Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/6d3e02ed-2848-4dc2-a85f-00ff6a0fed88.roa
File: 6d3e02ed-2848-4dc2-a85f-00ff6a0fed88.roa (raw, json)
Hash identifier: XXwrvhuarE8cbFGhzCF76R+N2HfT/gFbSm9z6OkJPLM=
Subject key identifier: 9F:F4:F6:31:39:63:A7:3D:E6:5B:69:51:79:6C:2D:95:97:9A:22:30
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 519F2358DFE1C4B65289CB0E568E6FD7508D8D65
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/6d3e02ed-2848-4dc2-a85f-00ff6a0fed88.roa
Signing time: Mon 11 May 2026 01:40:55 +0000
ROA not before: Mon 11 May 2026 01:40:55 +0000
ROA not after: Sun 09 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc0:8c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:9f:23:58:df:e1:c4:b6:52:89:cb:0e:56:8e:6f:d7:50:8d:8d:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: May 11 01:40:55 2026 GMT
Not After : Aug 9 23:59:59 2026 GMT
Subject: serialNumber=1a86fae4a3800e1c4927606e80a3c8fe33c8e791a5cc2de21f161c641ffe7c4c, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:f2:3e:ac:84:bb:e4:e8:70:2d:92:b8:7b:8f:
50:87:30:cf:d7:5a:e0:62:c6:22:56:24:ea:ab:52:
e6:4d:69:70:b0:03:7d:1d:13:00:1a:c0:2d:d8:de:
af:3c:5d:9c:d3:5a:6d:3d:d9:fe:8f:da:e5:ef:f0:
9e:b9:e9:aa:6a:44:35:bf:81:30:29:3c:d7:6b:f2:
b8:ea:69:a4:6f:f2:cd:bd:ac:80:f5:07:c9:ed:ea:
19:da:b6:08:d5:d3:98:d5:5d:78:b1:e9:cc:b2:ab:
89:da:7a:e0:65:70:72:f6:da:09:95:82:52:ce:14:
a4:8f:ff:38:19:a2:b6:9c:c0:65:9e:f1:8e:86:11:
bf:08:59:c7:21:80:4a:57:0e:d6:63:a5:6e:24:7b:
e2:1c:a0:de:07:d2:d5:92:92:33:25:75:db:92:a4:
0a:8e:cb:f8:11:86:86:0f:7c:ed:19:2d:df:db:5e:
9f:ba:c3:9c:eb:1a:ee:d1:67:30:32:6b:6c:84:3b:
41:73:e3:f6:4f:52:66:1c:ab:d1:79:70:0e:0e:a8:
a5:4a:5c:b1:a6:c8:c8:f2:8b:c7:25:b1:c0:1d:d9:
b4:b5:77:f6:3e:12:23:bb:24:d4:91:88:ca:71:fc:
0d:7f:ca:18:e4:27:8b:17:0d:c6:47:c7:e9:33:61:
c0:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:F4:F6:31:39:63:A7:3D:E6:5B:69:51:79:6C:2D:95:97:9A:22:30
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/6d3e02ed-2848-4dc2-a85f-00ff6a0fed88.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc0:8c0::/48
Signature Algorithm: sha256WithRSAEncryption
28:8e:85:a7:72:5d:c1:4a:2b:6b:25:9d:cd:4d:b6:3f:66:96:
ab:34:95:fa:18:8d:c1:33:80:5f:45:05:99:ea:e9:71:07:49:
b7:96:07:5f:34:66:79:37:d0:a7:6f:ee:ac:56:d2:24:ac:d7:
be:18:6b:b2:73:22:64:82:3c:0e:2a:22:90:53:6a:25:73:ad:
6a:b4:10:d5:4b:14:da:36:fe:d6:81:e4:c6:59:08:b7:91:93:
ae:e4:6f:fa:57:ff:3c:6a:1e:82:0c:50:d8:c8:74:49:7a:b0:
90:87:42:aa:72:2b:4b:e2:af:cf:1f:26:0a:78:74:67:d5:06:
0f:2e:50:4f:da:d4:fd:22:41:ad:24:f3:40:f0:c0:71:82:b1:
1b:01:cf:ba:56:2f:ff:51:3c:0b:f1:50:44:ed:e8:24:d0:5d:
3f:8a:f1:1d:19:32:20:6f:a7:82:f5:2a:13:0f:3e:f0:26:e2:
d8:9b:59:50:b7:06:31:3f:a0:11:49:48:f4:ea:07:a1:5a:6f:
ea:bc:51:79:7a:7a:1f:45:8d:80:37:c1:35:f8:97:21:a0:e6:
e8:e9:6d:50:4d:7e:47:fa:ff:2e:89:1e:cc:d9:1f:1e:c5:10:
99:3a:23:01:bf:9f:a9:42:fb:06:a7:24:5e:cd:3d:4d:66:e0:
eb:69:06:e0
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUUZ8jWN/hxLZSicsOVo5v11CNjWUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjA1MTEwMTQwNTVaFw0yNjA4MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDFhODZmYWU0YTM4MDBlMWM0OTI3NjA2ZTgwYTNjOGZlMzNjOGU3OTFhNWNj
MmRlMjFmMTYxYzY0MWZmZTdjNGMxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJXyPqyEu+TocC2SuHuPUIcwz9da4GLGIlYk6qtS5k1pcLADfR0TABrALdje
rzxdnNNabT3Z/o/a5e/wnrnpqmpENb+BMCk812vyuOpppG/yzb2sgPUHye3qGdq2
CNXTmNVdeLHpzLKridp64GVwcvbaCZWCUs4UpI//OBmitpzAZZ7xjoYRvwhZxyGA
SlcO1mOlbiR74hyg3gfS1ZKSMyV125KkCo7L+BGGhg987Rkt39ten7rDnOsa7tFn
MDJrbIQ7QXPj9k9SZhyr0XlwDg6opUpcsabIyPKLxyWxwB3ZtLV39j4SI7sk1JGI
ynH8DX/KGOQnixcNxkfH6TNhwA0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSf9PYx
OWOnPeZbaVF5bC2Vl5oiMDAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
NmQzZTAyZWQtMjg0OC00ZGMyLWE4NWYtMDBmZjZhMGZlZDg4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8AI
wDANBgkqhkiG9w0BAQsFAAOCAQEAKI6Fp3JdwUorayWdzU22P2aWqzSV+hiNwTOA
X0UFmerpcQdJt5YHXzRmeTfQp2/urFbSJKzXvhhrsnMiZII8DioikFNqJXOtarQQ
1UsU2jb+1oHkxlkIt5GTruRv+lf/PGoeggxQ2Mh0SXqwkIdCqnIrS+Kvzx8mCnh0
Z9UGDy5QT9rU/SJBrSTzQPDAcYKxGwHPulYv/1E8C/FQRO3oJNBdP4rxHRkyIG+n
gvUqEw8+8Cbi2JtZULcGMT+gEUlI9OoHoVpv6rxReXp6H0WNgDfBNfiXIaDm6Olt
UE1+R/r/LokezNkfHsUQmTojAb+fqUL7BqckXs09TWbg62kG4A==
-----END CERTIFICATE-----
Generated at Tue May 12 23:40:33 2026 by rpki-client