Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/736aa60e-d4e2-4ca5-b96b-c64d8fa18dc1.roa
File: 736aa60e-d4e2-4ca5-b96b-c64d8fa18dc1.roa (raw, json)
Hash identifier: A8/ZIBxKt8ox65pjkCSCRM7tg0E0Nz3wl+3Z/RFZg0E=
Subject key identifier: F8:0D:F4:6A:CD:8D:8C:FB:31:29:BE:51:43:B6:5C:88:64:AB:0A:F7
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 67AB61AF5E79127233D63F2D2D36A09F24C105D2
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/736aa60e-d4e2-4ca5-b96b-c64d8fa18dc1.roa
Signing time: Thu 26 Feb 2026 02:00:13 +0000
ROA not before: Thu 26 Feb 2026 02:00:13 +0000
ROA not after: Wed 27 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.224.186.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:ab:61:af:5e:79:12:72:33:d6:3f:2d:2d:36:a0:9f:24:c1:05:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: Feb 26 02:00:13 2026 GMT
Not After : May 27 23:59:59 2026 GMT
Subject: serialNumber=cd4c59e257c0a00b530ff03656fdd5d814e4b917943da50e7f1b5cd0d9663c5c, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:30:5a:22:7b:72:d0:81:53:0e:be:5f:70:ce:
96:cd:ec:5e:27:90:61:ea:0e:34:72:7a:41:4f:24:
ab:f2:b9:ce:ea:e4:c1:31:3a:1c:3d:ca:6e:2b:5d:
4a:ee:82:c0:7e:fd:42:67:54:40:47:a3:a4:6e:09:
89:a8:40:6b:24:f2:aa:72:f7:ac:16:5f:ca:d5:cd:
01:d2:b3:f7:81:cb:13:c3:f4:69:0d:03:e0:f2:41:
55:ae:5d:04:93:6d:f4:69:36:45:1d:c7:9b:ab:95:
a1:42:a2:75:69:09:5e:47:b2:e5:72:60:c0:f1:d3:
1a:6a:85:33:2f:0f:5b:61:60:54:d2:eb:07:93:90:
16:8a:80:ab:20:03:f9:5e:b1:77:e9:57:50:80:54:
3c:05:51:d8:8b:b5:5e:66:45:8c:d1:cd:2e:e4:13:
69:c3:e4:7e:af:6a:39:e5:e6:db:0e:94:dd:94:cc:
22:3b:4c:bc:fc:33:8a:a9:d8:5e:14:62:09:75:46:
46:83:0e:48:40:55:62:40:6c:ee:32:d8:bf:4c:0e:
f7:da:0c:39:fc:09:29:53:89:56:1e:44:02:be:0d:
e9:26:56:e9:8f:49:c4:d5:3f:5b:b3:24:28:9f:ab:
aa:37:7e:e5:52:1c:82:20:a2:a4:7a:ec:e4:66:b4:
de:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:0D:F4:6A:CD:8D:8C:FB:31:29:BE:51:43:B6:5C:88:64:AB:0A:F7
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/736aa60e-d4e2-4ca5-b96b-c64d8fa18dc1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.224.186.0/23
Signature Algorithm: sha256WithRSAEncryption
c0:11:58:05:68:d8:b4:aa:5a:de:8f:e0:d9:08:48:89:a8:bf:
d0:2f:a8:94:02:25:0c:37:61:5b:34:fb:35:24:ac:59:76:71:
8e:dc:df:75:c9:cd:02:51:db:e1:fc:0b:ca:3b:03:8c:db:11:
72:c2:16:34:6b:1b:e2:30:35:76:fa:c2:81:08:3c:23:0b:b5:
de:f7:99:63:3d:93:cf:09:3d:35:1a:7f:00:e7:94:74:45:25:
c5:27:f4:9d:6e:3c:99:f9:94:9e:d4:86:03:18:97:16:1a:19:
13:43:0f:3f:27:3d:a4:5f:ae:a8:f0:0b:46:36:78:24:66:01:
b1:e3:e6:e4:ce:ee:d9:b5:7d:ca:88:75:8b:5d:14:84:44:82:
ed:a2:35:bb:14:a0:4e:25:a0:8d:d9:49:66:a8:70:81:8b:ee:
2c:0a:a4:60:4f:8d:40:94:3e:75:0a:87:f2:63:60:66:29:ae:
62:6c:39:8d:85:d6:4f:e6:54:5c:98:4f:fe:1e:0c:94:d2:29:
a6:91:5c:aa:ab:a0:e7:8f:5c:0b:ff:ce:21:47:ef:cf:7e:7c:
63:65:a8:5b:5b:38:18:9d:08:a5:b5:ca:52:26:8c:3c:28:e1:
36:6f:55:69:76:3b:d2:c8:88:6b:c4:cf:d3:e9:d2:a1:41:e5:
ea:d6:a0:80
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUZ6thr155EnIz1j8tLTagnyTBBdIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjAyMjYwMjAwMTNaFw0yNjA1MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQGNkNGM1OWUyNTdjMGEwMGI1MzBmZjAzNjU2ZmRkNWQ4MTRlNGI5MTc5NDNk
YTUwZTdmMWI1Y2QwZDk2NjNjNWMxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKEwWiJ7ctCBUw6+X3DOls3sXieQYeoONHJ6QU8kq/K5zurkwTE6HD3Kbitd
Su6CwH79QmdUQEejpG4JiahAayTyqnL3rBZfytXNAdKz94HLE8P0aQ0D4PJBVa5d
BJNt9Gk2RR3Hm6uVoUKidWkJXkey5XJgwPHTGmqFMy8PW2FgVNLrB5OQFoqAqyAD
+V6xd+lXUIBUPAVR2Iu1XmZFjNHNLuQTacPkfq9qOeXm2w6U3ZTMIjtMvPwziqnY
XhRiCXVGRoMOSEBVYkBs7jLYv0wO99oMOfwJKVOJVh5EAr4N6SZW6Y9JxNU/W7Mk
KJ+rqjd+5VIcgiCipHrs5Ga03mUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT4DfRq
zY2M+zEpvlFDtlyIZKsK9zAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
NzM2YWE2MGUtZDRlMi00Y2E1LWI5NmItYzY0ZDhmYTE4ZGMxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEATPgujAN
BgkqhkiG9w0BAQsFAAOCAQEAwBFYBWjYtKpa3o/g2QhIiai/0C+olAIlDDdhWzT7
NSSsWXZxjtzfdcnNAlHb4fwLyjsDjNsRcsIWNGsb4jA1dvrCgQg8Iwu13veZYz2T
zwk9NRp/AOeUdEUlxSf0nW48mfmUntSGAxiXFhoZE0MPPyc9pF+uqPALRjZ4JGYB
sePm5M7u2bV9yoh1i10UhESC7aI1uxSgTiWgjdlJZqhwgYvuLAqkYE+NQJQ+dQqH
8mNgZimuYmw5jYXWT+ZUXJhP/h4MlNIpppFcqqug549cC//OIUfvz358Y2WoW1s4
GJ0IpbXKUiaMPCjhNm9VaXY70siIa8TP0+nSoUHl6taggA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:07:42 2026 by rpki-client