Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/2bdbaa29-cc56-4293-9c64-b4245c939f65.roa
File: 2bdbaa29-cc56-4293-9c64-b4245c939f65.roa (raw, json)
Hash identifier: uqX0IJEVUH1Cd69A3exZpkad74s2MjR6/PRZG3IDPOk=
Subject key identifier: D9:0D:9B:75:13:7B:30:21:E1:3C:31:8B:AD:BD:D0:2A:B3:64:62:3C
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 33F29CDF41F824CA9E32EFA166F7E1E7CB73F289
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/2bdbaa29-cc56-4293-9c64-b4245c939f65.roa
Signing time: Tue 28 Apr 2026 00:10:07 +0000
ROA not before: Tue 28 Apr 2026 00:10:07 +0000
ROA not after: Mon 27 Jul 2026 23:59:59 +0000
asID: 14618
IP address blocks: 51.74.16.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:f2:9c:df:41:f8:24:ca:9e:32:ef:a1:66:f7:e1:e7:cb:73:f2:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: Apr 28 00:10:07 2026 GMT
Not After : Jul 27 23:59:59 2026 GMT
Subject: serialNumber=d8d5a599bc24a46575b52f3aad397c18a221f7fcd7ecd225dee57c4bf8cc04da, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:da:a3:29:51:d5:7a:ae:28:11:27:b1:78:0a:
bf:7c:21:1c:73:24:74:01:c8:ba:3b:1c:ba:b4:4b:
38:f1:28:7d:21:d7:d5:3a:d9:15:30:d8:57:c4:df:
a7:63:d4:da:25:6f:ac:18:b1:74:0d:a9:3d:28:42:
39:6d:7d:48:12:72:fb:83:c6:9e:93:3f:de:95:bd:
8a:3e:a4:75:3c:39:05:48:9e:42:e3:95:43:be:30:
ab:f2:85:e4:ec:b6:6d:8d:aa:28:18:a7:65:42:8a:
46:8d:98:7a:2f:25:ea:94:32:79:40:d1:0b:92:c0:
48:de:ea:9e:c9:e8:72:a7:c8:92:74:c0:50:8a:b2:
14:4c:a0:4f:41:7e:22:83:97:f7:2f:b6:e3:29:4a:
3e:ec:5c:24:ab:d9:92:e8:c4:04:20:57:ca:71:30:
0b:4a:e1:ae:88:39:0f:64:f2:5c:46:e2:90:ef:67:
d4:e8:9e:b6:8d:21:3d:43:f6:66:e8:47:30:ff:ec:
c0:95:5c:e1:f4:a1:7e:94:cf:10:a2:93:3e:aa:fa:
3c:4e:6b:15:f1:9f:2a:5a:08:51:44:39:38:a8:10:
9f:0d:cf:00:ac:d5:40:0f:ab:81:3b:00:59:21:07:
10:b5:c9:a7:7f:5a:cc:32:eb:b0:4f:dc:3f:5b:f9:
39:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:0D:9B:75:13:7B:30:21:E1:3C:31:8B:AD:BD:D0:2A:B3:64:62:3C
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/2bdbaa29-cc56-4293-9c64-b4245c939f65.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.74.16.0/24
Signature Algorithm: sha256WithRSAEncryption
02:29:cd:93:e9:8e:17:f9:47:65:66:71:22:43:df:8b:92:a2:
56:f9:4f:94:b5:a1:c0:b0:ce:16:14:36:93:f7:c3:7d:46:04:
20:e5:7e:96:e6:97:dd:be:2e:37:cc:65:e3:74:71:35:7e:77:
18:77:4e:3e:c0:0e:20:2b:ab:3d:be:51:06:3d:89:30:f4:7c:
d5:8c:b1:04:7a:e0:02:c2:00:66:19:07:79:96:b6:b7:98:1f:
e1:99:9f:b0:c6:c8:e5:a9:84:ad:f5:bb:b1:a0:43:b5:e8:96:
73:12:20:16:88:d0:56:78:df:6d:dc:70:37:90:a9:01:39:79:
18:8a:d0:a4:b9:de:74:19:1c:a3:cd:c0:cc:15:6b:7d:76:aa:
16:0c:f4:90:87:1f:6b:12:4f:a1:2e:02:82:e0:ff:ac:03:c0:
f3:76:12:a6:41:17:f4:1d:be:96:8e:40:a5:9f:cf:90:ea:8f:
12:e6:9d:c4:d7:9a:34:3e:db:ae:99:22:3c:af:24:7d:90:c5:
6e:8d:59:58:c4:42:6a:dc:7f:7e:a2:8e:1e:37:83:12:3b:ff:
13:51:3c:ed:17:06:7d:c1:50:40:78:95:aa:15:29:bd:9f:3c:
83:bd:84:29:0a:c6:4e:48:b9:5d:e0:7c:b1:a9:c7:84:76:93:
e4:e0:64:1b
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUM/Kc30H4JMqeMu+hZvfh58tz8okwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjA0MjgwMDEwMDdaFw0yNjA3MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ4ZDVhNTk5YmMyNGE0NjU3NWI1MmYzYWFkMzk3YzE4YTIyMWY3ZmNkN2Vj
ZDIyNWRlZTU3YzRiZjhjYzA0ZGExLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJTaoylR1XquKBEnsXgKv3whHHMkdAHIujscurRLOPEofSHX1TrZFTDYV8Tf
p2PU2iVvrBixdA2pPShCOW19SBJy+4PGnpM/3pW9ij6kdTw5BUieQuOVQ74wq/KF
5Oy2bY2qKBinZUKKRo2Yei8l6pQyeUDRC5LASN7qnsnocqfIknTAUIqyFEygT0F+
IoOX9y+24ylKPuxcJKvZkujEBCBXynEwC0rhrog5D2TyXEbikO9n1Oieto0hPUP2
ZuhHMP/swJVc4fShfpTPEKKTPqr6PE5rFfGfKloIUUQ5OKgQnw3PAKzVQA+rgTsA
WSEHELXJp39azDLrsE/cP1v5ObMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTZDZt1
E3swIeE8MYutvdAqs2RiPDAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
MmJkYmFhMjktY2M1Ni00MjkzLTljNjQtYjQyNDVjOTM5ZjY1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADNKEDAN
BgkqhkiG9w0BAQsFAAOCAQEAAinNk+mOF/lHZWZxIkPfi5KiVvlPlLWhwLDOFhQ2
k/fDfUYEIOV+luaX3b4uN8xl43RxNX53GHdOPsAOICurPb5RBj2JMPR81YyxBHrg
AsIAZhkHeZa2t5gf4ZmfsMbI5amErfW7saBDteiWcxIgFojQVnjfbdxwN5CpATl5
GIrQpLnedBkco83AzBVrfXaqFgz0kIcfaxJPoS4CguD/rAPA83YSpkEX9B2+lo5A
pZ/PkOqPEuadxNeaND7brpkiPK8kfZDFbo1ZWMRCatx/fqKOHjeDEjv/E1E87RcG
fcFQQHiVqhUpvZ88g72EKQrGTki5XeB8sanHhHaT5OBkGw==
-----END CERTIFICATE-----
Generated at Tue May 12 23:19:20 2026 by rpki-client