Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/4ba2e613-2f39-43d0-bd95-5a21ce239ff0.roa
File: 4ba2e613-2f39-43d0-bd95-5a21ce239ff0.roa (raw, json)
Hash identifier: c09hUvJGnzh1bZDDEOhsrj3BjkGj+hFcHxuf0utFonc=
Subject key identifier: BF:00:0E:68:97:45:4D:68:87:5A:DE:C4:01:85:DD:E7:DE:95:7E:9D
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 0450FBEA3012D5E7EB90666735DB536C9012A1A8
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/4ba2e613-2f39-43d0-bd95-5a21ce239ff0.roa
Signing time: Thu 26 Feb 2026 02:00:32 +0000
ROA not before: Thu 26 Feb 2026 02:00:32 +0000
ROA not after: Wed 27 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.224.182.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:50:fb:ea:30:12:d5:e7:eb:90:66:67:35:db:53:6c:90:12:a1:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: Feb 26 02:00:32 2026 GMT
Not After : May 27 23:59:59 2026 GMT
Subject: serialNumber=77bd3f7c509cf0b14fb2ee09b541cf382777b84b966d32e411b352001b36bb5a, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:24:1b:6f:36:2a:87:ee:1d:85:49:6c:16:3a:
99:6a:6b:94:ba:24:1c:1c:f5:98:47:97:71:31:d0:
e6:e8:57:d7:83:e2:e1:fd:21:f4:29:ca:e2:84:94:
6f:61:2c:fe:95:18:2a:75:e5:b3:26:10:ca:70:50:
eb:95:b7:9d:c5:46:9e:62:2f:b9:a4:84:7b:ea:6d:
2d:9f:48:a4:e8:a9:50:8a:66:6a:ec:23:76:c3:3d:
b9:6c:a8:27:fc:cd:d7:02:10:89:25:92:b1:3f:9a:
cf:16:b4:6b:d8:b2:23:58:84:ac:a4:42:fb:92:c1:
31:8b:85:8d:4f:ef:65:3f:b6:b0:aa:30:94:96:78:
6a:7d:3a:01:68:ff:68:4c:4b:c0:f7:4a:cf:fe:96:
89:c9:67:2f:11:12:98:77:cf:5c:c1:84:41:80:0a:
5c:c0:b5:00:a5:5c:e1:cc:96:bf:20:1f:95:33:68:
27:34:8f:44:21:42:1c:4e:98:f4:a4:9a:33:9d:ce:
59:5c:e3:f4:7c:cb:70:9e:f9:f9:df:ed:8d:a4:a4:
2c:58:6d:b4:71:5a:b9:e1:a9:d4:fc:5e:48:bd:2b:
11:89:b3:e5:5a:81:c6:fa:19:88:9a:44:0d:11:1f:
2f:92:0b:1f:c3:f1:19:89:ae:0e:37:ee:b4:d0:98:
90:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:00:0E:68:97:45:4D:68:87:5A:DE:C4:01:85:DD:E7:DE:95:7E:9D
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/4ba2e613-2f39-43d0-bd95-5a21ce239ff0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.224.182.0/23
Signature Algorithm: sha256WithRSAEncryption
38:27:47:00:f4:17:14:92:41:5e:6f:a8:f1:77:5e:fb:e7:45:
12:fb:1f:42:00:9a:1d:a2:f2:54:73:45:d0:27:c9:cc:e3:17:
96:25:d9:c6:35:d8:73:13:cd:66:38:de:b3:6d:e8:93:62:1e:
3a:f8:02:fa:1b:b9:c9:b4:63:15:71:0c:9f:e6:b3:20:43:90:
93:5d:f3:3c:a8:b5:ad:51:08:f4:1f:81:b0:85:ad:3a:51:46:
f3:7a:95:7c:ce:cb:65:f8:06:d1:04:66:39:89:60:41:9b:e3:
62:55:38:90:b9:5d:30:28:f3:1d:22:1a:04:64:7d:51:86:0e:
42:16:e6:28:d5:cf:4c:19:7d:6c:8e:c6:61:b1:57:9d:5f:96:
65:18:f3:f1:21:e8:d1:fd:4d:ff:a7:ea:87:69:3c:1f:01:bc:
4a:cf:40:7e:05:86:f1:97:62:47:71:3d:05:b3:d5:af:84:79:
57:49:a6:1c:c4:2c:2b:58:52:cc:5a:be:8a:d2:69:20:8c:cd:
c9:ec:66:aa:5a:8f:c8:f0:d1:4c:32:83:d5:67:4e:b5:30:18:
d9:bc:cd:44:5e:02:b1:7c:e9:22:32:a8:0b:51:91:3b:4e:92:
5a:9c:f9:17:59:1d:d3:e9:0a:f8:f4:6f:a0:30:6b:4c:f3:2e:
1e:b1:ee:bb
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUBFD76jAS1efrkGZnNdtTbJASoagwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjAyMjYwMjAwMzJaFw0yNjA1MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDc3YmQzZjdjNTA5Y2YwYjE0ZmIyZWUwOWI1NDFjZjM4Mjc3N2I4NGI5NjZk
MzJlNDExYjM1MjAwMWIzNmJiNWExLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANckG282KofuHYVJbBY6mWprlLokHBz1mEeXcTHQ5uhX14Pi4f0h9CnK4oSU
b2Es/pUYKnXlsyYQynBQ65W3ncVGnmIvuaSEe+ptLZ9IpOipUIpmauwjdsM9uWyo
J/zN1wIQiSWSsT+azxa0a9iyI1iErKRC+5LBMYuFjU/vZT+2sKowlJZ4an06AWj/
aExLwPdKz/6WiclnLxESmHfPXMGEQYAKXMC1AKVc4cyWvyAflTNoJzSPRCFCHE6Y
9KSaM53OWVzj9HzLcJ75+d/tjaSkLFhttHFaueGp1PxeSL0rEYmz5VqBxvoZiJpE
DREfL5ILH8PxGYmuDjfutNCYkFsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBS/AA5o
l0VNaIda3sQBhd3n3pV+nTAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
NGJhMmU2MTMtMmYzOS00M2QwLWJkOTUtNWEyMWNlMjM5ZmYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEATPgtjAN
BgkqhkiG9w0BAQsFAAOCAQEAOCdHAPQXFJJBXm+o8Xde++dFEvsfQgCaHaLyVHNF
0CfJzOMXliXZxjXYcxPNZjjes23ok2IeOvgC+hu5ybRjFXEMn+azIEOQk13zPKi1
rVEI9B+BsIWtOlFG83qVfM7LZfgG0QRmOYlgQZvjYlU4kLldMCjzHSIaBGR9UYYO
QhbmKNXPTBl9bI7GYbFXnV+WZRjz8SHo0f1N/6fqh2k8HwG8Ss9AfgWG8ZdiR3E9
BbPVr4R5V0mmHMQsK1hSzFq+itJpIIzNyexmqlqPyPDRTDKD1WdOtTAY2bzNRF4C
sXzpIjKoC1GRO06SWpz5F1kd0+kK+PRvoDBrTPMuHrHuuw==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:56:41 2026 by rpki-client