Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/de6a2853-3803-405e-9bac-2b96eb87582d.roa
File: de6a2853-3803-405e-9bac-2b96eb87582d.roa (raw, json)
Hash identifier: fxPiYT1+BJ3rg86vsv30XsCzWx4R9fPaYoDo3/vZKZ8=
Subject key identifier: 6C:E9:6E:94:E1:12:73:B5:73:55:25:1E:6B:F5:AA:D2:59:FD:3E:DF
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 6209FEBC745A7B5E4D1712795A070972138B43FD
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/de6a2853-3803-405e-9bac-2b96eb87582d.roa
Signing time: Thu 26 Feb 2026 02:00:38 +0000
ROA not before: Thu 26 Feb 2026 02:00:38 +0000
ROA not after: Wed 27 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.30.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:09:fe:bc:74:5a:7b:5e:4d:17:12:79:5a:07:09:72:13:8b:43:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: Feb 26 02:00:38 2026 GMT
Not After : May 27 23:59:59 2026 GMT
Subject: serialNumber=e23dfdc3ccc6c5b218ab69edfa55f88becb10bdf9d46bb16345fbdcc11945faa, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:56:5f:78:18:8d:3c:67:15:f4:73:c8:d1:20:
71:cc:d5:c8:07:b5:65:53:fb:8a:92:7e:06:b3:69:
fd:fe:a3:19:87:9f:04:12:ee:87:6b:33:f8:c8:ef:
28:06:ec:e6:9a:9b:82:77:fd:b5:a2:fd:34:fd:f5:
77:54:25:bf:fa:51:fd:b7:de:77:88:fc:af:82:80:
62:2c:7d:4e:84:87:3e:5d:6b:10:13:63:c0:10:aa:
99:f3:2d:ca:55:27:65:64:34:31:80:30:5e:cb:91:
5c:79:60:59:c3:36:eb:57:ae:5b:c8:16:0e:8d:6a:
e4:d5:ac:f3:07:1a:51:52:b6:4d:15:cd:06:1f:94:
28:2c:99:76:8a:ff:d4:4b:6c:71:6e:dc:82:47:10:
46:94:a8:31:74:eb:75:a9:d7:6b:fc:e2:c2:30:ba:
17:a7:42:34:b4:95:47:aa:43:d9:7c:17:20:8a:a1:
65:e8:86:54:da:68:ad:31:b5:52:cc:cd:26:6d:6e:
6c:33:3c:6f:8b:c5:70:7e:12:c3:1f:36:d6:ab:9e:
b7:99:be:44:8f:5b:e1:31:77:73:a1:36:c4:11:29:
4d:99:63:d9:fd:87:7a:a5:67:30:f0:2b:20:b8:57:
24:19:bf:62:00:6f:ce:3c:68:b5:0e:55:53:3c:f8:
76:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:E9:6E:94:E1:12:73:B5:73:55:25:1E:6B:F5:AA:D2:59:FD:3E:DF
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/de6a2853-3803-405e-9bac-2b96eb87582d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.30.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:bf:f7:eb:fe:89:20:5c:4d:f6:d4:94:de:7d:4c:79:a9:1e:
af:00:c3:f6:42:bd:7f:d8:10:ad:e9:6b:36:1a:b3:e8:fe:4c:
c2:e3:40:c0:e6:db:8b:fc:01:0e:cd:91:3f:81:8a:6c:29:08:
0e:35:8a:10:21:b8:ad:e8:2f:40:89:aa:6d:67:e0:b5:55:67:
14:df:ea:b3:a3:a2:00:5a:50:96:90:cd:95:ea:22:70:66:48:
21:a3:43:f4:f5:52:17:50:36:cb:7b:04:48:62:32:4b:f5:80:
62:8c:4d:87:5d:6d:1e:0b:0e:99:e7:2a:2a:1f:b7:4c:96:c0:
d8:74:43:97:25:98:66:e7:27:95:6b:4d:e9:92:82:2b:6c:35:
05:f1:14:85:e1:2c:66:48:0b:59:8b:19:68:d0:3f:38:28:55:
38:5b:c5:b2:98:2d:d7:f6:b8:4c:77:57:10:7f:eb:44:98:af:
a5:a3:7e:ea:9a:a0:58:7b:c5:3f:16:04:80:dc:df:53:b0:ac:
1d:1d:74:7e:f8:4f:ea:e9:f2:46:6e:26:bf:d0:d4:5f:3c:89:
f3:20:5d:89:25:f6:2d:12:9e:df:b4:52:39:9b:67:fb:df:ad:
5e:f0:5c:6f:f5:1e:73:ef:6e:76:b9:e9:55:54:a5:fe:c1:fa:
8d:ce:fa:79
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUYgn+vHRae15NFxJ5WgcJchOLQ/0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjAyMjYwMjAwMzhaFw0yNjA1MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQGUyM2RmZGMzY2NjNmM1YjIxOGFiNjllZGZhNTVmODhiZWNiMTBiZGY5ZDQ2
YmIxNjM0NWZiZGNjMTE5NDVmYWExLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJhWX3gYjTxnFfRzyNEgcczVyAe1ZVP7ipJ+BrNp/f6jGYefBBLuh2sz+Mjv
KAbs5pqbgnf9taL9NP31d1Qlv/pR/bfed4j8r4KAYix9ToSHPl1rEBNjwBCqmfMt
ylUnZWQ0MYAwXsuRXHlgWcM261euW8gWDo1q5NWs8wcaUVK2TRXNBh+UKCyZdor/
1EtscW7cgkcQRpSoMXTrdanXa/ziwjC6F6dCNLSVR6pD2XwXIIqhZeiGVNporTG1
UszNJm1ubDM8b4vFcH4Swx821quet5m+RI9b4TF3c6E2xBEpTZlj2f2HeqVnMPAr
ILhXJBm/YgBvzjxotQ5VUzz4dlMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRs6W6U
4RJztXNVJR5r9arSWf0+3zAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
ZGU2YTI4NTMtMzgwMy00MDVlLTliYWMtMmI5NmViODc1ODJkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADMAHjAN
BgkqhkiG9w0BAQsFAAOCAQEAXL/36/6JIFxN9tSU3n1MeakerwDD9kK9f9gQrelr
Nhqz6P5MwuNAwObbi/wBDs2RP4GKbCkIDjWKECG4regvQImqbWfgtVVnFN/qs6Oi
AFpQlpDNleoicGZIIaND9PVSF1A2y3sESGIyS/WAYoxNh11tHgsOmecqKh+3TJbA
2HRDlyWYZucnlWtN6ZKCK2w1BfEUheEsZkgLWYsZaNA/OChVOFvFspgt1/a4THdX
EH/rRJivpaN+6pqgWHvFPxYEgNzfU7CsHR10fvhP6unyRm4mv9DUXzyJ8yBdiSX2
LRKe37RSOZtn+9+tXvBcb/Uec+9udrnpVVSl/sH6jc76eQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:02:06 2026 by rpki-client