Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/01b25f37-a868-47f9-bc61-95397088dcdf.roa
File: 01b25f37-a868-47f9-bc61-95397088dcdf.roa (raw, json)
Hash identifier: eJXXUMu4Np9+4VKzGF/O91SNViCHU6fFvNTT9TbRZqw=
Subject key identifier: 30:6C:CC:B8:4B:87:8C:A4:3D:DC:62:A3:11:56:72:7E:A0:0B:E2:68
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 02BF110B5CAE0C5E467A6864AFD02692F3D7BD50
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/01b25f37-a868-47f9-bc61-95397088dcdf.roa
Signing time: Thu 26 Feb 2026 02:00:13 +0000
ROA not before: Thu 26 Feb 2026 02:00:13 +0000
ROA not after: Wed 27 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.224.190.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:bf:11:0b:5c:ae:0c:5e:46:7a:68:64:af:d0:26:92:f3:d7:bd:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: Feb 26 02:00:13 2026 GMT
Not After : May 27 23:59:59 2026 GMT
Subject: serialNumber=cd55042f3b04e758091a7c4a6fe0df743fe68e60b0bba29e183366a3e937bf84, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:aa:5b:46:48:2e:39:c1:99:85:eb:89:18:83:
0f:e9:f6:df:cf:fb:4e:ed:82:9e:c9:fd:64:76:10:
f8:0c:38:cf:c6:65:a3:03:aa:3b:a9:a5:ba:cb:f9:
30:4e:fe:78:f0:a9:66:52:39:ba:0d:8c:8f:0c:43:
a4:7b:9f:c5:32:2a:d4:2a:01:e9:cc:bc:f5:e8:77:
a6:44:05:a0:3c:20:fc:d6:03:2f:5d:77:0d:6e:69:
05:ce:f0:63:11:de:51:e9:89:c4:09:aa:43:da:81:
64:b7:b6:f4:f1:7c:11:94:c4:fc:05:a1:1c:58:0e:
89:5d:55:94:11:ac:60:29:9e:a7:79:63:63:0c:a9:
d5:38:2d:da:e5:c8:e4:86:30:91:7b:86:be:24:8b:
52:46:c6:f6:26:f9:ea:ad:eb:66:be:8b:e9:21:1d:
39:bf:22:2c:c7:a4:b6:e4:ab:58:de:dc:bd:63:c6:
05:88:a7:08:86:e8:90:ac:2f:73:67:1d:f7:42:5e:
e6:63:37:ac:11:eb:52:91:05:06:d0:c2:37:56:e0:
80:91:fa:73:f1:7e:e0:d2:e0:b0:6d:6a:9a:35:fc:
d3:d2:3c:d9:ff:72:5b:d4:dc:7a:32:03:1a:64:a9:
73:a8:38:c9:9d:5d:21:e3:37:f4:85:bb:8d:e6:12:
1c:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:6C:CC:B8:4B:87:8C:A4:3D:DC:62:A3:11:56:72:7E:A0:0B:E2:68
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/01b25f37-a868-47f9-bc61-95397088dcdf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.224.190.0/23
Signature Algorithm: sha256WithRSAEncryption
85:e3:88:68:fd:9f:30:73:a5:61:57:bc:a6:54:66:96:1a:c4:
03:4b:01:ff:22:cd:b4:2e:9d:9c:9e:51:25:26:df:8d:ff:84:
60:24:18:9a:e5:fd:b7:68:0b:4b:49:a4:63:de:8e:5e:3c:29:
12:e4:c5:81:31:10:8c:e8:b9:20:db:1a:38:6d:a3:26:ff:bd:
73:58:85:2e:9b:36:69:0a:78:5e:72:47:a6:b3:22:43:5f:e3:
d7:14:27:40:6a:16:e2:c5:6b:77:82:af:3d:2e:02:1f:83:e1:
ed:f2:24:4b:7f:d8:ed:9d:97:b0:73:32:5f:9b:43:fd:b4:5d:
99:fc:eb:f0:f9:c0:cc:de:e8:7a:dc:f3:76:c0:5f:4b:07:1f:
ea:c8:e2:44:1d:d9:8d:84:ca:56:ed:77:85:89:db:8b:fe:88:
96:a9:b7:58:39:62:dc:0e:30:db:9f:5a:15:32:f3:99:26:ce:
d2:42:d3:34:5a:38:3b:9f:dd:c0:24:7e:25:20:de:91:b0:cc:
9c:d9:cd:08:1d:42:54:34:fa:09:42:9d:d8:e5:f1:83:17:1e:
a0:89:2c:fb:b4:50:01:df:b3:72:4c:4a:c0:a7:19:78:d8:dc:
2a:8d:04:90:65:49:a3:fc:e7:66:a4:f4:3e:70:f7:77:6b:41:
97:a8:5a:d9
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUAr8RC1yuDF5Gemhkr9AmkvPXvVAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjAyMjYwMjAwMTNaFw0yNjA1MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQGNkNTUwNDJmM2IwNGU3NTgwOTFhN2M0YTZmZTBkZjc0M2ZlNjhlNjBiMGJi
YTI5ZTE4MzM2NmEzZTkzN2JmODQxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKqqW0ZILjnBmYXriRiDD+n238/7Tu2Cnsn9ZHYQ+Aw4z8ZlowOqO6mlusv5
ME7+ePCpZlI5ug2MjwxDpHufxTIq1CoB6cy89eh3pkQFoDwg/NYDL113DW5pBc7w
YxHeUemJxAmqQ9qBZLe29PF8EZTE/AWhHFgOiV1VlBGsYCmep3ljYwyp1Tgt2uXI
5IYwkXuGviSLUkbG9ib56q3rZr6L6SEdOb8iLMektuSrWN7cvWPGBYinCIbokKwv
c2cd90Je5mM3rBHrUpEFBtDCN1bggJH6c/F+4NLgsG1qmjX809I82f9yW9TcejID
GmSpc6g4yZ1dIeM39IW7jeYSHFECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQwbMy4
S4eMpD3cYqMRVnJ+oAviaDAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
MDFiMjVmMzctYTg2OC00N2Y5LWJjNjEtOTUzOTcwODhkY2RmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEATPgvjAN
BgkqhkiG9w0BAQsFAAOCAQEAheOIaP2fMHOlYVe8plRmlhrEA0sB/yLNtC6dnJ5R
JSbfjf+EYCQYmuX9t2gLS0mkY96OXjwpEuTFgTEQjOi5INsaOG2jJv+9c1iFLps2
aQp4XnJHprMiQ1/j1xQnQGoW4sVrd4KvPS4CH4Ph7fIkS3/Y7Z2XsHMyX5tD/bRd
mfzr8PnAzN7oetzzdsBfSwcf6sjiRB3ZjYTKVu13hYnbi/6Ilqm3WDli3A4w259a
FTLzmSbO0kLTNFo4O5/dwCR+JSDekbDMnNnNCB1CVDT6CUKd2OXxgxceoIks+7RQ
Ad+zckxKwKcZeNjcKo0EkGVJo/znZqT0PnD3d2tBl6ha2Q==
-----END CERTIFICATE-----
Generated at Mon Mar 2 10:33:53 2026 by rpki-client