Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/4f44e9d0-7921-4145-bdf5-4d07a4d0688d.roa
File: 4f44e9d0-7921-4145-bdf5-4d07a4d0688d.roa (raw, json)
Hash identifier: bcAShp6gzGsqRCJxXf3FXQQNJ//D1wYRbRF8zxikw4Q=
Subject key identifier: 83:AD:D2:89:9D:7B:34:73:CC:11:8B:BD:D5:DC:4C:45:18:7E:36:62
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 1F010E7F03524CCEC1869C3B9F1C4CFE4541CC8D
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/4f44e9d0-7921-4145-bdf5-4d07a4d0688d.roa
Signing time: Mon 11 May 2026 01:40:36 +0000
ROA not before: Mon 11 May 2026 01:40:36 +0000
ROA not after: Sun 09 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:4000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:01:0e:7f:03:52:4c:ce:c1:86:9c:3b:9f:1c:4c:fe:45:41:cc:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: May 11 01:40:36 2026 GMT
Not After : Aug 9 23:59:59 2026 GMT
Subject: serialNumber=2d5bd29e4f568f7a0948a661170af30a10b822020d5f61250ba5d3ab6f396698, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:d0:7c:ad:6e:ec:0c:08:6b:70:ad:90:76:c1:
96:eb:c2:2d:94:9d:a8:51:f0:f9:1b:de:c4:75:31:
92:84:22:af:fd:f1:62:28:c0:63:12:68:c5:00:22:
8f:a8:d6:b9:d4:b9:c4:9d:eb:e1:b0:04:89:dc:36:
d7:a8:ae:a5:8f:34:f5:d2:1b:05:24:ae:5a:ce:14:
1d:61:44:0f:92:83:7c:84:af:fe:14:b8:0b:76:7e:
c1:e5:87:80:95:42:e5:66:6a:bf:02:84:0b:ca:6d:
4b:ec:05:0e:c1:46:22:16:ac:c9:c4:b7:7c:65:6e:
79:e8:1c:49:63:5a:0e:86:af:6a:04:6f:41:21:3b:
df:04:be:cf:d7:c6:fe:fb:5a:bf:14:75:23:bc:5d:
41:80:6f:e7:f3:32:b3:fa:14:94:6e:ba:1e:d6:1f:
8a:50:c6:ea:58:03:68:8e:f3:a6:5d:8c:ef:9c:1c:
09:cd:b6:51:56:60:54:2b:a6:cd:60:58:00:4a:f5:
7c:1b:91:ae:6f:05:79:53:b6:eb:f3:f4:a0:41:ab:
9e:ee:6b:03:0f:f8:31:78:29:b9:e6:9d:42:31:b9:
13:c8:1d:7b:f8:9b:95:7c:7b:9d:94:76:4d:30:04:
c7:5d:cf:5e:72:75:a0:3c:cf:52:09:bf:3f:a1:ef:
93:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:AD:D2:89:9D:7B:34:73:CC:11:8B:BD:D5:DC:4C:45:18:7E:36:62
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/4f44e9d0-7921-4145-bdf5-4d07a4d0688d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:4000::/36
Signature Algorithm: sha256WithRSAEncryption
c3:83:34:38:ff:00:44:5e:78:13:d9:fa:57:a8:44:c9:f1:1c:
61:b4:d4:ac:0b:c2:14:51:90:34:51:2a:a3:be:be:c2:26:29:
51:eb:29:98:5d:48:7e:10:86:ef:c5:5f:52:1a:ae:cd:43:d2:
9f:02:70:81:2f:ca:bc:ca:20:ba:c7:15:36:ce:41:a5:81:8d:
76:d5:d2:d6:0b:5c:41:3e:04:eb:79:60:69:3e:6e:21:67:0f:
0d:6f:32:f3:40:9b:32:25:32:03:b2:a5:da:91:44:0a:81:28:
37:e6:7f:cb:71:a6:af:5d:5f:2b:00:c5:d3:7c:3d:ce:3a:d9:
5b:0f:6a:ae:b5:2d:c3:ac:3d:ba:6a:4b:06:5d:27:17:75:6e:
40:66:06:42:7d:e5:c7:48:2c:f0:86:ae:6d:d8:3d:c9:24:74:
7a:e4:5e:63:4e:7a:a1:56:58:82:80:c3:54:cf:55:da:e6:f0:
d6:21:3f:b4:4e:ec:65:8c:c5:29:80:dd:98:fa:c4:ea:74:d7:
a3:ba:1d:6d:a6:76:50:27:43:f4:3d:e2:b2:7c:ed:95:cb:08:
c0:0a:0c:ee:9d:8f:94:40:83:af:0b:bb:f2:41:1a:7f:b8:1a:
7d:19:bc:29:f3:b1:c2:f9:63:76:c6:8c:7b:f7:4f:c0:ed:8b:
e7:30:05:77
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHwEOfwNSTM7Bhpw7nxxM/kVBzI0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjA1MTEwMTQwMzZaFw0yNjA4MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDJkNWJkMjllNGY1NjhmN2EwOTQ4YTY2MTE3MGFmMzBhMTBiODIyMDIwZDVm
NjEyNTBiYTVkM2FiNmYzOTY2OTgxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALfQfK1u7AwIa3CtkHbBluvCLZSdqFHw+RvexHUxkoQir/3xYijAYxJoxQAi
j6jWudS5xJ3r4bAEidw216iupY809dIbBSSuWs4UHWFED5KDfISv/hS4C3Z+weWH
gJVC5WZqvwKEC8ptS+wFDsFGIhasycS3fGVueegcSWNaDoavagRvQSE73wS+z9fG
/vtavxR1I7xdQYBv5/Mys/oUlG66HtYfilDG6lgDaI7zpl2M75wcCc22UVZgVCum
zWBYAEr1fBuRrm8FeVO26/P0oEGrnu5rAw/4MXgpueadQjG5E8gde/iblXx7nZR2
TTAEx13PXnJ1oDzPUgm/P6Hvk4kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSDrdKJ
nXs0c8wRi73V3ExFGH42YjAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
NGY0NGU5ZDAtNzkyMS00MTQ1LWJkZjUtNGQwN2E0ZDA2ODhkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8dA
MA0GCSqGSIb3DQEBCwUAA4IBAQDDgzQ4/wBEXngT2fpXqETJ8RxhtNSsC8IUUZA0
USqjvr7CJilR6ymYXUh+EIbvxV9SGq7NQ9KfAnCBL8q8yiC6xxU2zkGlgY121dLW
C1xBPgTreWBpPm4hZw8NbzLzQJsyJTIDsqXakUQKgSg35n/LcaavXV8rAMXTfD3O
OtlbD2qutS3DrD26aksGXScXdW5AZgZCfeXHSCzwhq5t2D3JJHR65F5jTnqhVliC
gMNUz1Xa5vDWIT+0TuxljMUpgN2Y+sTqdNejuh1tpnZQJ0P0PeKyfO2VywjACgzu
nY+UQIOvC7vyQRp/uBp9Gbwp87HC+WN2xox790/A7YvnMAV3
-----END CERTIFICATE-----
Generated at Tue May 12 23:17:37 2026 by rpki-client