Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/19e6d59b-798d-488a-9fdb-94bb0d14ceb6.roa
File: 19e6d59b-798d-488a-9fdb-94bb0d14ceb6.roa (raw, json)
Hash identifier: S3zaAi4eulDJxDw2I24KEfG8hEt1L8moEwC9D8NJMQc=
Subject key identifier: ED:A6:26:80:18:F1:26:5D:2A:7A:78:C2:94:36:6C:A1:10:AA:F9:8C
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 24DFF6AC545E67AC2742D79B30EBFBD34E947ECD
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/19e6d59b-798d-488a-9fdb-94bb0d14ceb6.roa
Signing time: Mon 11 May 2026 01:30:12 +0000
ROA not before: Mon 11 May 2026 01:30:12 +0000
ROA not after: Sun 09 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:2800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:df:f6:ac:54:5e:67:ac:27:42:d7:9b:30:eb:fb:d3:4e:94:7e:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: May 11 01:30:12 2026 GMT
Not After : Aug 9 23:59:59 2026 GMT
Subject: serialNumber=7aefa63e72097a1f3248fdf4e8ba45dc57fcc7c5f34048e59778b3c0d940126e, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:34:49:f6:51:d7:2b:f7:ab:a8:ae:cf:93:b5:
63:5b:64:10:a5:12:3c:97:8c:48:aa:c1:c0:a4:a5:
4f:8f:58:70:fb:35:a7:4d:bd:74:23:3f:37:6a:40:
2a:2a:0d:9a:bd:63:55:5b:eb:da:a8:be:09:6c:37:
d6:1a:bd:08:e9:3c:9f:fa:7c:65:aa:f9:d9:9a:98:
01:b1:b9:61:e5:be:05:9d:f0:fc:80:bd:31:3b:78:
0e:98:c7:82:13:5d:dd:30:52:73:d4:93:1f:ae:92:
d2:d4:3c:8e:dd:c8:5a:40:34:88:27:50:ae:ba:92:
b4:80:ad:ea:74:cc:1c:d0:37:42:c6:41:be:58:f0:
1a:98:6d:2c:5a:dc:10:f0:f9:33:9c:1a:e6:c6:cf:
5e:29:9a:5c:19:24:e5:6e:0d:a3:eb:a5:c5:79:ca:
a5:08:76:e2:b8:f2:f3:df:a8:af:15:6a:7a:ec:84:
4b:fd:be:38:75:ea:eb:30:54:da:4a:4d:34:b3:aa:
9c:4f:ef:8c:d0:67:eb:a5:49:75:6e:e9:56:7b:2f:
72:24:05:fb:4a:40:fa:ee:21:15:cc:c6:ed:e1:c9:
68:12:b2:1f:a2:c2:ad:83:f6:c7:72:85:cd:52:a6:
5a:47:86:1e:19:d6:51:b2:33:ec:7f:91:f2:17:5c:
c6:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:A6:26:80:18:F1:26:5D:2A:7A:78:C2:94:36:6C:A1:10:AA:F9:8C
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/19e6d59b-798d-488a-9fdb-94bb0d14ceb6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:2800::/40
Signature Algorithm: sha256WithRSAEncryption
28:4c:ef:b7:b1:62:a6:30:14:07:c0:5c:cd:62:df:04:32:5a:
a2:81:dc:2d:9e:fb:6e:e8:b5:90:fd:24:35:79:83:c3:59:e5:
fc:63:8a:e9:dd:16:78:ba:b9:2f:87:6f:f1:82:fa:b4:2c:90:
fc:07:e8:de:4f:2e:5d:8e:24:6a:92:41:65:71:82:a1:91:02:
f4:fa:7b:f6:1b:eb:d9:31:ec:5e:b7:ec:11:1c:4e:32:8e:b0:
af:ba:b7:a5:b3:a8:a9:94:ad:2c:20:2b:f5:8c:15:2b:c4:2a:
90:59:7c:1e:96:16:85:2d:de:00:e1:fb:69:4c:aa:58:00:5d:
f2:60:58:19:76:af:01:1f:d1:3a:fa:95:76:61:aa:04:cf:4d:
d4:c9:dd:ad:f5:28:7d:56:f3:1a:36:de:3f:ba:f1:8c:b6:21:
0f:e2:94:a7:12:56:d8:23:28:c0:03:ad:d9:48:7c:09:dc:fe:
9f:73:4e:8f:07:a5:9f:d2:47:29:3d:f0:d0:e9:c7:ba:1b:73:
22:ed:05:8c:42:f5:b1:89:a1:bd:f0:21:11:2a:57:c4:c5:4c:
50:1f:dc:06:66:73:31:0d:cf:69:d3:34:64:c9:80:18:86:24:
6f:e5:b5:25:a1:86:9a:1d:39:8b:b0:2d:6b:6c:13:89:66:c1:
e5:ae:bf:f5
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJN/2rFReZ6wnQtebMOv7006Ufs0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjA1MTEwMTMwMTJaFw0yNjA4MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDdhZWZhNjNlNzIwOTdhMWYzMjQ4ZmRmNGU4YmE0NWRjNTdmY2M3YzVmMzQw
NDhlNTk3NzhiM2MwZDk0MDEyNmUxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL80SfZR1yv3q6iuz5O1Y1tkEKUSPJeMSKrBwKSlT49YcPs1p029dCM/N2pA
KioNmr1jVVvr2qi+CWw31hq9COk8n/p8Zar52ZqYAbG5YeW+BZ3w/IC9MTt4DpjH
ghNd3TBSc9STH66S0tQ8jt3IWkA0iCdQrrqStICt6nTMHNA3QsZBvljwGphtLFrc
EPD5M5wa5sbPXimaXBkk5W4No+ulxXnKpQh24rjy89+orxVqeuyES/2+OHXq6zBU
2kpNNLOqnE/vjNBn66VJdW7pVnsvciQF+0pA+u4hFczG7eHJaBKyH6LCrYP2x3KF
zVKmWkeGHhnWUbIz7H+R8hdcxvkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTtpiaA
GPEmXSp6eMKUNmyhEKr5jDAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
MTllNmQ1OWItNzk4ZC00ODhhLTlmZGItOTRiYjBkMTRjZWI2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8co
MA0GCSqGSIb3DQEBCwUAA4IBAQAoTO+3sWKmMBQHwFzNYt8EMlqigdwtnvtu6LWQ
/SQ1eYPDWeX8Y4rp3RZ4urkvh2/xgvq0LJD8B+jeTy5djiRqkkFlcYKhkQL0+nv2
G+vZMexet+wRHE4yjrCvurels6iplK0sICv1jBUrxCqQWXwelhaFLd4A4ftpTKpY
AF3yYFgZdq8BH9E6+pV2YaoEz03Uyd2t9Sh9VvMaNt4/uvGMtiEP4pSnElbYIyjA
A63ZSHwJ3P6fc06PB6Wf0kcpPfDQ6ce6G3Mi7QWMQvWxiaG98CERKlfExUxQH9wG
ZnMxDc9p0zRkyYAYhiRv5bUloYaaHTmLsC1rbBOJZsHlrr/1
-----END CERTIFICATE-----
Generated at Tue May 12 22:22:52 2026 by rpki-client