Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/e46fa6c1-9fa9-45b2-a661-fa14136ac407.roa
File: e46fa6c1-9fa9-45b2-a661-fa14136ac407.roa (raw, json)
Hash identifier: 0dxUfl/rguQWrrduMqZBctNlMFYwAiuiCn3jmX8WJPQ=
Subject key identifier: 85:FC:9C:CD:D9:D4:B5:49:E4:C7:99:30:FE:8E:2B:1D:42:06:D9:09
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 469D1C99A88CBA494C612722B95C1285CFE4955D
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/e46fa6c1-9fa9-45b2-a661-fa14136ac407.roa
Signing time: Thu 26 Feb 2026 02:00:33 +0000
ROA not before: Thu 26 Feb 2026 02:00:33 +0000
ROA not after: Wed 27 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.252.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:9d:1c:99:a8:8c:ba:49:4c:61:27:22:b9:5c:12:85:cf:e4:95:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: Feb 26 02:00:33 2026 GMT
Not After : May 27 23:59:59 2026 GMT
Subject: serialNumber=9057b6a8fd84d6986853ff675075126e505c78dd2d867b2110679358310b6b48, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:b9:da:39:c6:5d:40:7f:cf:fb:c3:8f:01:74:
39:a2:1f:d4:db:03:85:2a:45:d2:15:87:24:79:1f:
5b:b2:56:cd:01:b4:84:6c:ae:57:0f:69:32:ad:31:
f8:06:ef:91:08:7e:0a:a9:9c:cf:9d:29:b8:a5:19:
5a:db:4a:32:8b:6f:70:58:76:f8:23:3d:64:77:75:
c7:6d:22:43:80:a2:6f:0f:38:b5:78:81:ea:c8:54:
ca:ff:31:bf:c5:00:c9:66:f6:ed:65:ca:85:12:1b:
9e:87:bf:42:c6:d1:46:11:f2:1b:e9:a3:1c:e9:73:
59:d1:ed:cb:af:cd:a1:78:36:17:76:30:2b:18:57:
10:29:13:6f:15:74:ad:d7:45:d4:5e:a5:22:26:e5:
fd:a3:13:1c:7e:a6:71:e5:47:c4:0e:08:24:4a:26:
95:7b:d9:b8:b4:e3:ff:11:9f:f5:44:8f:c0:63:f3:
c8:f5:31:6e:25:6c:c3:b3:2a:9e:02:5f:0e:59:5e:
fc:3d:74:42:1f:f7:6e:71:e8:1c:2e:b0:a7:68:12:
eb:14:90:77:57:1e:b1:41:83:ee:c1:c8:08:90:f9:
4f:6d:46:12:a0:92:fb:77:8c:11:88:ec:fd:4d:68:
6c:49:ea:18:38:47:6b:62:24:01:de:1a:bf:e7:41:
0e:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:FC:9C:CD:D9:D4:B5:49:E4:C7:99:30:FE:8E:2B:1D:42:06:D9:09
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/e46fa6c1-9fa9-45b2-a661-fa14136ac407.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.252.0/22
Signature Algorithm: sha256WithRSAEncryption
3a:f2:84:dc:d1:b7:88:db:ab:d2:83:db:ff:52:29:18:93:80:
08:55:c4:07:e5:fa:16:21:b9:dd:51:39:d5:0c:6d:66:bb:0d:
97:5f:66:2c:6e:d6:05:ea:f0:2d:41:0c:f8:a0:ab:a9:6e:50:
d2:b0:48:e5:1e:8d:21:0f:8e:d4:22:fb:70:ac:a2:f0:ec:c6:
94:3b:1a:6f:46:3f:bf:d3:57:2d:9d:87:b1:8e:e4:47:df:75:
f6:66:98:29:b1:f6:3a:77:a6:0d:fd:01:4b:7b:02:68:ec:07:
b5:89:b9:4d:2f:a4:c9:43:15:8c:1e:44:fa:93:66:2d:4e:c9:
0e:5f:ca:12:a2:25:8b:cb:03:81:c2:2b:a0:e2:ca:46:14:cb:
9b:01:7d:d6:b5:9d:84:d1:6f:2e:3b:c7:d5:c9:32:5b:b0:58:
ee:8d:ca:be:1e:ba:66:31:09:86:e7:c3:1e:1a:43:ea:e9:ac:
50:16:55:32:91:b2:e0:0a:70:08:c2:33:39:a6:f9:2a:e2:75:
ff:9e:e3:a3:33:84:dc:42:87:b5:76:f4:26:07:9b:4e:32:53:
ce:e9:72:41:d3:82:2d:a3:ea:58:c6:5b:71:04:5d:c5:68:8c:
56:b8:1d:fb:20:b2:06:6f:f3:16:db:ac:e0:17:f7:7b:22:86:
03:e4:b1:04
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIURp0cmaiMuklMYSciuVwShc/klV0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjAyMjYwMjAwMzNaFw0yNjA1MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDkwNTdiNmE4ZmQ4NGQ2OTg2ODUzZmY2NzUwNzUxMjZlNTA1Yzc4ZGQyZDg2
N2IyMTEwNjc5MzU4MzEwYjZiNDgxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALa52jnGXUB/z/vDjwF0OaIf1NsDhSpF0hWHJHkfW7JWzQG0hGyuVw9pMq0x
+AbvkQh+Cqmcz50puKUZWttKMotvcFh2+CM9ZHd1x20iQ4Cibw84tXiB6shUyv8x
v8UAyWb27WXKhRIbnoe/QsbRRhHyG+mjHOlzWdHty6/NoXg2F3YwKxhXECkTbxV0
rddF1F6lIibl/aMTHH6mceVHxA4IJEomlXvZuLTj/xGf9USPwGPzyPUxbiVsw7Mq
ngJfDlle/D10Qh/3bnHoHC6wp2gS6xSQd1cesUGD7sHICJD5T21GEqCS+3eMEYjs
/U1obEnqGDhHa2IkAd4av+dBDqkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSF/JzN
2dS1SeTHmTD+jisdQgbZCTAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
ZTQ2ZmE2YzEtOWZhOS00NWIyLWE2NjEtZmExNDEzNmFjNDA3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAjMA/DAN
BgkqhkiG9w0BAQsFAAOCAQEAOvKE3NG3iNur0oPb/1IpGJOACFXEB+X6FiG53VE5
1QxtZrsNl19mLG7WBerwLUEM+KCrqW5Q0rBI5R6NIQ+O1CL7cKyi8OzGlDsab0Y/
v9NXLZ2HsY7kR9919maYKbH2OnemDf0BS3sCaOwHtYm5TS+kyUMVjB5E+pNmLU7J
Dl/KEqIli8sDgcIroOLKRhTLmwF91rWdhNFvLjvH1ckyW7BY7o3Kvh66ZjEJhufD
HhpD6umsUBZVMpGy4ApwCMIzOab5KuJ1/57jozOE3EKHtXb0JgebTjJTzulyQdOC
LaPqWMZbcQRdxWiMVrgd+yCyBm/zFtus4Bf3eyKGA+SxBA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:35:43 2026 by rpki-client