Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/03d664ef-00cb-439a-9c30-e8eedca3e7fb.roa
File: 03d664ef-00cb-439a-9c30-e8eedca3e7fb.roa (raw, json)
Hash identifier: eIUrMXVyOs1DqzOgvUjy+VVUeYQyZn6i/vrFGtmZLoQ=
Subject key identifier: 86:7F:76:9A:83:07:45:80:1A:F8:06:9E:ED:C3:36:92:7D:FF:50:A6
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 07F5997B6298459216B042537F07B3DF875FAE1E
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/03d664ef-00cb-439a-9c30-e8eedca3e7fb.roa
Signing time: Mon 11 May 2026 01:30:13 +0000
ROA not before: Mon 11 May 2026 01:30:13 +0000
ROA not after: Sun 09 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc5:9800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:f5:99:7b:62:98:45:92:16:b0:42:53:7f:07:b3:df:87:5f:ae:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: May 11 01:30:13 2026 GMT
Not After : Aug 9 23:59:59 2026 GMT
Subject: serialNumber=d7a4848fd20052c9b0b8f4b9b01e7d8e9ed0516fc2702eb10f1b56bd336b7918, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:23:f9:fa:11:2c:8d:50:55:61:c9:17:ea:94:
2c:1e:c5:17:68:42:40:37:13:14:46:77:6a:a4:9f:
77:23:9b:a8:62:92:35:1d:e2:3a:d3:16:61:06:7f:
dc:77:d5:9c:39:a4:ca:c4:aa:21:b6:95:4e:bd:79:
d0:74:99:9e:59:3c:30:ce:ff:9c:16:74:c0:57:12:
ff:8e:23:e9:52:50:de:26:b3:cd:c9:9b:2b:d4:86:
37:4b:5a:5c:7a:80:b2:a1:b9:c1:b0:55:f7:85:dc:
7a:e6:a1:02:63:87:1e:11:75:1d:e9:f7:26:ac:c0:
96:f2:8b:65:a6:9d:d0:ec:87:57:12:18:b0:a4:e4:
23:a8:dd:04:5a:2e:75:f5:8d:6a:21:7a:44:bb:d2:
95:96:97:00:17:32:e3:7f:b7:27:a3:23:8a:16:29:
28:93:68:be:e1:6e:1c:50:49:d0:f9:8e:e0:2d:a3:
79:d9:d8:57:7e:f6:62:a3:54:1d:3c:3f:41:c8:04:
67:a5:8d:13:86:e8:18:16:0c:64:7b:82:a7:b5:93:
b1:26:5e:74:d0:df:8d:03:63:e2:a6:b2:24:e8:45:
3a:e8:d5:fc:b5:a9:58:e0:1d:f1:c0:68:7f:c7:b7:
d5:38:12:0f:db:9f:e0:bf:9c:58:d0:d8:97:1f:c3:
69:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:7F:76:9A:83:07:45:80:1A:F8:06:9E:ED:C3:36:92:7D:FF:50:A6
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/03d664ef-00cb-439a-9c30-e8eedca3e7fb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc5:9800::/40
Signature Algorithm: sha256WithRSAEncryption
08:ef:85:a7:c9:93:d5:bc:47:45:b3:98:43:4a:45:a1:2a:0b:
90:cb:48:a6:2a:cc:ab:f6:0a:0c:81:ec:fa:a6:85:41:d4:61:
ec:0d:76:69:ff:a2:0d:55:0c:03:47:62:03:9b:b9:3d:90:ef:
ea:49:2a:aa:ee:b7:b2:fb:9d:37:82:88:14:59:e1:2b:42:d7:
ad:c4:21:cc:1b:be:ac:b3:c9:fb:be:f3:f8:22:70:7d:cc:e6:
ea:0e:f2:c9:42:4d:09:95:dc:7d:34:97:23:b0:e1:c1:fa:89:
6e:04:57:5f:d2:8e:93:29:fc:74:e8:5e:63:ec:77:fc:58:a8:
2d:31:04:93:1a:85:1c:df:c3:1e:e1:2e:6d:64:73:fe:11:ba:
e5:a9:80:85:03:cd:58:7b:0a:04:52:fc:60:66:02:02:c5:50:
d1:2d:df:7c:5b:13:1a:df:e2:08:b6:9d:8b:02:af:6f:d2:2c:
9f:ac:7c:c1:3b:e9:a1:be:0c:f9:71:5d:77:0f:88:d8:48:b6:
93:c7:70:47:08:0d:91:ff:46:8f:9f:7b:b0:0d:9b:87:3b:9a:
e0:19:ec:dc:96:94:a4:75:04:ec:ae:f1:6f:2e:d5:f4:ca:98:
1a:92:95:b8:78:2c:c7:ac:47:9c:a4:7e:53:f1:48:e0:39:2b:
fb:66:35:56
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUB/WZe2KYRZIWsEJTfwez34dfrh4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjA1MTEwMTMwMTNaFw0yNjA4MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ3YTQ4NDhmZDIwMDUyYzliMGI4ZjRiOWIwMWU3ZDhlOWVkMDUxNmZjMjcw
MmViMTBmMWI1NmJkMzM2Yjc5MTgxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALUj+foRLI1QVWHJF+qULB7FF2hCQDcTFEZ3aqSfdyObqGKSNR3iOtMWYQZ/
3HfVnDmkysSqIbaVTr150HSZnlk8MM7/nBZ0wFcS/44j6VJQ3iazzcmbK9SGN0ta
XHqAsqG5wbBV94XceuahAmOHHhF1Hen3JqzAlvKLZaad0OyHVxIYsKTkI6jdBFou
dfWNaiF6RLvSlZaXABcy43+3J6MjihYpKJNovuFuHFBJ0PmO4C2jednYV372YqNU
HTw/QcgEZ6WNE4boGBYMZHuCp7WTsSZedNDfjQNj4qayJOhFOujV/LWpWOAd8cBo
f8e31TgSD9uf4L+cWNDYlx/DaZ8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSGf3aa
gwdFgBr4Bp7twzaSff9QpjAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
MDNkNjY0ZWYtMDBjYi00MzlhLTljMzAtZThlZWRjYTNlN2ZiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8WY
MA0GCSqGSIb3DQEBCwUAA4IBAQAI74WnyZPVvEdFs5hDSkWhKguQy0imKsyr9goM
gez6poVB1GHsDXZp/6INVQwDR2IDm7k9kO/qSSqq7rey+503gogUWeErQtetxCHM
G76ss8n7vvP4InB9zObqDvLJQk0Jldx9NJcjsOHB+oluBFdf0o6TKfx06F5j7Hf8
WKgtMQSTGoUc38Me4S5tZHP+EbrlqYCFA81YewoEUvxgZgICxVDRLd98WxMa3+II
tp2LAq9v0iyfrHzBO+mhvgz5cV13D4jYSLaTx3BHCA2R/0aPn3uwDZuHO5rgGezc
lpSkdQTsrvFvLtX0ypgakpW4eCzHrEecpH5T8UjgOSv7ZjVW
-----END CERTIFICATE-----
Generated at Tue May 12 22:35:00 2026 by rpki-client