Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/5e0372f9-155c-44b5-a4db-e3da48adfab2.roa
File: 5e0372f9-155c-44b5-a4db-e3da48adfab2.roa (raw, json)
Hash identifier: dRAPNUZ6VTJpjJRQaS1gAEfAaiHkrjAPriGDQU9ztno=
Subject key identifier: 4E:1C:E1:38:3E:11:6D:B5:7F:9B:88:16:69:10:7A:14:34:E8:FB:7F
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 1625D5EB25B9F6EDDB88A935D66670C97ED0F648
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/5e0372f9-155c-44b5-a4db-e3da48adfab2.roa
Signing time: Sun 17 May 2026 02:00:06 +0000
ROA not before: Sun 17 May 2026 02:00:06 +0000
ROA not after: Sat 15 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.0.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:25:d5:eb:25:b9:f6:ed:db:88:a9:35:d6:66:70:c9:7e:d0:f6:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: May 17 02:00:06 2026 GMT
Not After : Aug 15 23:59:59 2026 GMT
Subject: serialNumber=cf121abf89f9f430fd36eb15b6f87aed3a98602c5c7979d12cc0d2d5b598ce89, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:72:69:2e:d2:5b:5d:dd:99:06:61:05:1b:47:
6d:5e:9f:ae:40:a2:65:95:e9:7f:5b:36:ae:8f:53:
95:67:1b:d8:e8:c1:a0:98:36:6b:6b:6f:d6:86:00:
15:c7:6e:53:92:72:f9:0b:6a:5f:7c:b4:69:80:4e:
1d:47:ec:b9:73:a8:17:1f:3e:03:ab:f5:02:f6:02:
b2:ba:10:76:5e:8e:af:22:d3:10:9a:a4:72:34:58:
57:c3:07:11:76:62:9f:c7:ee:5d:27:13:87:94:9a:
d9:38:ac:8e:92:93:32:6b:27:90:86:9e:6a:09:d6:
e0:2f:d0:a1:29:21:40:ba:ae:2e:0d:36:73:32:72:
c1:57:6d:a2:c4:71:4b:03:b9:64:25:78:3a:2b:a2:
81:6f:68:d6:dd:41:53:37:81:67:b1:47:8a:27:2a:
3e:1c:97:27:f9:05:b9:56:4f:da:92:99:49:df:e5:
34:b3:af:65:4f:a8:86:3a:43:ab:68:03:ff:8a:e2:
9e:8d:a3:97:a3:94:34:df:3f:ef:68:dc:2d:4f:b4:
7a:1b:87:e9:0d:bb:88:5a:61:3b:63:37:2c:6a:66:
41:3b:db:ff:f3:48:a0:b3:1a:b2:1f:c3:a8:cc:a9:
bb:4f:4a:55:64:3e:cf:cf:64:0e:bd:ea:18:0a:1b:
8a:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:1C:E1:38:3E:11:6D:B5:7F:9B:88:16:69:10:7A:14:34:E8:FB:7F
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/5e0372f9-155c-44b5-a4db-e3da48adfab2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.0.0/20
Signature Algorithm: sha256WithRSAEncryption
93:11:19:4e:e6:cf:e9:76:15:b3:b2:86:52:ca:fb:36:5d:04:
2c:3b:4b:1c:b0:36:eb:01:25:f2:b6:56:49:4c:a0:5f:15:24:
c0:48:1b:22:9d:bc:d9:20:60:ae:25:bc:51:eb:c9:d8:49:48:
1d:50:db:e9:ad:84:b9:cf:87:1b:d2:02:1c:a4:fe:37:e9:0b:
66:75:e9:8f:ac:c7:1c:0b:3c:30:e1:6d:e3:7b:8f:d6:17:9c:
fa:29:54:6e:b5:24:20:d1:54:cf:da:0b:56:c2:21:f2:8f:11:
32:8f:e6:da:b8:7a:c6:44:53:94:ac:18:12:d1:ae:6d:74:73:
ef:c4:90:1d:36:d3:8d:95:32:b2:4f:df:c5:bd:b2:ce:76:df:
e0:69:bf:a0:56:7f:7d:26:87:73:c5:47:e3:ca:7a:26:46:e0:
a5:fd:75:69:18:a9:7e:45:b2:72:a6:2c:5c:4b:8d:8d:51:0e:
03:60:ec:37:80:d0:73:81:e9:a3:a2:31:a6:7b:b9:d7:20:84:
a9:6b:9c:65:b3:b8:de:4a:1e:6e:f3:65:f7:47:4e:80:80:ff:
0c:b8:f6:14:cf:47:67:e0:19:c5:2c:66:d2:09:18:ae:9f:c1:
fc:6e:84:e6:e6:39:7e:5e:c2:ca:8c:3e:83:4c:5a:e6:7e:f1:
a8:b8:c2:e1
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUFiXV6yW59u3biKk11mZwyX7Q9kgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjA1MTcwMjAwMDZaFw0yNjA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGNmMTIxYWJmODlmOWY0MzBmZDM2ZWIxNWI2Zjg3YWVkM2E5ODYwMmM1Yzc5
NzlkMTJjYzBkMmQ1YjU5OGNlODkxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKRyaS7SW13dmQZhBRtHbV6frkCiZZXpf1s2ro9TlWcb2OjBoJg2a2tv1oYA
FcduU5Jy+QtqX3y0aYBOHUfsuXOoFx8+A6v1AvYCsroQdl6OryLTEJqkcjRYV8MH
EXZin8fuXScTh5Sa2TisjpKTMmsnkIaeagnW4C/QoSkhQLquLg02czJywVdtosRx
SwO5ZCV4OiuigW9o1t1BUzeBZ7FHiicqPhyXJ/kFuVZP2pKZSd/lNLOvZU+ohjpD
q2gD/4rino2jl6OUNN8/72jcLU+0ehuH6Q27iFphO2M3LGpmQTvb//NIoLMash/D
qMypu09KVWQ+z89kDr3qGAobitkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBROHOE4
PhFttX+biBZpEHoUNOj7fzAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
NWUwMzcyZjktMTU1Yy00NGI1LWE0ZGItZTNkYTQ4YWRmYWIyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBDMAADAN
BgkqhkiG9w0BAQsFAAOCAQEAkxEZTubP6XYVs7KGUsr7Nl0ELDtLHLA26wEl8rZW
SUygXxUkwEgbIp282SBgriW8UevJ2ElIHVDb6a2Euc+HG9ICHKT+N+kLZnXpj6zH
HAs8MOFt43uP1hec+ilUbrUkINFUz9oLVsIh8o8RMo/m2rh6xkRTlKwYEtGubXRz
78SQHTbTjZUysk/fxb2yznbf4Gm/oFZ/fSaHc8VH48p6Jkbgpf11aRipfkWycqYs
XEuNjVEOA2DsN4DQc4Hpo6Ixpnu51yCEqWucZbO43koebvNl90dOgID/DLj2FM9H
Z+AZxSxm0gkYrp/B/G6E5uY5fl7Cyow+g0xa5n7xqLjC4Q==
-----END CERTIFICATE-----
Generated at Sat Jun 13 12:42:28 2026 by rpki-client