Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/970baa53-c4dc-4c2a-96d5-cb4107d1d8ab.roa
File: 970baa53-c4dc-4c2a-96d5-cb4107d1d8ab.roa (raw, json)
Hash identifier: ndT7gOy+1AsWHfwWen/vgddRz2mVfMrSVeeyFmW8kuk=
Subject key identifier: C7:C6:B6:14:33:82:95:D4:08:2B:2F:EF:27:E8:94:19:B2:8C:15:E6
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 050D47BF8B955162AFDF4981FE4B1BB191C6BDF0
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/970baa53-c4dc-4c2a-96d5-cb4107d1d8ab.roa
Signing time: Thu 26 Feb 2026 02:00:38 +0000
ROA not before: Thu 26 Feb 2026 02:00:38 +0000
ROA not after: Wed 27 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.16.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:0d:47:bf:8b:95:51:62:af:df:49:81:fe:4b:1b:b1:91:c6:bd:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: Feb 26 02:00:38 2026 GMT
Not After : May 27 23:59:59 2026 GMT
Subject: serialNumber=c09653dbfa78e8a6e0b25049e695b88c339e90bbda696e1d0930cce5d8d47987, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:4e:bf:04:e2:51:2f:02:a2:c3:e3:02:bf:41:
d1:eb:ac:03:d4:bb:35:7f:27:bc:31:cb:e6:dc:db:
80:a5:e2:5c:73:87:4c:41:c5:21:ea:9f:6d:f8:ee:
43:b0:74:8d:4c:9b:83:72:16:0a:24:27:5a:29:2c:
b4:dc:d0:2f:6d:fb:42:86:c2:03:00:5d:0c:1f:45:
3e:4d:8c:64:89:55:22:e1:03:59:ec:e9:c4:ef:89:
60:ac:3a:3f:b5:62:de:d7:a6:f1:56:21:70:4c:eb:
24:a3:c9:0b:06:82:0a:33:90:66:d3:e5:38:54:86:
1a:7b:1e:ab:67:5b:34:d2:94:1c:ea:c4:73:7b:ab:
1f:1d:2a:cc:a2:18:fa:93:30:da:af:5e:d9:10:73:
8c:4e:3d:c7:63:0b:d1:f8:62:77:c3:3f:43:aa:46:
5c:12:5e:e1:27:fe:e7:3d:94:db:86:7b:2f:13:0b:
44:be:d2:6d:f6:ee:f4:ef:37:ab:cf:53:0a:17:bf:
ef:fb:a1:2a:44:bb:5a:cf:e8:9c:99:ec:fb:7f:6d:
65:8a:5f:09:9a:31:02:ea:95:d5:ef:6c:e0:68:fe:
e6:db:d3:fa:55:7e:c5:5d:ea:ae:3a:9e:7c:c3:c2:
3d:ef:88:c9:a1:4a:8d:a5:5d:f3:4d:a3:f4:37:de:
af:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:C6:B6:14:33:82:95:D4:08:2B:2F:EF:27:E8:94:19:B2:8C:15:E6
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/970baa53-c4dc-4c2a-96d5-cb4107d1d8ab.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.16.0/21
Signature Algorithm: sha256WithRSAEncryption
2e:e8:38:84:15:f8:d8:f0:cf:21:cd:ec:86:c1:a4:d7:75:2f:
e4:37:3b:e5:04:a4:c7:d1:38:e3:3d:ad:b3:fb:b1:ab:b9:84:
c4:17:bf:09:05:f4:f1:da:46:92:c3:74:49:a7:ea:f0:72:be:
8a:ce:8e:35:54:0f:9e:6a:82:16:04:3e:47:0a:e8:c5:da:58:
37:1b:ce:eb:81:80:a7:c8:6c:9e:af:84:d7:25:8f:f7:e0:0f:
de:5d:63:63:66:41:09:40:0f:34:5a:68:8b:e9:d2:c6:14:8a:
05:ab:39:47:25:5a:f9:ca:26:f8:c6:85:30:a4:bc:ba:ef:b6:
da:c4:1d:a7:8c:66:57:04:67:e8:2d:c3:fb:38:6d:71:f5:f9:
e4:11:9e:b5:08:d1:c0:c8:63:4b:82:07:b6:c0:0c:20:ce:82:
63:3d:67:4d:02:3e:1f:32:43:78:37:b9:47:d9:18:68:4e:ee:
8e:e9:18:5e:a9:44:41:e1:23:48:6e:ca:91:7d:58:22:1e:91:
69:c3:c3:d3:04:3f:db:bb:11:e0:3c:6b:82:8b:b3:1f:b3:b3:
53:03:de:e4:73:20:17:dd:46:08:e6:b2:b4:b8:ea:11:c0:cc:
5b:fd:ec:c0:32:84:53:6d:2a:d6:1b:4d:15:f8:cf:c5:ef:b8:
f9:07:73:e1
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUBQ1Hv4uVUWKv30mB/ksbsZHGvfAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjAyMjYwMjAwMzhaFw0yNjA1MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQGMwOTY1M2RiZmE3OGU4YTZlMGIyNTA0OWU2OTViODhjMzM5ZTkwYmJkYTY5
NmUxZDA5MzBjY2U1ZDhkNDc5ODcxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI5OvwTiUS8CosPjAr9B0eusA9S7NX8nvDHL5tzbgKXiXHOHTEHFIeqfbfju
Q7B0jUybg3IWCiQnWikstNzQL237QobCAwBdDB9FPk2MZIlVIuEDWezpxO+JYKw6
P7Vi3tem8VYhcEzrJKPJCwaCCjOQZtPlOFSGGnseq2dbNNKUHOrEc3urHx0qzKIY
+pMw2q9e2RBzjE49x2ML0fhid8M/Q6pGXBJe4Sf+5z2U24Z7LxMLRL7Sbfbu9O83
q89TChe/7/uhKkS7Ws/onJns+39tZYpfCZoxAuqV1e9s4Gj+5tvT+lV+xV3qrjqe
fMPCPe+IyaFKjaVd802j9DferxcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTHxrYU
M4KV1AgrL+8n6JQZsowV5jAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
OTcwYmFhNTMtYzRkYy00YzJhLTk2ZDUtY2I0MTA3ZDFkOGFiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzMAEDAN
BgkqhkiG9w0BAQsFAAOCAQEALug4hBX42PDPIc3shsGk13Uv5Dc75QSkx9E44z2t
s/uxq7mExBe/CQX08dpGksN0Safq8HK+is6ONVQPnmqCFgQ+RwroxdpYNxvO64GA
p8hsnq+E1yWP9+AP3l1jY2ZBCUAPNFpoi+nSxhSKBas5RyVa+com+MaFMKS8uu+2
2sQdp4xmVwRn6C3D+zhtcfX55BGetQjRwMhjS4IHtsAMIM6CYz1nTQI+HzJDeDe5
R9kYaE7ujukYXqlEQeEjSG7KkX1YIh6RacPD0wQ/27sR4DxrgouzH7OzUwPe5HMg
F91GCOaytLjqEcDMW/3swDKEU20q1htNFfjPxe+4+Qdz4Q==
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:12:56 2026 by rpki-client