Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/55e704e8-470f-4c3e-82e8-03868da744a2.roa
File: 55e704e8-470f-4c3e-82e8-03868da744a2.roa (raw, json)
Hash identifier: 31yi2iIE7zMde0bY82Q2xF9rebekj29g0KZ0LMaQ7/I=
Subject key identifier: AC:52:77:AF:DF:FD:CE:8A:C0:7C:4C:16:BD:85:C3:00:25:CA:5A:82
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 4B073EE80F37A8A531E4261665F74FE20D3F79C7
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/55e704e8-470f-4c3e-82e8-03868da744a2.roa
Signing time: Tue 24 Feb 2026 00:30:08 +0000
ROA not before: Tue 24 Feb 2026 00:30:08 +0000
ROA not after: Mon 25 May 2026 23:59:59 +0000
asID: 14618
IP address blocks: 51.74.0.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:07:3e:e8:0f:37:a8:a5:31:e4:26:16:65:f7:4f:e2:0d:3f:79:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: Feb 24 00:30:08 2026 GMT
Not After : May 25 23:59:59 2026 GMT
Subject: serialNumber=a1c8eb49355be2df8bebf7e57fa4aa581d57c3a34263639ad155d413c652c99f, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:b0:e8:0a:94:56:7e:74:cd:1a:7f:04:45:5e:
81:52:f3:94:d0:1e:83:cd:5b:b2:0e:33:9d:fc:0b:
e4:ba:62:16:ce:46:7c:3b:ce:10:54:7b:70:a0:51:
25:42:b7:4e:79:7a:c5:f9:2a:db:4f:ed:70:7e:6e:
63:d5:de:5e:a9:bf:78:e3:17:71:92:b5:28:31:ed:
3b:07:48:a7:f4:f1:61:7e:ca:d2:dd:ff:7b:40:c8:
a3:0a:cc:5e:b6:35:5b:b6:82:ef:3a:f9:58:62:be:
15:b8:b5:24:b5:25:72:1c:e4:12:fa:26:61:b6:94:
d6:f3:04:e2:ba:90:3d:60:1b:5b:d3:bd:9e:fd:38:
c9:ac:67:22:68:88:a1:b8:0b:9b:3b:0d:b9:64:2b:
a8:b5:3f:c8:a6:68:46:a4:c3:33:22:93:32:61:8a:
0a:22:e8:d7:90:2a:45:62:bd:48:ba:ba:1e:9b:eb:
01:20:0f:04:ea:96:b8:34:8a:69:ea:39:e0:d7:95:
07:fd:24:85:ea:ff:77:e0:d7:79:a6:ee:ab:3f:17:
1a:5d:31:50:fc:1c:90:57:c3:77:6d:74:22:b7:e1:
b9:15:5b:1e:a0:b4:6d:37:3c:b0:32:b0:a0:cb:61:
2c:87:97:62:f9:57:49:b2:9e:66:7f:15:fa:87:d5:
f4:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:52:77:AF:DF:FD:CE:8A:C0:7C:4C:16:BD:85:C3:00:25:CA:5A:82
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/55e704e8-470f-4c3e-82e8-03868da744a2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.74.0.0/20
Signature Algorithm: sha256WithRSAEncryption
77:5c:05:2e:29:be:1f:2c:94:d3:2d:8b:de:55:f0:d5:5b:5a:
08:fc:bd:15:8e:5a:03:f0:4d:29:15:27:02:b0:7e:49:45:29:
00:6c:30:26:d8:88:03:7b:5a:5e:35:22:e4:29:40:b0:19:0f:
35:8a:bc:4d:19:7f:1e:83:4d:1e:f5:23:87:11:69:c8:db:cd:
87:9f:a4:7b:58:16:37:68:bf:ab:62:57:a0:48:a2:cc:79:fc:
c5:ff:3e:e1:85:08:ec:6f:fe:56:a0:65:47:08:4b:8e:e9:aa:
34:78:46:94:68:67:65:78:2a:92:ce:ab:89:8e:50:42:a1:b7:
d6:fa:c9:b2:09:ae:be:3e:ac:32:e8:f5:90:fa:f4:55:69:f6:
0b:cc:99:55:2c:7e:f0:90:98:bb:a3:82:97:13:ff:0b:44:6f:
f0:b9:25:17:c8:ff:0b:b8:ec:32:38:5b:7f:42:2d:96:30:bb:
73:df:96:26:7f:88:2d:31:7e:44:28:81:7f:3a:d8:31:27:ca:
23:b2:ee:7f:aa:47:c5:d9:ab:6b:1a:ef:9a:6d:70:bf:00:e4:
cc:6d:31:b3:78:64:4c:31:ef:05:e1:75:b1:81:2a:3d:56:dc:
d5:e1:5f:a5:b1:c8:f3:62:a4:f9:f1:74:19:39:86:18:18:32:
09:e8:2c:73
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUSwc+6A83qKUx5CYWZfdP4g0/eccwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjAyMjQwMDMwMDhaFw0yNjA1MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGExYzhlYjQ5MzU1YmUyZGY4YmViZjdlNTdmYTRhYTU4MWQ1N2MzYTM0MjYz
NjM5YWQxNTVkNDEzYzY1MmM5OWYxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALiw6AqUVn50zRp/BEVegVLzlNAeg81bsg4znfwL5LpiFs5GfDvOEFR7cKBR
JUK3Tnl6xfkq20/tcH5uY9XeXqm/eOMXcZK1KDHtOwdIp/TxYX7K0t3/e0DIowrM
XrY1W7aC7zr5WGK+Fbi1JLUlchzkEvomYbaU1vME4rqQPWAbW9O9nv04yaxnImiI
obgLmzsNuWQrqLU/yKZoRqTDMyKTMmGKCiLo15AqRWK9SLq6HpvrASAPBOqWuDSK
aeo54NeVB/0kher/d+DXeabuqz8XGl0xUPwckFfDd210IrfhuRVbHqC0bTc8sDKw
oMthLIeXYvlXSbKeZn8V+ofV9OsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSsUnev
3/3OisB8TBa9hcMAJcpagjAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
NTVlNzA0ZTgtNDcwZi00YzNlLTgyZTgtMDM4NjhkYTc0NGEyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBDNKADAN
BgkqhkiG9w0BAQsFAAOCAQEAd1wFLim+HyyU0y2L3lXw1VtaCPy9FY5aA/BNKRUn
ArB+SUUpAGwwJtiIA3taXjUi5ClAsBkPNYq8TRl/HoNNHvUjhxFpyNvNh5+ke1gW
N2i/q2JXoEiizHn8xf8+4YUI7G/+VqBlRwhLjumqNHhGlGhnZXgqks6riY5QQqG3
1vrJsgmuvj6sMuj1kPr0VWn2C8yZVSx+8JCYu6OClxP/C0Rv8LklF8j/C7jsMjhb
f0ItljC7c9+WJn+ILTF+RCiBfzrYMSfKI7Luf6pHxdmraxrvmm1wvwDkzG0xs3hk
TDHvBeF1sYEqPVbc1eFfpbHI82Kk+fF0GTmGGBgyCegscw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 11:16:07 2026 by rpki-client