Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/aa9c4ef5-16fb-4222-a99f-9dc3e40c6973.roa
File: aa9c4ef5-16fb-4222-a99f-9dc3e40c6973.roa (raw, json)
Hash identifier: yszD0CXaU2xzMahGANOilrHPk0aozYEZc9SRb2cZIJg=
Subject key identifier: 1F:39:44:21:1E:A8:CF:25:11:33:45:7F:96:5A:A0:50:8E:4B:B0:4B
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 6ECE14583537AD1AC76C926B39A27A434DB493F0
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/aa9c4ef5-16fb-4222-a99f-9dc3e40c6973.roa
Signing time: Sun 17 May 2026 02:00:04 +0000
ROA not before: Sun 17 May 2026 02:00:04 +0000
ROA not after: Sat 15 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.224.188.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 May 2026 08:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:ce:14:58:35:37:ad:1a:c7:6c:92:6b:39:a2:7a:43:4d:b4:93:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: May 17 02:00:04 2026 GMT
Not After : Aug 15 23:59:59 2026 GMT
Subject: serialNumber=1de9a721381e3cc0e8780946ae620c23d2f4a41dd86188c21c7f44ab4c2c4168, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:fa:db:d0:81:38:eb:3c:ee:89:0b:bf:34:64:
b1:bc:49:41:96:91:8c:d2:16:b9:88:42:15:77:d1:
26:fb:7e:52:f6:a0:b3:66:6d:e9:76:20:5c:ac:5d:
c2:83:13:8a:7e:ed:43:98:e8:37:55:c1:9d:dc:91:
b9:65:05:e9:9d:e0:97:fa:31:d6:aa:d0:81:1c:eb:
46:ca:10:00:a3:b0:34:0b:37:81:78:60:e6:37:aa:
6f:2e:56:f8:03:15:2d:80:37:8c:cd:50:5a:d9:46:
66:36:1d:73:63:02:4d:21:aa:eb:d8:4a:f7:22:ed:
e0:8a:28:a3:1b:6f:6c:c7:e0:6e:46:1b:d5:20:59:
8f:07:34:10:4c:10:9d:91:06:6b:5f:50:05:d4:19:
2d:3b:6a:07:d4:31:d9:15:37:ff:18:b3:9c:7a:1b:
8d:a5:ba:63:27:2f:4f:0c:40:7b:5c:f3:49:18:83:
5e:86:30:5a:45:e6:d4:a6:4e:bd:1b:60:99:2a:97:
49:51:f3:6e:df:18:07:87:56:42:72:07:38:1d:eb:
37:54:4a:2f:84:ad:52:2f:b2:8e:03:8f:04:74:03:
79:34:f6:fc:c2:98:7d:64:9a:fe:94:f7:99:9b:39:
01:48:ff:00:43:b7:1d:09:a3:0c:8e:d6:b3:c3:08:
8c:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:39:44:21:1E:A8:CF:25:11:33:45:7F:96:5A:A0:50:8E:4B:B0:4B
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/aa9c4ef5-16fb-4222-a99f-9dc3e40c6973.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.224.188.0/23
Signature Algorithm: sha256WithRSAEncryption
c4:80:91:dd:fd:9b:42:dc:22:57:2f:a4:61:61:5b:39:bb:f7:
2d:ce:d9:29:4c:f3:e3:f3:fd:b4:c8:cd:a0:cd:62:61:6e:58:
ec:58:9a:e2:db:3c:36:43:8b:74:58:e9:a7:bd:b4:3c:1b:21:
62:3a:e3:f0:7a:1d:aa:bf:8d:26:03:79:c8:e7:59:85:fd:32:
b9:7e:12:12:79:43:47:6d:10:f7:49:6a:a8:ba:a5:5b:5f:7f:
1b:0a:5c:87:01:dd:5c:98:98:4b:35:e0:55:48:fa:19:66:28:
ae:58:db:0d:3a:4f:84:90:64:ea:a4:48:29:7c:ea:60:61:5b:
1d:a5:a6:00:f1:50:53:2d:a1:3a:c8:5a:f7:e8:a7:32:97:56:
70:78:5f:2e:54:5c:81:11:8b:42:20:30:b1:f3:dc:ed:ea:5d:
b3:49:36:fe:3c:75:28:42:d4:d2:34:f4:97:eb:ce:a5:d1:4c:
48:75:a1:10:6c:58:f0:49:3a:45:df:8e:bf:84:62:b1:76:21:
f2:c3:9e:01:6e:96:4e:21:69:63:7b:7b:08:ed:e6:59:8d:5a:
02:0c:fc:dc:21:21:ba:0b:4d:8f:fd:33:80:ad:f7:5a:f0:ec:
b3:a4:b9:b4:8e:94:8d:09:6f:74:fe:58:1c:52:8f:5a:3b:bb:
91:f2:4c:41
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUbs4UWDU3rRrHbJJrOaJ6Q020k/AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjA1MTcwMjAwMDRaFw0yNjA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDFkZTlhNzIxMzgxZTNjYzBlODc4MDk0NmFlNjIwYzIzZDJmNGE0MWRkODYx
ODhjMjFjN2Y0NGFiNGMyYzQxNjgxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMT629CBOOs87okLvzRksbxJQZaRjNIWuYhCFXfRJvt+Uvags2Zt6XYgXKxd
woMTin7tQ5joN1XBndyRuWUF6Z3gl/ox1qrQgRzrRsoQAKOwNAs3gXhg5jeqby5W
+AMVLYA3jM1QWtlGZjYdc2MCTSGq69hK9yLt4IoooxtvbMfgbkYb1SBZjwc0EEwQ
nZEGa19QBdQZLTtqB9Qx2RU3/xiznHobjaW6YycvTwxAe1zzSRiDXoYwWkXm1KZO
vRtgmSqXSVHzbt8YB4dWQnIHOB3rN1RKL4StUi+yjgOPBHQDeTT2/MKYfWSa/pT3
mZs5AUj/AEO3HQmjDI7Ws8MIjLkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQfOUQh
HqjPJREzRX+WWqBQjkuwSzAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
YWE5YzRlZjUtMTZmYi00MjIyLWE5OWYtOWRjM2U0MGM2OTczLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEATPgvDAN
BgkqhkiG9w0BAQsFAAOCAQEAxICR3f2bQtwiVy+kYWFbObv3Lc7ZKUzz4/P9tMjN
oM1iYW5Y7Fia4ts8NkOLdFjpp720PBshYjrj8Hodqr+NJgN5yOdZhf0yuX4SEnlD
R20Q90lqqLqlW19/GwpchwHdXJiYSzXgVUj6GWYorljbDTpPhJBk6qRIKXzqYGFb
HaWmAPFQUy2hOsha9+inMpdWcHhfLlRcgRGLQiAwsfPc7epds0k2/jx1KELU0jT0
l+vOpdFMSHWhEGxY8Ek6Rd+Ov4RisXYh8sOeAW6WTiFpY3t7CO3mWY1aAgz83CEh
ugtNj/0zgK33WvDss6S5tI6UjQlvdP5YHFKPWju7kfJMQQ==
-----END CERTIFICATE-----
Generated at Fri May 22 16:04:21 2026 by rpki-client