Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/d81257e7-f66c-41ee-8a09-4bc7bb164d60.roa
File: d81257e7-f66c-41ee-8a09-4bc7bb164d60.roa (raw, json)
Hash identifier: //KHea3Z56WJFzcPGaLFe27aLL8CXTbh33ksJLNIhUU=
Subject key identifier: A0:4E:E3:85:06:5F:FB:B8:7F:40:63:56:AD:49:05:82:59:13:FB:8C
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 7A2A063FAC295EF61DDC5ECE791B25EBF1EBEB1A
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/d81257e7-f66c-41ee-8a09-4bc7bb164d60.roa
Signing time: Thu 07 May 2026 15:46:46 +0000
ROA not before: Thu 07 May 2026 15:46:46 +0000
ROA not after: Wed 05 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.74.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:2a:06:3f:ac:29:5e:f6:1d:dc:5e:ce:79:1b:25:eb:f1:eb:eb:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: May 7 15:46:46 2026 GMT
Not After : Aug 5 23:59:59 2026 GMT
Subject: serialNumber=d4829db7aaa79615116433d5454d312f5bb77d4159d18ece02084583fe8e811c, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ef:e2:f8:cc:72:18:5d:8a:39:8e:30:83:c1:
2e:47:1e:e8:93:2b:c4:5c:3b:c5:03:c2:2d:1a:43:
06:60:17:00:fd:59:87:31:19:88:5d:d3:2f:2a:a5:
a4:d2:15:42:82:1d:83:bb:34:59:72:be:69:9a:bc:
bc:e7:bb:39:12:b9:e9:19:7c:68:c7:44:6b:f3:fb:
c8:0b:fc:b3:79:7f:be:7d:0a:42:c6:dc:bd:d2:b9:
4e:39:59:07:3f:76:76:c5:2a:de:ba:41:55:fd:1a:
f2:94:13:98:09:3c:82:22:7f:16:42:19:bc:87:20:
64:f8:3e:a2:8a:ec:58:c1:d4:73:9f:bc:93:30:b9:
77:0c:dd:2a:c5:3a:dc:93:49:60:6e:a6:8e:5c:47:
17:1b:c5:9c:67:97:86:cc:4f:ac:f7:af:42:8f:24:
d7:af:8c:0c:5b:74:d6:e8:2d:6d:ad:6c:d9:11:98:
e6:c1:1f:32:82:1b:c7:1a:f7:69:52:84:da:05:33:
31:0c:16:ca:a9:74:da:14:54:9b:1e:8e:67:8c:dd:
f4:ca:29:94:c5:93:88:fd:c8:f0:75:43:a8:df:79:
a6:ad:ce:62:fe:11:61:02:c2:fc:c9:e5:df:9c:65:
97:6e:52:62:bd:3c:f0:3d:c9:cb:00:11:8a:8f:46:
b0:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:4E:E3:85:06:5F:FB:B8:7F:40:63:56:AD:49:05:82:59:13:FB:8C
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/d81257e7-f66c-41ee-8a09-4bc7bb164d60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.74.0.0/16
Signature Algorithm: sha256WithRSAEncryption
72:60:aa:d6:1c:f0:a4:70:5e:d1:59:cd:ae:da:90:e3:b8:07:
ea:7d:18:06:dd:4b:ef:65:43:93:c6:c5:3f:da:53:dc:8a:50:
8b:38:f2:03:58:3b:3e:c0:04:54:30:33:06:1c:a2:44:8c:ad:
a0:8a:88:51:02:77:80:db:de:f7:92:2b:aa:f1:0e:f4:41:21:
13:35:d1:b8:c7:5b:23:da:e2:7f:ae:ba:33:3d:29:72:12:83:
df:66:b3:66:4e:66:0a:a7:b7:e6:c2:3a:f4:e1:91:d7:38:3e:
b0:fe:cb:d7:ed:c1:ba:cd:37:d0:a6:38:d0:e0:0b:28:75:9f:
3e:85:42:bd:2e:91:57:b7:d7:2b:1a:39:84:a1:14:be:27:59:
26:e3:f7:b1:3c:b1:af:01:74:6e:6e:b3:f0:0d:d2:27:4a:e6:
b7:22:e4:0c:c9:ac:f2:ed:9c:32:e5:4e:d9:f5:38:cf:03:44:
78:86:a0:2d:56:21:91:28:af:6f:dc:bd:c3:fe:0b:38:71:18:
fa:45:93:15:7c:cb:3a:04:5f:37:cc:ee:e3:de:bb:a3:0a:50:
bd:23:34:18:13:43:ae:d1:92:e0:40:b6:b7:ab:08:b4:a1:0a:
f9:bc:63:60:37:22:11:dc:25:a3:50:58:dd:bd:03:44:42:54:
26:95:fd:db
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUeioGP6wpXvYd3F7OeRsl6/Hr6xowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjA1MDcxNTQ2NDZaFw0yNjA4MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ0ODI5ZGI3YWFhNzk2MTUxMTY0MzNkNTQ1NGQzMTJmNWJiNzdkNDE1OWQx
OGVjZTAyMDg0NTgzZmU4ZTgxMWMxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALTv4vjMchhdijmOMIPBLkce6JMrxFw7xQPCLRpDBmAXAP1ZhzEZiF3TLyql
pNIVQoIdg7s0WXK+aZq8vOe7ORK56Rl8aMdEa/P7yAv8s3l/vn0KQsbcvdK5TjlZ
Bz92dsUq3rpBVf0a8pQTmAk8giJ/FkIZvIcgZPg+oorsWMHUc5+8kzC5dwzdKsU6
3JNJYG6mjlxHFxvFnGeXhsxPrPevQo8k16+MDFt01ugtba1s2RGY5sEfMoIbxxr3
aVKE2gUzMQwWyql02hRUmx6OZ4zd9MoplMWTiP3I8HVDqN95pq3OYv4RYQLC/Mnl
35xll25SYr088D3JywARio9GsDMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSgTuOF
Bl/7uH9AY1atSQWCWRP7jDAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
ZDgxMjU3ZTctZjY2Yy00MWVlLThhMDktNGJjN2JiMTY0ZDYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNKMA0G
CSqGSIb3DQEBCwUAA4IBAQByYKrWHPCkcF7RWc2u2pDjuAfqfRgG3UvvZUOTxsU/
2lPcilCLOPIDWDs+wARUMDMGHKJEjK2giohRAneA2973kiuq8Q70QSETNdG4x1sj
2uJ/rrozPSlyEoPfZrNmTmYKp7fmwjr04ZHXOD6w/svX7cG6zTfQpjjQ4AsodZ8+
hUK9LpFXt9crGjmEoRS+J1km4/exPLGvAXRubrPwDdInSua3IuQMyazy7Zwy5U7Z
9TjPA0R4hqAtViGRKK9v3L3D/gs4cRj6RZMVfMs6BF83zO7j3rujClC9IzQYE0Ou
0ZLgQLa3qwi0oQr5vGNgNyIR3CWjUFjdvQNEQlQmlf3b
-----END CERTIFICATE-----
Generated at Tue May 12 21:53:46 2026 by rpki-client