Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/77c679c8-2cc0-4e9b-b3da-c3315ea2711c.roa
File: 77c679c8-2cc0-4e9b-b3da-c3315ea2711c.roa (raw, json)
Hash identifier: /yV4rdPBK83Tue0vS6AiZmYXjPZxGvoP9oOVfFYGqwc=
Subject key identifier: EA:16:56:F6:49:B5:3E:AC:01:CF:E7:3A:F4:7D:72:8A:E9:F8:51:86
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 22C6E99ABC3103A85D9D857A6CA61AA88831FC43
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/77c679c8-2cc0-4e9b-b3da-c3315ea2711c.roa
Signing time: Thu 26 Feb 2026 02:00:10 +0000
ROA not before: Thu 26 Feb 2026 02:00:10 +0000
ROA not after: Wed 27 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.140.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:c6:e9:9a:bc:31:03:a8:5d:9d:85:7a:6c:a6:1a:a8:88:31:fc:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: Feb 26 02:00:10 2026 GMT
Not After : May 27 23:59:59 2026 GMT
Subject: serialNumber=8af0cdafad9f207d40a22eb9087e6e114ed19bd926d8d3b82712aef55c76e74d, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:5d:a9:3d:ce:b6:3b:d9:a5:97:72:33:08:41:
ac:42:4c:81:f9:9a:cb:29:5e:34:9a:56:af:c8:0c:
5c:9e:7a:af:90:e1:c8:6b:0e:d4:cf:1b:55:a4:a1:
31:8e:7f:f2:b0:64:bb:9c:45:88:51:c5:a5:d9:2c:
6e:67:27:55:3f:de:38:43:3d:fa:b2:c2:0f:af:2c:
54:5a:c4:90:f6:a2:67:fd:8a:99:c6:32:8a:3e:9b:
e3:bf:81:7a:f6:a1:35:d0:82:53:3f:5a:a8:e1:4b:
90:11:b3:91:84:0b:02:aa:d7:5d:16:f3:70:3c:c8:
64:55:4f:78:fa:d8:9a:da:95:a7:58:db:c1:c1:77:
75:a2:1f:60:55:44:fe:30:6b:b2:fe:af:60:18:d3:
ee:53:e3:3d:70:57:55:f2:c2:fc:93:d2:fd:bc:26:
60:ef:23:d5:40:c7:d2:ac:1f:65:4b:98:7a:72:ce:
25:b0:00:c1:98:f6:9b:1b:70:98:63:89:13:af:ad:
b3:ca:be:7a:dc:4e:48:f3:92:32:40:39:0a:ec:66:
d1:ca:45:45:66:60:c7:49:c6:6e:6e:47:08:f4:76:
5b:34:4c:f1:f5:e8:2d:6d:5f:7a:8c:93:b9:c8:a9:
26:e6:b1:2c:e3:b2:2b:60:1c:68:67:62:1c:50:5c:
8b:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:16:56:F6:49:B5:3E:AC:01:CF:E7:3A:F4:7D:72:8A:E9:F8:51:86
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/77c679c8-2cc0-4e9b-b3da-c3315ea2711c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.140.0/23
Signature Algorithm: sha256WithRSAEncryption
2c:c1:78:bd:d6:36:95:59:05:1d:ae:17:82:d9:9b:99:a9:b8:
36:2e:24:a5:35:69:d7:03:7b:b2:62:74:b2:53:61:0f:1a:1d:
ff:54:c0:f0:8e:b3:f2:0f:7b:32:7a:2a:fb:a6:90:ac:c3:82:
ce:f5:44:9d:82:57:72:d9:ee:9d:57:1d:06:c7:6d:a9:09:06:
52:61:ac:cc:2f:f2:83:62:7a:8b:ca:4c:13:57:38:b2:16:60:
8e:06:a5:be:87:2d:d0:12:6f:1a:97:be:a9:00:c0:89:82:a4:
c0:cb:13:89:0a:5d:6f:6f:ce:c3:22:b0:07:61:4d:3f:a6:82:
96:50:3e:81:2c:02:8a:cc:37:b0:f6:6c:1b:f8:c9:84:b1:39:
4d:6c:1b:b0:67:14:16:8f:af:07:08:ee:4c:04:ae:63:40:8a:
4f:42:bd:ee:41:06:96:1c:41:ae:f4:bb:98:62:20:b1:bf:35:
01:8d:ce:84:61:f0:d8:39:a2:d4:14:80:e2:82:fe:11:1c:a2:
b2:44:25:60:f3:69:5e:e0:29:ca:14:c1:e7:63:82:0c:5c:e4:
81:d2:bb:b0:63:fb:ca:2f:58:97:c1:8d:1e:8a:8b:f8:16:be:
dc:89:11:62:16:e6:e7:9c:ee:69:e4:ca:a2:34:91:d5:50:ed:
3a:12:d8:2f
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUIsbpmrwxA6hdnYV6bKYaqIgx/EMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjAyMjYwMjAwMTBaFw0yNjA1MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDhhZjBjZGFmYWQ5ZjIwN2Q0MGEyMmViOTA4N2U2ZTExNGVkMTliZDkyNmQ4
ZDNiODI3MTJhZWY1NWM3NmU3NGQxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKRdqT3OtjvZpZdyMwhBrEJMgfmayyleNJpWr8gMXJ56r5DhyGsO1M8bVaSh
MY5/8rBku5xFiFHFpdksbmcnVT/eOEM9+rLCD68sVFrEkPaiZ/2KmcYyij6b47+B
evahNdCCUz9aqOFLkBGzkYQLAqrXXRbzcDzIZFVPePrYmtqVp1jbwcF3daIfYFVE
/jBrsv6vYBjT7lPjPXBXVfLC/JPS/bwmYO8j1UDH0qwfZUuYenLOJbAAwZj2mxtw
mGOJE6+ts8q+etxOSPOSMkA5Cuxm0cpFRWZgx0nGbm5HCPR2WzRM8fXoLW1feoyT
ucipJuaxLOOyK2AcaGdiHFBci0MCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTqFlb2
SbU+rAHP5zr0fXKK6fhRhjAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
NzdjNjc5YzgtMmNjMC00ZTliLWIzZGEtYzMzMTVlYTI3MTFjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEATMAjDAN
BgkqhkiG9w0BAQsFAAOCAQEALMF4vdY2lVkFHa4Xgtmbmam4Ni4kpTVp1wN7smJ0
slNhDxod/1TA8I6z8g97Mnoq+6aQrMOCzvVEnYJXctnunVcdBsdtqQkGUmGszC/y
g2J6i8pME1c4shZgjgalvoct0BJvGpe+qQDAiYKkwMsTiQpdb2/OwyKwB2FNP6aC
llA+gSwCisw3sPZsG/jJhLE5TWwbsGcUFo+vBwjuTASuY0CKT0K97kEGlhxBrvS7
mGIgsb81AY3OhGHw2Dmi1BSA4oL+ERyiskQlYPNpXuApyhTB52OCDFzkgdK7sGP7
yi9Yl8GNHoqL+Ba+3IkRYhbm55zuaeTKojSR1VDtOhLYLw==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:44:05 2026 by rpki-client