Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/6ada7e3e-42a2-45fa-873f-bceaed65b832.roa
File: 6ada7e3e-42a2-45fa-873f-bceaed65b832.roa (raw, json)
Hash identifier: eopOdzE7uVUXNkRppeBrTF2g5DUnHV/I5e/qiRUg58s=
Subject key identifier: 86:3B:61:51:24:2C:A4:CE:FD:F8:28:6C:12:61:71:FB:36:1B:2D:99
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 71C34DB09E87297B41B7E69B9B8A5360D0CDB521
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/6ada7e3e-42a2-45fa-873f-bceaed65b832.roa
Signing time: Mon 11 May 2026 01:40:06 +0000
ROA not before: Mon 11 May 2026 01:40:06 +0000
ROA not after: Sun 09 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc1:8000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:c3:4d:b0:9e:87:29:7b:41:b7:e6:9b:9b:8a:53:60:d0:cd:b5:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: May 11 01:40:06 2026 GMT
Not After : Aug 9 23:59:59 2026 GMT
Subject: serialNumber=504a0bab3f1d06eee833ad412ecf3931f4cef8ddc80881f8d52f003bb2b35ccd, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:12:65:7e:a6:65:7c:ca:58:7b:24:76:26:bc:
dc:ab:3d:69:59:f4:1b:4b:00:80:68:e6:fa:df:23:
88:2f:19:ec:05:56:a8:fe:a9:af:f4:09:22:fa:ba:
7e:d9:04:9d:e9:5e:ca:26:c8:ba:43:0a:6b:0b:cd:
3f:aa:4a:02:36:f1:4b:f7:f6:8b:fc:25:b9:c8:3c:
4a:37:12:0b:0c:81:39:de:0a:7b:39:0f:d0:96:38:
63:2f:6c:51:bc:f5:4a:78:c1:a5:1d:2b:6c:0a:84:
ea:93:d3:fb:1b:c9:3e:9c:1f:51:32:88:be:9b:f0:
ca:eb:f1:f9:c2:a1:ba:ce:73:a6:0c:8a:61:7f:fd:
05:72:bb:36:93:b8:4d:f0:36:11:ec:18:d6:43:60:
be:11:2b:54:29:c0:4b:13:46:a1:00:31:dc:1c:4c:
dc:be:2b:84:a7:df:ea:2a:38:f3:da:2f:72:3f:b6:
91:28:27:71:27:49:dc:06:a8:50:84:2b:6c:01:ac:
ab:9f:17:67:71:ea:fb:66:7e:ee:39:c2:6b:ee:d8:
75:26:f3:cc:67:6c:a5:86:8f:14:05:67:31:6f:29:
0c:7f:2c:93:f7:2a:48:81:c4:8d:c7:d9:1e:9f:42:
36:dd:01:15:bb:c8:21:cd:ba:54:50:ec:40:ed:c9:
e1:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:3B:61:51:24:2C:A4:CE:FD:F8:28:6C:12:61:71:FB:36:1B:2D:99
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/6ada7e3e-42a2-45fa-873f-bceaed65b832.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc1:8000::/36
Signature Algorithm: sha256WithRSAEncryption
8e:de:9d:8d:2e:a9:dd:44:b9:09:23:a0:5e:36:25:bb:27:6c:
2e:f8:4e:42:94:86:55:60:96:13:6e:db:e8:55:95:df:c6:8f:
bd:77:aa:04:7b:15:3b:ea:0c:0d:c4:9c:91:6f:77:29:ed:96:
2c:1d:26:18:14:40:79:df:87:29:bb:11:66:e2:b2:90:ca:51:
34:ea:8c:60:0c:13:fc:53:c2:07:a0:d9:0b:b5:f3:8a:86:0c:
ff:70:c7:8e:b5:89:e7:83:02:70:1c:fd:69:ba:db:19:b7:c8:
06:8f:c4:52:18:7c:a5:25:9f:98:16:39:85:0d:c8:ac:84:7a:
d3:26:c6:ea:fc:31:b7:f7:21:77:a5:1a:84:cb:26:1a:a5:78:
4f:15:9b:06:49:2b:77:ed:21:00:6e:8e:36:e5:42:23:fe:df:
c9:be:bc:41:84:93:7f:5d:2e:b4:17:2c:89:f9:9e:ba:e9:9f:
e6:96:da:e0:0e:b7:11:9d:a4:a7:1e:7c:09:9f:3a:41:de:20:
cb:00:26:f2:65:54:ef:63:92:90:e6:1c:9b:dc:f0:ac:95:6f:
77:c9:b4:33:46:8d:28:23:9d:97:35:cb:38:65:df:da:e7:d3:
f0:5a:02:a5:b0:f7:0e:61:1b:68:79:06:db:47:83:4e:a0:46:
c6:6f:7d:02
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUccNNsJ6HKXtBt+abm4pTYNDNtSEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjA1MTEwMTQwMDZaFw0yNjA4MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDUwNGEwYmFiM2YxZDA2ZWVlODMzYWQ0MTJlY2YzOTMxZjRjZWY4ZGRjODA4
ODFmOGQ1MmYwMDNiYjJiMzVjY2QxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI0SZX6mZXzKWHskdia83Ks9aVn0G0sAgGjm+t8jiC8Z7AVWqP6pr/QJIvq6
ftkEneleyibIukMKawvNP6pKAjbxS/f2i/wlucg8SjcSCwyBOd4KezkP0JY4Yy9s
Ubz1SnjBpR0rbAqE6pPT+xvJPpwfUTKIvpvwyuvx+cKhus5zpgyKYX/9BXK7NpO4
TfA2EewY1kNgvhErVCnASxNGoQAx3BxM3L4rhKff6io489ovcj+2kSgncSdJ3Aao
UIQrbAGsq58XZ3Hq+2Z+7jnCa+7YdSbzzGdspYaPFAVnMW8pDH8sk/cqSIHEjcfZ
Hp9CNt0BFbvIIc26VFDsQO3J4Q8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSGO2FR
JCykzv34KGwSYXH7NhstmTAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
NmFkYTdlM2UtNDJhMi00NWZhLTg3M2YtYmNlYWVkNjViODMyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8GA
MA0GCSqGSIb3DQEBCwUAA4IBAQCO3p2NLqndRLkJI6BeNiW7J2wu+E5ClIZVYJYT
btvoVZXfxo+9d6oEexU76gwNxJyRb3cp7ZYsHSYYFEB534cpuxFm4rKQylE06oxg
DBP8U8IHoNkLtfOKhgz/cMeOtYnngwJwHP1putsZt8gGj8RSGHylJZ+YFjmFDcis
hHrTJsbq/DG39yF3pRqEyyYapXhPFZsGSSt37SEAbo425UIj/t/JvrxBhJN/XS60
FyyJ+Z666Z/mltrgDrcRnaSnHnwJnzpB3iDLACbyZVTvY5KQ5hyb3PCslW93ybQz
Ro0oI52XNcs4Zd/a59PwWgKlsPcOYRtoeQbbR4NOoEbGb30C
-----END CERTIFICATE-----
Generated at Tue May 12 22:37:29 2026 by rpki-client