Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/16271914-dc77-4545-b526-a3ebfab5d63a.roa
File: 16271914-dc77-4545-b526-a3ebfab5d63a.roa (raw, json)
Hash identifier: Qiv3QymNtNiQrTo1CeJeulG4PhdwJaKkRGB46NQ61y4=
Subject key identifier: 15:C2:32:80:79:D5:0D:94:19:40:01:CE:3F:02:EC:D2:B9:DF:5F:3B
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 3FBB82180866A83B5A5EFA596C4DB2E6AA5D8604
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/16271914-dc77-4545-b526-a3ebfab5d63a.roa
Signing time: Thu 26 Feb 2026 02:00:32 +0000
ROA not before: Thu 26 Feb 2026 02:00:32 +0000
ROA not after: Wed 27 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.224.192.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:bb:82:18:08:66:a8:3b:5a:5e:fa:59:6c:4d:b2:e6:aa:5d:86:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: Feb 26 02:00:32 2026 GMT
Not After : May 27 23:59:59 2026 GMT
Subject: serialNumber=752a43215a1346b9f5ed026f36c4abe4706ff324fc28988bdbf36d9e35e5f7b5, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:68:11:b0:db:3e:c1:7d:3f:5e:09:16:40:7c:
80:a6:be:fa:78:fd:09:cb:12:04:82:31:e4:1f:85:
41:5e:9a:45:e8:56:f9:e0:23:60:50:4a:a1:2b:17:
41:68:19:e5:80:a1:e2:3d:1b:2d:e0:a1:17:16:0a:
1f:c2:8e:30:bd:cb:b1:56:12:84:f0:3e:78:5a:25:
c9:74:90:e0:be:b1:13:07:13:e0:d7:59:a2:a3:ce:
09:9f:14:c1:09:89:7b:8c:f8:eb:c1:21:dd:8d:a6:
98:a3:b9:52:68:6c:85:e0:d4:3b:17:e9:ac:17:28:
e6:1e:b1:4e:9c:d4:c0:c4:2f:a6:f4:f8:40:2a:55:
ee:ff:82:d1:14:22:03:61:3c:61:7f:6a:2d:db:8f:
45:5d:df:7e:bf:76:f6:bb:43:ac:c6:7a:80:91:f9:
0f:07:99:65:7a:15:d5:10:6e:f0:60:af:74:d5:31:
c9:0c:e5:5c:75:f4:2d:9d:68:54:ad:4d:e2:02:3d:
14:ee:71:3c:d4:60:22:c0:5b:de:96:60:c2:be:1e:
0c:4b:93:b0:e9:ec:bf:c6:ad:fc:58:b9:c7:57:42:
3d:0a:c1:c6:25:85:d8:a7:59:9d:f6:99:de:a3:00:
c5:70:cf:72:1d:e8:b4:3c:20:d6:3f:91:57:2b:47:
fb:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:C2:32:80:79:D5:0D:94:19:40:01:CE:3F:02:EC:D2:B9:DF:5F:3B
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/16271914-dc77-4545-b526-a3ebfab5d63a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.224.192.0/23
Signature Algorithm: sha256WithRSAEncryption
45:bf:fa:05:db:d4:05:7e:21:f4:87:7c:cc:dc:19:0b:38:b7:
54:e3:76:0e:ba:8a:9b:b8:7f:fb:8a:3b:ec:19:ed:57:eb:c1:
e5:ad:0b:c6:93:02:0e:7e:ec:bf:cf:cd:56:46:16:c4:bf:6a:
f2:0a:fe:34:67:ee:0f:30:7f:da:4a:d3:16:4f:c1:02:c2:c4:
46:56:f7:22:bf:6a:a8:15:88:ef:98:ed:e5:39:06:1e:41:73:
b8:76:96:7f:b5:d5:39:63:5f:21:1b:c6:af:50:67:7a:88:0c:
2d:4a:4f:44:d4:e5:f1:1c:8d:a8:c3:2f:dc:5e:62:ae:3d:57:
b5:34:66:8f:ba:99:54:87:3c:79:2c:55:3e:63:ed:f6:e4:13:
5a:06:65:e2:1f:36:62:48:c2:d7:90:4d:2b:3a:19:27:86:76:
a3:8b:bf:db:bd:bb:34:a0:b0:44:4f:df:ba:48:d5:90:8d:7c:
93:4c:23:3a:5d:9b:dc:0b:01:f0:b2:a1:e5:aa:f1:e1:39:32:
bd:38:eb:eb:1b:f3:54:95:63:c4:10:2c:7e:15:8c:b7:cb:42:
44:c6:fd:02:6c:d9:fc:13:66:f5:5b:72:ac:be:68:69:b1:05:
24:77:5a:79:70:30:c1:ca:04:8a:d7:f7:85:69:3b:7d:24:81:
c7:e1:a7:0f
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUP7uCGAhmqDtaXvpZbE2y5qpdhgQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjAyMjYwMjAwMzJaFw0yNjA1MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDc1MmE0MzIxNWExMzQ2YjlmNWVkMDI2ZjM2YzRhYmU0NzA2ZmYzMjRmYzI4
OTg4YmRiZjM2ZDllMzVlNWY3YjUxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMRoEbDbPsF9P14JFkB8gKa++nj9CcsSBIIx5B+FQV6aRehW+eAjYFBKoSsX
QWgZ5YCh4j0bLeChFxYKH8KOML3LsVYShPA+eFolyXSQ4L6xEwcT4NdZoqPOCZ8U
wQmJe4z468Eh3Y2mmKO5UmhsheDUOxfprBco5h6xTpzUwMQvpvT4QCpV7v+C0RQi
A2E8YX9qLduPRV3ffr929rtDrMZ6gJH5DweZZXoV1RBu8GCvdNUxyQzlXHX0LZ1o
VK1N4gI9FO5xPNRgIsBb3pZgwr4eDEuTsOnsv8at/Fi5x1dCPQrBxiWF2KdZnfaZ
3qMAxXDPch3otDwg1j+RVytH+60CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQVwjKA
edUNlBlAAc4/AuzSud9fOzAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
MTYyNzE5MTQtZGM3Ny00NTQ1LWI1MjYtYTNlYmZhYjVkNjNhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEATPgwDAN
BgkqhkiG9w0BAQsFAAOCAQEARb/6BdvUBX4h9Id8zNwZCzi3VON2DrqKm7h/+4o7
7BntV+vB5a0LxpMCDn7sv8/NVkYWxL9q8gr+NGfuDzB/2krTFk/BAsLERlb3Ir9q
qBWI75jt5TkGHkFzuHaWf7XVOWNfIRvGr1BneogMLUpPRNTl8RyNqMMv3F5irj1X
tTRmj7qZVIc8eSxVPmPt9uQTWgZl4h82YkjC15BNKzoZJ4Z2o4u/2727NKCwRE/f
ukjVkI18k0wjOl2b3AsB8LKh5arx4TkyvTjr6xvzVJVjxBAsfhWMt8tCRMb9AmzZ
/BNm9VtyrL5oabEFJHdaeXAwwcoEitf3hWk7fSSBx+GnDw==
-----END CERTIFICATE-----
Generated at Sun Mar 1 22:02:11 2026 by rpki-client