Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/e31b4829-a8a6-4dd2-ba5c-985e6234c3f7.roa
File: e31b4829-a8a6-4dd2-ba5c-985e6234c3f7.roa (raw, json)
Hash identifier: LRe7+GrVU1+WdE58y5/H4f7fYaut6m8KzHCL9w84Lg8=
Subject key identifier: 29:DB:2A:2E:89:29:76:77:82:68:74:FB:03:07:FF:F8:28:6C:A4:1E
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 0B7B00E84A04ED9016F9EA1C26AC2B12CC3D3BDE
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/e31b4829-a8a6-4dd2-ba5c-985e6234c3f7.roa
Signing time: Sun 17 May 2026 02:00:27 +0000
ROA not before: Sun 17 May 2026 02:00:27 +0000
ROA not after: Sat 15 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.224.194.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 May 2026 08:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:7b:00:e8:4a:04:ed:90:16:f9:ea:1c:26:ac:2b:12:cc:3d:3b:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: May 17 02:00:27 2026 GMT
Not After : Aug 15 23:59:59 2026 GMT
Subject: serialNumber=0eadc039fd6c435cc00d466a2f239d322744ac31970ccd3d19fb826d8af2f297, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:ac:88:5c:3a:fa:4e:75:7c:e7:12:a9:dc:1f:
20:b3:fd:22:34:fb:70:ec:65:9c:47:d5:77:de:ab:
d5:2a:a8:22:aa:ee:5a:97:ed:88:0f:bc:5d:1e:f1:
3f:7b:27:4f:b5:a2:cd:c3:78:78:8c:3a:33:d7:c2:
2e:58:75:95:52:58:e4:46:8d:31:3d:c3:53:c9:e1:
c7:9a:8e:fa:a0:3a:ab:34:fb:f6:12:2b:39:d0:f4:
60:0d:24:36:14:fd:3f:69:61:1d:a1:7d:54:f3:5e:
11:7f:b7:1f:fe:b0:ec:20:a5:d5:39:5d:36:37:9f:
94:1f:f7:e3:4b:69:0b:dd:1b:65:ea:2c:38:02:a4:
f2:26:b0:f3:94:ee:78:55:82:e8:dc:00:72:36:df:
1b:e1:80:86:11:ad:a5:13:db:d8:d7:56:f8:aa:03:
08:d0:62:25:1a:a8:5a:f6:47:bd:9e:31:ab:2c:eb:
8c:27:4c:71:69:72:05:b3:af:0f:3b:35:ff:11:16:
c6:56:b2:6f:ee:d5:e4:4c:ab:7c:50:88:fa:1a:bc:
4a:c1:4f:ca:57:56:ab:37:c5:61:ca:83:b3:fc:87:
e8:45:67:92:03:41:87:09:5c:30:9a:e9:68:02:21:
69:aa:ce:b9:cb:6e:bd:c8:6a:3f:a1:49:87:e9:9a:
e0:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:DB:2A:2E:89:29:76:77:82:68:74:FB:03:07:FF:F8:28:6C:A4:1E
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/e31b4829-a8a6-4dd2-ba5c-985e6234c3f7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.224.194.0/23
Signature Algorithm: sha256WithRSAEncryption
8b:14:21:86:df:84:69:71:14:d4:a7:ec:e4:b3:9f:01:9b:52:
e9:6e:d7:60:18:35:8a:1f:9d:c5:1d:9f:cd:04:15:d2:66:9a:
3b:ab:17:21:46:ef:59:89:af:e6:0c:66:24:a3:54:04:00:8b:
d1:ba:5f:f3:c6:2e:ff:3b:68:9f:b4:0f:37:b4:b3:33:8f:d7:
e4:3d:41:6d:37:8b:f5:e7:7d:d2:34:81:01:44:01:54:7b:e6:
6e:20:2d:71:39:c3:d2:01:2b:b0:aa:d5:cd:d7:a5:32:2e:fb:
30:e8:9e:32:bc:05:68:76:d2:b5:4d:2a:2e:eb:62:ec:04:10:
a4:de:23:6b:3d:82:0c:45:05:8f:cc:48:a1:7f:d7:7c:95:e1:
43:df:4a:ca:6d:f6:c7:37:f4:90:c9:73:7d:c5:58:4d:33:50:
df:69:9c:00:5b:d8:ac:f7:96:83:18:aa:f6:f6:b0:d9:69:a5:
ad:b4:be:ec:c5:d4:fc:4a:3e:8b:96:ed:be:07:bd:dd:7e:86:
2f:ba:b3:53:71:14:05:72:3d:76:a2:de:e0:91:6f:da:73:7e:
04:fd:9b:76:63:85:bb:2f:e5:27:e6:58:47:fb:8a:16:1e:20:
35:cc:ec:72:bb:c3:7b:06:0d:cc:f5:f5:c0:00:38:66:fa:95:
8d:04:43:1f
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUC3sA6EoE7ZAW+eocJqwrEsw9O94wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjA1MTcwMjAwMjdaFw0yNjA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDBlYWRjMDM5ZmQ2YzQzNWNjMDBkNDY2YTJmMjM5ZDMyMjc0NGFjMzE5NzBj
Y2QzZDE5ZmI4MjZkOGFmMmYyOTcxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALusiFw6+k51fOcSqdwfILP9IjT7cOxlnEfVd96r1SqoIqruWpftiA+8XR7x
P3snT7WizcN4eIw6M9fCLlh1lVJY5EaNMT3DU8nhx5qO+qA6qzT79hIrOdD0YA0k
NhT9P2lhHaF9VPNeEX+3H/6w7CCl1TldNjeflB/340tpC90bZeosOAKk8iaw85Tu
eFWC6NwAcjbfG+GAhhGtpRPb2NdW+KoDCNBiJRqoWvZHvZ4xqyzrjCdMcWlyBbOv
Dzs1/xEWxlayb+7V5EyrfFCI+hq8SsFPyldWqzfFYcqDs/yH6EVnkgNBhwlcMJrp
aAIhaarOuctuvchqP6FJh+ma4CECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQp2you
iSl2d4JodPsDB//4KGykHjAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
ZTMxYjQ4MjktYThhNi00ZGQyLWJhNWMtOTg1ZTYyMzRjM2Y3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEATPgwjAN
BgkqhkiG9w0BAQsFAAOCAQEAixQhht+EaXEU1Kfs5LOfAZtS6W7XYBg1ih+dxR2f
zQQV0maaO6sXIUbvWYmv5gxmJKNUBACL0bpf88Yu/zton7QPN7SzM4/X5D1BbTeL
9ed90jSBAUQBVHvmbiAtcTnD0gErsKrVzdelMi77MOieMrwFaHbStU0qLuti7AQQ
pN4jaz2CDEUFj8xIoX/XfJXhQ99Kym32xzf0kMlzfcVYTTNQ32mcAFvYrPeWgxiq
9vaw2WmlrbS+7MXU/Eo+i5btvge93X6GL7qzU3EUBXI9dqLe4JFv2nN+BP2bdmOF
uy/lJ+ZYR/uKFh4gNczscrvDewYNzPX1wAA4ZvqVjQRDHw==
-----END CERTIFICATE-----
Generated at Fri May 22 16:04:24 2026 by rpki-client