Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/72ef2c47-a8e3-4e0c-aab9-ec5604ba99e5.roa
File: 72ef2c47-a8e3-4e0c-aab9-ec5604ba99e5.roa (raw, json)
Hash identifier: uzNndmmdEh23O1F8E9cMtxJthNiqM5mes19z3yrnIt4=
Subject key identifier: 64:E0:13:17:34:3C:32:86:52:A1:E1:B3:0B:6D:39:E1:C1:1A:5B:1C
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 3BA92F8B15FD4C61763BF267BE54F38686A6CB6A
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/72ef2c47-a8e3-4e0c-aab9-ec5604ba99e5.roa
Signing time: Wed 06 May 2026 20:17:07 +0000
ROA not before: Wed 06 May 2026 20:17:07 +0000
ROA not after: Tue 04 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc5:1000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:a9:2f:8b:15:fd:4c:61:76:3b:f2:67:be:54:f3:86:86:a6:cb:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: May 6 20:17:07 2026 GMT
Not After : Aug 4 23:59:59 2026 GMT
Subject: serialNumber=6b94d87d6fa1db0dcf3662aa8cf886292a593360641cd2b7e9412d592f6ba84a, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:e0:ef:a8:34:fb:7b:7b:7d:46:06:56:2e:b3:
f2:b2:5e:01:9e:2a:32:fd:f3:cc:69:05:e2:0c:72:
00:1d:92:65:4f:27:ae:ab:fc:3d:ec:c5:54:1f:17:
03:ec:b7:2e:75:df:ee:54:23:c5:7f:bb:35:a7:fe:
a9:15:c5:a7:43:17:cd:60:95:07:71:22:2f:51:a2:
8a:3f:01:92:fc:ff:c7:a5:0e:17:cf:ef:61:53:92:
97:74:0d:fd:ff:c6:9a:7c:1c:ed:6e:51:ea:a4:8c:
84:42:54:84:57:b8:2f:8d:92:8c:f2:ea:ed:41:b0:
27:82:9f:0a:67:98:df:f2:36:22:7d:3f:aa:86:45:
95:4e:c1:de:78:5d:5d:52:fb:df:1f:82:0c:e9:f2:
da:b1:37:f6:69:cc:78:20:55:f1:c8:fd:1e:7b:4f:
8a:f5:0e:c6:ef:ad:69:91:2a:a8:a4:18:f9:95:32:
b5:fb:2a:fc:65:89:64:81:90:a8:3e:5d:16:76:13:
cd:55:4d:a8:52:75:ab:a3:ae:9a:b0:8b:77:fd:e8:
e7:c5:86:03:d9:c3:84:e3:aa:9e:ef:79:bf:08:6f:
51:0f:b2:27:36:74:46:5c:5c:5a:f1:ce:a5:be:87:
3d:a7:36:64:56:70:37:07:60:fe:3c:e1:3f:13:55:
6e:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:E0:13:17:34:3C:32:86:52:A1:E1:B3:0B:6D:39:E1:C1:1A:5B:1C
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/72ef2c47-a8e3-4e0c-aab9-ec5604ba99e5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc5:1000::/40
Signature Algorithm: sha256WithRSAEncryption
b0:92:98:12:93:ac:01:5e:e1:97:33:50:d8:30:4f:6e:ac:4a:
12:5f:4c:68:80:a6:e2:b3:08:79:f3:d6:e0:e5:76:24:92:21:
68:81:6e:4a:e5:b0:cb:37:11:f5:30:1c:56:51:16:97:60:23:
4d:f7:88:a6:ad:69:2d:66:86:50:41:24:b0:6c:49:82:e2:76:
4f:2a:2f:e6:0c:19:66:25:7c:4b:81:94:b9:b3:5d:7d:cf:e9:
dc:21:ed:93:d3:fc:4a:1b:2a:5b:f5:58:af:19:b0:61:44:68:
02:81:23:c3:e3:16:a9:03:cb:c9:a9:c0:d6:c1:02:f1:40:f3:
a1:a2:2d:47:d9:17:8a:42:39:b9:ba:4f:6b:00:70:91:b2:07:
4c:56:ba:91:1a:e8:c2:aa:02:e5:19:87:eb:c6:e9:2a:d4:af:
d2:52:19:bc:a8:38:80:91:76:60:ec:da:3e:04:92:c9:d8:51:
ea:c0:55:f9:bb:91:fb:94:c1:8c:95:36:c3:a7:9c:d9:51:32:
0b:70:f9:94:9e:ce:c5:e5:52:04:d4:aa:93:51:36:60:2a:b5:
ea:12:f0:0b:9d:f8:fa:aa:46:04:85:29:6d:93:a5:de:63:87:
84:7c:b8:f0:5e:38:c6:91:0b:35:2d:56:c4:75:88:66:51:4b:
4e:d0:b4:06
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUO6kvixX9TGF2O/JnvlTzhoamy2owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjA1MDYyMDE3MDdaFw0yNjA4MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDZiOTRkODdkNmZhMWRiMGRjZjM2NjJhYThjZjg4NjI5MmE1OTMzNjA2NDFj
ZDJiN2U5NDEyZDU5MmY2YmE4NGExLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMzg76g0+3t7fUYGVi6z8rJeAZ4qMv3zzGkF4gxyAB2SZU8nrqv8PezFVB8X
A+y3LnXf7lQjxX+7Naf+qRXFp0MXzWCVB3EiL1Giij8Bkvz/x6UOF8/vYVOSl3QN
/f/Gmnwc7W5R6qSMhEJUhFe4L42SjPLq7UGwJ4KfCmeY3/I2In0/qoZFlU7B3nhd
XVL73x+CDOny2rE39mnMeCBV8cj9HntPivUOxu+taZEqqKQY+ZUytfsq/GWJZIGQ
qD5dFnYTzVVNqFJ1q6OumrCLd/3o58WGA9nDhOOqnu95vwhvUQ+yJzZ0RlxcWvHO
pb6HPac2ZFZwNwdg/jzhPxNVbmkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRk4BMX
NDwyhlKh4bMLbTnhwRpbHDAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
NzJlZjJjNDctYThlMy00ZTBjLWFhYjktZWM1NjA0YmE5OWU1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8UQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCwkpgSk6wBXuGXM1DYME9urEoSX0xogKbiswh5
89bg5XYkkiFogW5K5bDLNxH1MBxWURaXYCNN94imrWktZoZQQSSwbEmC4nZPKi/m
DBlmJXxLgZS5s119z+ncIe2T0/xKGypb9VivGbBhRGgCgSPD4xapA8vJqcDWwQLx
QPOhoi1H2ReKQjm5uk9rAHCRsgdMVrqRGujCqgLlGYfrxukq1K/SUhm8qDiAkXZg
7No+BJLJ2FHqwFX5u5H7lMGMlTbDp5zZUTILcPmUns7F5VIE1KqTUTZgKrXqEvAL
nfj6qkYEhSltk6XeY4eEfLjwXjjGkQs1LVbEdYhmUUtO0LQG
-----END CERTIFICATE-----
Generated at Tue May 12 21:54:00 2026 by rpki-client