08:e0:e1:40:3c:3d:54:59:96:5c:c4:43:a0:7b:1f:2f:06:
06:86:fb:e5:81:fa:31:26:80:4c:ee:36:83:27:7f:01:43:d6:
69:2c:4b:e7:99:25:79:aa:de:dc:d0:9c:3c:ee:9a:3c:b1:5e:
2e:bd:83:7b:37:d4:b0:62:e4:75:35:46:52:ac:5b:f3:0b:51:
c6:8f:b1:d4:7a:c8:c2:f8:a2:2a:4b:61:6b:08:26:6c:fe:2c:
3b:9e:51:76:26:ef:6c:4d:c3:28:36:ab:9c:f6:5f:b4:45:fc:
c5:1a:a0:8c:80:da:33:d9:d6:44:ea:5e:54:77:90:07:bc:46:
2b:9b:52:03:f2:7c:d8:49:e4:3f:c5:7c:3a:d3:9a:7b:3a:61:
fa:74:e5:8b:46:af:79:77:30:30:88:e5:0b:be:af:9b:29:94:
6f:b2:da:7d:a4:aa:88:16:4a:b4:bd:f0:e3:e3:b4:05:1b:6b:
fe:c1:ca:b0:b7:76:73:51:38:81:81:27:2d:d6:04:7d:c5:ce:
5a:7d:40:c0:d1:1b:73:5e:e3:de:34:f6:5a:64:28:2e:78:99:
54:7e:96:6f:7b:37:47:6c:56:52:c0:c8:43:b1:e4:99:a6:44:
e1:f3:fc:5c
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIULZXSPZatpN8YUq0kKFP24XEtbz8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjA1MTcwMjAwMDZaFw0yNjA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDhjM2E4NDIyN2U2NDZlNTY0NGI1N2RhMWVlMDhmNWE0ZTJhYWY5MjRmZGEx
MTQ2ZjAyNzZmMDM5NzUwMzZkNzAxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJECCO6AQSTSfQ0qrtSnjOhrbOhFkhdp72FseTIPfctixlLnbZWsL8Mx0VGY
/QFDU19YgN8abwFI0pgOvuTdJfs2BgBiXWuxtRTEu/Y+JmM2uFuNssaS8gJ9dMuz
sRzL8qBcPKD4r52k2mz7hcOcafLb2cb1CAdrf9wYA+iJ3ESCaSyFdjb5XpsqUc1L
tw+Np7q/C1JJPYilbmJiZjRX76pNunrgzJQX7Gt3AcHnM7f5bd0TeJz6B+S6UxJR
qVZqQ8KrqKi5o27q5FpcSN3Hr14ZsXV2Byo95edurVDl0IGf7ckswviHWXiMfte7
ic4HjrkQ5XkfMkjcNBp0g18Po40CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQKqktj
HiPm0V6X8Moc+Ahz6kzqpTAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
OWZjODg0YmMtMmI5Zi00MTgwLWEzODYtZjk0ZTc1OWY3MGJmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADMAHzAN
BgkqhkiG9w0BAQsFAAOCAQEAaZaPykAXykVMAjCa2XwaA0NwRAjg4UA8PVRZllzE
Q6B7Hy8GBob75YH6MSaATO42gyd/AUPWaSxL55kleare3NCcPO6aPLFeLr2DezfU
sGLkdTVGUqxb8wtRxo+x1HrIwviiKkthawgmbP4sO55RdibvbE3DKDarnPZftEX8
xRqgjIDaM9nWROpeVHeQB7xGK5tSA/J82EnkP8V8OtOaezph+nTli0aveXcwMIjl
C76vmymUb7LafaSqiBZKtL3w4+O0BRtr/sHKsLd2c1E4gYEnLdYEfcXOWn1AwNEb
c17j3jT2WmQoLniZVH6Wb3s3R2xWUsDIQ7HkmaZE4fP8XA==
-----END CERTIFICATE-----
Generated at Fri May 22 17:37:08 2026 by rpki-client