Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/9fc884bc-2b9f-4180-a386-f94e759f70bf.roa
File: 9fc884bc-2b9f-4180-a386-f94e759f70bf.roa (raw, json)
Hash identifier: h/PBLRmVf4H71SbbpRbCFE2Mnj88YL9x0vKUqSPLx8Y=
Subject key identifier: 4B:4A:43:09:9B:0B:0F:25:C0:8E:B9:D2:C0:DE:43:C5:69:9F:72:D2
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 050589A7A39BB7CAEA048D398C8737EB0CF145DB
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/9fc884bc-2b9f-4180-a386-f94e759f70bf.roa
Signing time: Thu 26 Feb 2026 02:00:11 +0000
ROA not before: Thu 26 Feb 2026 02:00:11 +0000
ROA not after: Wed 27 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:05:89:a7:a3:9b:b7:ca:ea:04:8d:39:8c:87:37:eb:0c:f1:45:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: Feb 26 02:00:11 2026 GMT
Not After : May 27 23:59:59 2026 GMT
Subject: serialNumber=5bf6ec69cfd3cce51267e1de857f55d5216d38abc356adbf8efaf6f753bd2139, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:95:b1:8f:18:93:17:cc:ba:9b:17:12:c5:76:
96:f1:57:10:0f:ab:d0:2e:b8:94:4e:86:48:1e:76:
2d:04:41:33:7d:85:1a:c3:75:5a:32:58:df:7e:85:
e7:07:47:53:d7:c8:d9:1e:6f:e1:c9:cd:03:b9:7e:
d9:45:51:45:b3:cd:cd:1a:92:7f:f3:f1:d5:d6:13:
7a:d9:94:67:ad:20:87:c6:05:9b:6f:fa:f6:bf:56:
0f:7f:1f:cf:b9:af:e2:98:ea:db:06:54:11:84:97:
c3:ea:38:fa:e7:b7:17:c9:09:a9:dd:a5:4a:fb:c6:
5d:39:39:72:7c:63:52:5d:be:e0:5b:43:c1:60:2c:
05:60:04:f7:23:e5:0d:72:7d:78:b9:50:a4:80:d3:
95:54:4d:7f:6e:e6:19:3e:3f:90:d7:9b:de:b9:32:
69:20:db:b7:95:f7:e2:5a:ae:6f:76:e2:85:c1:e5:
fb:7f:81:d2:05:c6:34:66:e4:01:08:f0:81:b2:b5:
23:1a:75:d9:4f:b9:77:b1:83:aa:2b:96:15:c8:7e:
61:cb:57:34:4b:2a:df:51:41:c9:c0:8b:a0:58:97:
8c:bf:68:2e:14:61:27:d2:47:cd:8a:f0:5a:fc:7d:
d7:f5:e4:38:bb:4f:38:80:28:05:00:b3:ff:a8:4a:
ec:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:4A:43:09:9B:0B:0F:25:C0:8E:B9:D2:C0:DE:43:C5:69:9F:72:D2
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/9fc884bc-2b9f-4180-a386-f94e759f70bf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.31.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:4f:a7:69:fb:a6:8c:ca:10:9f:91:71:8b:62:b6:32:ac:42:
97:0f:96:91:bf:b7:46:6b:f3:59:5c:cd:8e:0c:3d:22:c7:b7:
1a:a9:1a:b2:64:26:43:af:68:48:5b:b3:13:84:71:d2:39:ae:
a7:cf:17:db:ee:06:c2:ad:56:63:12:65:64:11:31:85:04:f9:
14:d6:d2:d1:ec:0a:24:5c:d6:33:7e:0e:11:d6:19:9a:d2:ed:
5d:4c:0f:46:6b:a2:3c:ee:c1:e8:8b:e2:72:ca:92:f1:80:8d:
6a:6d:1f:47:c2:27:72:f7:0f:e9:0e:c9:90:6d:9e:b5:76:74:
c0:9b:17:4b:49:a6:6f:b4:0d:ca:4c:6a:64:d6:b8:91:0c:e6:
0b:0a:5d:7b:04:7b:8a:b2:56:51:4b:3b:99:df:74:c6:a2:5a:
d6:02:f0:40:6c:f1:97:64:cd:09:18:0e:ad:6e:ae:5f:ae:b3:
ec:df:74:cb:a5:5a:32:2e:ab:17:ee:95:82:47:2b:93:68:70:
3a:8f:0c:d7:9d:04:7d:2d:c2:f6:10:e2:24:01:fb:87:40:a7:
39:5d:71:ca:2c:87:2f:79:f9:80:cb:1d:25:e1:d9:70:a9:50:
be:1b:dd:7f:bc:74:e2:45:08:08:8e:01:0f:46:a3:c2:7e:72:
1c:78:2e:40
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUBQWJp6Obt8rqBI05jIc36wzxRdswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjAyMjYwMjAwMTFaFw0yNjA1MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDViZjZlYzY5Y2ZkM2NjZTUxMjY3ZTFkZTg1N2Y1NWQ1MjE2ZDM4YWJjMzU2
YWRiZjhlZmFmNmY3NTNiZDIxMzkxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKuVsY8YkxfMupsXEsV2lvFXEA+r0C64lE6GSB52LQRBM32FGsN1WjJY336F
5wdHU9fI2R5v4cnNA7l+2UVRRbPNzRqSf/Px1dYTetmUZ60gh8YFm2/69r9WD38f
z7mv4pjq2wZUEYSXw+o4+ue3F8kJqd2lSvvGXTk5cnxjUl2+4FtDwWAsBWAE9yPl
DXJ9eLlQpIDTlVRNf27mGT4/kNeb3rkyaSDbt5X34lqub3bihcHl+3+B0gXGNGbk
AQjwgbK1Ixp12U+5d7GDqiuWFch+YctXNEsq31FBycCLoFiXjL9oLhRhJ9JHzYrw
Wvx91/XkOLtPOIAoBQCz/6hK7OMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRLSkMJ
mwsPJcCOudLA3kPFaZ9y0jAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
OWZjODg0YmMtMmI5Zi00MTgwLWEzODYtZjk0ZTc1OWY3MGJmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADMAHzAN
BgkqhkiG9w0BAQsFAAOCAQEASk+nafumjMoQn5Fxi2K2MqxClw+Wkb+3RmvzWVzN
jgw9Ise3GqkasmQmQ69oSFuzE4Rx0jmup88X2+4Gwq1WYxJlZBExhQT5FNbS0ewK
JFzWM34OEdYZmtLtXUwPRmuiPO7B6IvicsqS8YCNam0fR8IncvcP6Q7JkG2etXZ0
wJsXS0mmb7QNykxqZNa4kQzmCwpdewR7irJWUUs7md90xqJa1gLwQGzxl2TNCRgO
rW6uX66z7N90y6VaMi6rF+6Vgkcrk2hwOo8M150EfS3C9hDiJAH7h0CnOV1xyiyH
L3n5gMsdJeHZcKlQvhvdf7x04kUICI4BD0ajwn5yHHguQA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:58:49 2026 by rpki-client