Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/63b5c934-2f43-477b-85d8-563b35f97cf3.roa
File: 63b5c934-2f43-477b-85d8-563b35f97cf3.roa (raw, json)
Hash identifier: 9ehY20eS40XCQe7YyrZnAriqF2uTXYxvp66vtejit3E=
Subject key identifier: C3:CC:BD:9F:94:A4:41:34:F0:5C:3B:71:AB:03:97:97:12:90:FC:07
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 7A30FB4D56D7BFE96963F3544DA7DA0D3AA19DF1
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/63b5c934-2f43-477b-85d8-563b35f97cf3.roa
Signing time: Mon 11 May 2026 01:30:14 +0000
ROA not before: Mon 11 May 2026 01:30:14 +0000
ROA not after: Sun 09 Aug 2026 23:59:59 +0000
asID: 8987
IP address blocks: 2001:3fc4::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:30:fb:4d:56:d7:bf:e9:69:63:f3:54:4d:a7:da:0d:3a:a1:9d:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: May 11 01:30:14 2026 GMT
Not After : Aug 9 23:59:59 2026 GMT
Subject: serialNumber=774f3680ba21e092853ef243124281fcbbc453294896fd0f4b085d477209bb08, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:7e:be:50:d8:ab:9e:bc:e3:b2:7d:9a:fa:2e:
a9:fd:65:5f:ae:94:0a:ed:42:d0:6b:cb:33:c0:20:
e7:83:c7:e2:eb:d2:5f:7a:25:a7:29:9e:a6:33:7f:
d0:37:6d:9c:27:ee:78:f0:15:40:ad:81:c7:32:18:
34:1d:ef:04:74:87:ef:20:f0:94:77:3b:9f:3c:3b:
61:45:ab:0f:e8:0a:ea:32:57:a2:6d:23:49:44:e6:
fc:aa:08:d2:ae:ab:f6:24:49:89:9c:70:1e:1c:d7:
0d:ce:75:16:23:12:58:93:35:35:89:b9:11:b0:ac:
4a:7a:a9:17:60:71:60:ee:13:98:26:a4:0e:36:86:
42:c8:41:9e:1f:21:55:d0:b0:21:35:c8:2b:77:cd:
21:08:a1:4f:07:71:db:8d:25:d4:b5:0d:5f:e7:dc:
a2:3a:6f:3b:b4:65:c9:06:db:ef:f0:4d:7b:52:81:
43:ff:40:de:a6:f9:db:54:31:a7:ec:65:26:02:53:
90:9a:47:02:c4:71:55:c7:11:1a:97:cd:27:6e:33:
63:7e:81:56:a8:80:5b:83:5d:8e:c3:0c:ea:92:65:
df:a0:4b:ba:1a:8a:5a:4f:9a:c9:24:4d:34:dd:ef:
e9:c3:b5:4d:00:cf:0d:b7:67:8b:12:31:39:df:d6:
6a:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:CC:BD:9F:94:A4:41:34:F0:5C:3B:71:AB:03:97:97:12:90:FC:07
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/63b5c934-2f43-477b-85d8-563b35f97cf3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc4::/36
Signature Algorithm: sha256WithRSAEncryption
33:ce:86:87:8e:27:1b:ae:c4:08:0b:0b:3c:b4:20:30:e9:cc:
4a:66:2e:48:ec:53:46:74:42:6b:c5:bc:3f:c3:c5:9f:7a:ff:
1d:72:8f:a6:97:2f:2e:37:6a:d6:c8:46:b9:a1:d9:c9:ad:d4:
cb:a7:44:e0:70:4d:5b:60:ad:f7:24:3d:16:2d:5c:45:b9:10:
4a:8d:53:57:74:b5:86:5c:69:37:88:b2:f9:fc:d3:89:71:a6:
96:03:ad:dd:a7:75:99:90:90:40:25:95:db:b6:fb:16:00:18:
e1:f7:7d:fa:a7:88:9e:3b:e3:10:2a:04:14:49:6d:f5:6f:ce:
76:e5:0d:92:fa:76:d9:36:b2:98:1b:98:e6:a2:7c:76:ae:bc:
c5:93:d5:46:c2:01:5e:58:af:bd:aa:83:28:34:01:2c:6d:77:
84:c6:b9:ba:17:d6:0d:e8:6f:93:77:0b:68:07:7a:33:28:06:
bf:f6:2b:4e:68:35:e6:72:52:ee:cd:cf:c6:a8:a7:77:cd:b5:
31:2d:3c:94:bf:5b:ef:b2:4e:22:55:65:a7:ef:e2:be:59:9c:
df:9c:3d:4e:97:2a:0a:56:4f:c2:c2:4f:3b:23:12:c5:77:e7:
54:51:70:f8:1f:ff:04:af:c6:9f:b5:13:f2:16:26:41:7b:1b:
32:9b:f7:71
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUejD7TVbXv+lpY/NUTafaDTqhnfEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjA1MTEwMTMwMTRaFw0yNjA4MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDc3NGYzNjgwYmEyMWUwOTI4NTNlZjI0MzEyNDI4MWZjYmJjNDUzMjk0ODk2
ZmQwZjRiMDg1ZDQ3NzIwOWJiMDgxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJR+vlDYq56847J9mvouqf1lX66UCu1C0GvLM8Ag54PH4uvSX3olpymepjN/
0DdtnCfuePAVQK2BxzIYNB3vBHSH7yDwlHc7nzw7YUWrD+gK6jJXom0jSUTm/KoI
0q6r9iRJiZxwHhzXDc51FiMSWJM1NYm5EbCsSnqpF2BxYO4TmCakDjaGQshBnh8h
VdCwITXIK3fNIQihTwdx240l1LUNX+fcojpvO7RlyQbb7/BNe1KBQ/9A3qb521Qx
p+xlJgJTkJpHAsRxVccRGpfNJ24zY36BVqiAW4NdjsMM6pJl36BLuhqKWk+aySRN
NN3v6cO1TQDPDbdnixIxOd/WajcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTDzL2f
lKRBNPBcO3GrA5eXEpD8BzAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
NjNiNWM5MzQtMmY0My00NzdiLTg1ZDgtNTYzYjM1Zjk3Y2YzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8QA
MA0GCSqGSIb3DQEBCwUAA4IBAQAzzoaHjicbrsQICws8tCAw6cxKZi5I7FNGdEJr
xbw/w8Wfev8dco+mly8uN2rWyEa5odnJrdTLp0TgcE1bYK33JD0WLVxFuRBKjVNX
dLWGXGk3iLL5/NOJcaaWA63dp3WZkJBAJZXbtvsWABjh9336p4ieO+MQKgQUSW31
b8525Q2S+nbZNrKYG5jmonx2rrzFk9VGwgFeWK+9qoMoNAEsbXeExrm6F9YN6G+T
dwtoB3ozKAa/9itOaDXmclLuzc/GqKd3zbUxLTyUv1vvsk4iVWWn7+K+WZzfnD1O
lyoKVk/Cwk87IxLFd+dUUXD4H/8Er8aftRPyFiZBexsym/dx
-----END CERTIFICATE-----
Generated at Tue May 12 23:16:46 2026 by rpki-client