Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0582d0d5-4d6b-43e7-869e-df722bf70a81.roa
File: 0582d0d5-4d6b-43e7-869e-df722bf70a81.roa (raw, json)
Hash identifier: rqQ9o3SGLFr/AkRZkG++1MM6QL82dfpX45Fw3+p3Zcg=
Subject key identifier: 0C:FF:2B:BC:FB:CF:76:E7:03:9B:AD:40:14:E4:C7:73:7A:7F:1B:B6
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 68A7458B015FF69C0DF5BC0866E3B68E3728F4EF
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0582d0d5-4d6b-43e7-869e-df722bf70a81.roa
Signing time: Mon 11 May 2026 01:40:08 +0000
ROA not before: Mon 11 May 2026 01:40:08 +0000
ROA not after: Sun 09 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:2880::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:a7:45:8b:01:5f:f6:9c:0d:f5:bc:08:66:e3:b6:8e:37:28:f4:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: May 11 01:40:08 2026 GMT
Not After : Aug 9 23:59:59 2026 GMT
Subject: serialNumber=639b8438414a600e8bb0f063b103504f095d4a3e5c60b0438c2d5af5b7b42a74, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:1f:ed:67:da:c4:45:24:35:f3:37:4c:93:94:
2e:4b:d2:e7:b5:fd:d1:34:0d:79:7f:7b:cf:98:67:
63:28:4d:09:56:65:60:21:9e:29:97:e5:b3:5f:02:
db:59:68:0f:28:66:16:af:44:be:26:c1:5f:ff:43:
54:6f:7b:c4:c7:c1:b4:3a:51:a9:22:af:09:19:ff:
5d:e5:b6:8f:55:5b:58:ed:0b:a7:3a:f6:ed:2a:9c:
4d:21:a6:b6:a2:96:14:14:b4:47:96:5b:c8:09:81:
0c:f1:98:05:5b:2f:d0:b6:8b:33:3b:76:c7:12:00:
31:a4:55:79:81:11:1b:e2:f9:68:a6:e5:f3:86:74:
a8:f0:84:6e:c7:bb:d0:16:18:76:ae:e0:2c:5d:73:
e8:15:15:71:9a:1f:3e:1f:28:31:84:1e:09:5f:03:
86:66:e7:e1:18:e1:0f:33:aa:17:44:96:00:5c:34:
a0:ec:1c:3b:eb:ad:d8:ff:b6:5a:46:6c:80:4b:87:
58:1e:57:2c:cc:b0:18:8a:a3:68:13:7b:6b:4f:ec:
79:12:8d:f6:0c:ad:a3:4a:4e:1c:ec:b4:95:5d:4b:
33:19:eb:70:92:51:37:4b:cd:3e:dd:73:2f:59:b7:
a8:7e:57:99:85:f2:88:6f:68:d7:3a:3b:59:92:cc:
47:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:FF:2B:BC:FB:CF:76:E7:03:9B:AD:40:14:E4:C7:73:7A:7F:1B:B6
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0582d0d5-4d6b-43e7-869e-df722bf70a81.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:2880::/48
Signature Algorithm: sha256WithRSAEncryption
53:35:be:b6:0b:de:4a:b4:20:33:30:32:af:0f:5e:09:90:cc:
ff:43:e0:3d:8d:29:41:aa:cb:e0:47:f2:71:4b:b7:bf:76:de:
9d:36:a2:19:0d:4a:ce:5d:85:05:c6:ef:c7:c2:fb:89:be:5a:
09:75:83:10:b4:96:06:ec:23:c8:8f:cc:98:e5:2f:33:a3:d8:
c7:07:b2:86:3e:4c:5a:21:ee:27:2b:dc:be:0b:8c:88:4c:50:
1d:fd:84:23:38:7a:68:e0:9b:e3:00:57:3f:ed:b6:9f:67:9e:
2f:8e:b9:f7:5c:21:24:b1:28:ac:c4:27:ae:6a:11:d0:4e:e7:
9d:96:9c:91:e9:da:22:22:ae:50:42:1d:ff:ed:5a:32:0e:82:
7c:62:cc:35:35:ee:cc:7d:5f:ef:2b:39:6e:86:ce:cb:84:49:
b7:d6:36:51:61:5e:1e:f9:ec:9c:18:0f:5a:b0:c3:9c:d7:6a:
32:45:4a:c5:c5:fc:cc:f1:f3:2c:ec:f6:87:ec:b3:6e:4c:5d:
7e:06:0e:b5:b3:7b:60:2e:39:dc:46:4f:a1:39:4d:86:4c:a3:
6c:c5:33:33:53:85:57:ab:4a:9f:aa:7a:3d:95:c1:f6:b5:7d:
ca:d9:0a:9a:a8:98:ec:44:b7:18:a3:c5:ab:72:5e:03:4c:5b:
a4:f3:e1:51
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUaKdFiwFf9pwN9bwIZuO2jjco9O8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjA1MTEwMTQwMDhaFw0yNjA4MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDYzOWI4NDM4NDE0YTYwMGU4YmIwZjA2M2IxMDM1MDRmMDk1ZDRhM2U1YzYw
YjA0MzhjMmQ1YWY1YjdiNDJhNzQxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPQf7WfaxEUkNfM3TJOULkvS57X90TQNeX97z5hnYyhNCVZlYCGeKZfls18C
21loDyhmFq9EvibBX/9DVG97xMfBtDpRqSKvCRn/XeW2j1VbWO0Lpzr27SqcTSGm
tqKWFBS0R5ZbyAmBDPGYBVsv0LaLMzt2xxIAMaRVeYERG+L5aKbl84Z0qPCEbse7
0BYYdq7gLF1z6BUVcZofPh8oMYQeCV8Dhmbn4RjhDzOqF0SWAFw0oOwcO+ut2P+2
WkZsgEuHWB5XLMywGIqjaBN7a0/seRKN9gyto0pOHOy0lV1LMxnrcJJRN0vNPt1z
L1m3qH5XmYXyiG9o1zo7WZLMR2kCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQM/yu8
+8925wObrUAU5Mdzen8btjAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
MDU4MmQwZDUtNGQ2Yi00M2U3LTg2OWUtZGY3MjJiZjcwYTgxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8co
gDANBgkqhkiG9w0BAQsFAAOCAQEAUzW+tgveSrQgMzAyrw9eCZDM/0PgPY0pQarL
4EfycUu3v3benTaiGQ1Kzl2FBcbvx8L7ib5aCXWDELSWBuwjyI/MmOUvM6PYxwey
hj5MWiHuJyvcvguMiExQHf2EIzh6aOCb4wBXP+22n2eeL46591whJLEorMQnrmoR
0E7nnZackenaIiKuUEId/+1aMg6CfGLMNTXuzH1f7ys5bobOy4RJt9Y2UWFeHvns
nBgPWrDDnNdqMkVKxcX8zPHzLOz2h+yzbkxdfgYOtbN7YC453EZPoTlNhkyjbMUz
M1OFV6tKn6p6PZXB9rV9ytkKmqiY7ES3GKPFq3JeA0xbpPPhUQ==
-----END CERTIFICATE-----
Generated at Tue May 12 22:02:08 2026 by rpki-client