Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/9508712f-fe65-409d-b359-edec9d80231f.roa
File: 9508712f-fe65-409d-b359-edec9d80231f.roa (raw, json)
Hash identifier: K6d4xaxa9f6BB2V99+6aaOMZ0qFBujuWEWjvFY4qpSs=
Subject key identifier: B8:DD:A1:9E:2A:C8:D6:1B:41:D4:78:B9:C2:38:C2:E4:CC:FD:6D:52
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 2229F51202D4BB1D974A02BA7B143C18351A51D1
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/9508712f-fe65-409d-b359-edec9d80231f.roa
Signing time: Thu 07 May 2026 15:46:46 +0000
ROA not before: Thu 07 May 2026 15:46:46 +0000
ROA not after: Wed 05 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.74.192.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:29:f5:12:02:d4:bb:1d:97:4a:02:ba:7b:14:3c:18:35:1a:51:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: May 7 15:46:46 2026 GMT
Not After : Aug 5 23:59:59 2026 GMT
Subject: serialNumber=a468d27ee22a14814890ce7b9d8626e2f78a285cd81d7e6cb94fffada72f901a, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:0a:e8:2d:3c:37:dd:f1:e3:9c:a9:03:63:77:
d8:92:d8:90:0d:b8:0f:ba:5c:1e:bc:a1:e6:35:80:
82:59:3b:89:95:b3:b7:69:60:3e:1b:4f:33:d2:fe:
29:be:09:5b:f7:7c:dd:fe:d8:30:f8:65:19:f4:7f:
a4:21:94:e3:cb:68:76:ba:1f:9e:18:e6:e7:02:b8:
b2:a9:5a:d7:74:d2:f6:1e:b4:79:51:fb:e7:43:49:
f6:b5:3d:48:e1:88:74:bb:56:f6:a5:ee:cd:44:60:
51:b2:dc:6d:fb:29:e3:38:82:4c:ca:02:8a:14:f7:
d5:5b:19:1f:8f:38:a1:e6:83:1a:2f:c8:fb:31:d7:
3b:21:54:c8:76:cd:ab:f7:1c:12:47:13:38:7c:e0:
31:de:f0:00:9b:e5:0f:9b:a4:99:e1:a6:be:56:f0:
8d:16:ee:4e:c3:a2:23:04:32:aa:c4:c8:0b:3a:45:
3d:28:12:ea:d8:73:d1:10:21:5b:b3:e4:c1:c8:91:
ee:5b:fc:60:97:da:b6:e9:dc:5b:bd:8f:45:43:c6:
62:bf:0d:08:c3:42:33:7e:6f:35:a5:be:ed:a6:56:
1f:46:cf:3c:fc:b4:77:1f:83:dc:01:36:5c:ca:88:
e7:98:fc:de:77:4f:c8:99:ef:0a:68:39:f9:52:38:
76:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:DD:A1:9E:2A:C8:D6:1B:41:D4:78:B9:C2:38:C2:E4:CC:FD:6D:52
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/9508712f-fe65-409d-b359-edec9d80231f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.74.192.0/18
Signature Algorithm: sha256WithRSAEncryption
25:a7:03:f0:00:8b:36:fa:9e:8b:03:4d:3a:f6:ff:d3:8e:15:
db:c2:2a:11:48:82:b3:a2:60:1a:17:ed:bd:cc:85:80:7f:fc:
43:e3:55:1b:11:f7:e9:e9:59:8f:5a:f1:3f:f5:70:38:d8:73:
18:3d:d1:30:34:ba:3b:17:23:73:7a:b4:18:4d:94:4c:8c:ee:
64:1e:90:3c:16:22:98:79:88:e5:fc:b5:8e:a2:eb:bf:3a:84:
f2:8d:0b:7e:94:9e:57:70:14:a3:c2:39:11:14:2c:23:3f:30:
52:56:c1:1b:9c:40:79:2c:b5:51:84:a5:62:33:42:41:e1:9e:
f2:45:d4:6e:ed:94:cf:c9:1f:cd:c3:35:d1:f3:2f:1c:09:2f:
6a:1b:6a:31:1a:da:7f:d7:ef:35:fc:32:fd:78:9c:7d:e1:69:
18:c8:03:e4:bd:e3:1c:d2:4a:72:47:9c:ad:b4:09:74:ab:5c:
e6:02:bb:97:14:ef:c9:e3:4b:cc:db:5b:10:62:5f:7c:5a:89:
2c:55:4b:52:27:3d:ff:72:0e:f3:a4:05:40:c7:d5:b8:b6:a9:
87:d2:22:90:48:a3:54:29:76:c3:5d:2e:ce:01:6e:c2:37:1b:
0d:d0:97:c4:68:1c:cf:49:13:90:13:9f:72:9f:77:76:18:01:
8d:d1:49:25
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUIin1EgLUux2XSgK6exQ8GDUaUdEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjA1MDcxNTQ2NDZaFw0yNjA4MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGE0NjhkMjdlZTIyYTE0ODE0ODkwY2U3YjlkODYyNmUyZjc4YTI4NWNkODFk
N2U2Y2I5NGZmZmFkYTcyZjkwMWExLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKcK6C08N93x45ypA2N32JLYkA24D7pcHryh5jWAglk7iZWzt2lgPhtPM9L+
Kb4JW/d83f7YMPhlGfR/pCGU48todrofnhjm5wK4sqla13TS9h60eVH750NJ9rU9
SOGIdLtW9qXuzURgUbLcbfsp4ziCTMoCihT31VsZH484oeaDGi/I+zHXOyFUyHbN
q/ccEkcTOHzgMd7wAJvlD5ukmeGmvlbwjRbuTsOiIwQyqsTICzpFPSgS6thz0RAh
W7PkwciR7lv8YJfatuncW72PRUPGYr8NCMNCM35vNaW+7aZWH0bPPPy0dx+D3AE2
XMqI55j83ndPyJnvCmg5+VI4dpECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBS43aGe
KsjWG0HUeLnCOMLkzP1tUjAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
OTUwODcxMmYtZmU2NS00MDlkLWIzNTktZWRlYzlkODAyMzFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBjNKwDAN
BgkqhkiG9w0BAQsFAAOCAQEAJacD8ACLNvqeiwNNOvb/044V28IqEUiCs6JgGhft
vcyFgH/8Q+NVGxH36elZj1rxP/VwONhzGD3RMDS6Oxcjc3q0GE2UTIzuZB6QPBYi
mHmI5fy1jqLrvzqE8o0LfpSeV3AUo8I5ERQsIz8wUlbBG5xAeSy1UYSlYjNCQeGe
8kXUbu2Uz8kfzcM10fMvHAkvahtqMRraf9fvNfwy/XicfeFpGMgD5L3jHNJKckec
rbQJdKtc5gK7lxTvyeNLzNtbEGJffFqJLFVLUic9/3IO86QFQMfVuLaph9IikEij
VCl2w10uzgFuwjcbDdCXxGgcz0kTkBOfcp93dhgBjdFJJQ==
-----END CERTIFICATE-----
Generated at Tue May 12 21:53:50 2026 by rpki-client