Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/751d5a0a-c925-4787-ac94-98c23675f1ba.roa
File: 751d5a0a-c925-4787-ac94-98c23675f1ba.roa (raw, json)
Hash identifier: kNChLB6YkX5lT8HaT6Mmz/JUF+IA2paKKBJYmAtkJfE=
Subject key identifier: 84:5C:F2:F8:0B:6E:52:7F:A3:D4:57:4A:4E:BB:4F:A3:13:E2:94:40
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 5C7530C7079C8B1576E77D49ECF68B0E31092E87
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/751d5a0a-c925-4787-ac94-98c23675f1ba.roa
Signing time: Mon 11 May 2026 01:40:37 +0000
ROA not before: Mon 11 May 2026 01:40:37 +0000
ROA not after: Sun 09 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:f840::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:75:30:c7:07:9c:8b:15:76:e7:7d:49:ec:f6:8b:0e:31:09:2e:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: May 11 01:40:37 2026 GMT
Not After : Aug 9 23:59:59 2026 GMT
Subject: serialNumber=0a69e8ae53bac33ba91932a3f7bf25936cf18fcf8130819af1176944abc4200f, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:d3:15:f0:95:88:55:be:30:fc:92:21:38:34:
35:d4:51:4c:72:49:a1:28:18:49:df:38:df:28:8a:
e1:0c:83:50:4e:ca:82:3f:23:59:0e:2d:20:ad:35:
10:cb:e3:dd:f9:1c:13:c7:2e:bb:f5:1e:0b:55:2e:
8e:1c:b4:3f:02:63:2d:c2:a4:05:96:48:fe:c0:2d:
8d:0c:26:91:42:c7:83:b2:32:82:8d:66:71:22:1d:
18:89:36:14:89:5a:01:64:de:b1:14:89:85:0e:54:
ac:9a:80:59:fd:b6:1c:a2:2a:dc:91:b4:56:7c:86:
73:8c:3d:e9:17:08:eb:6d:3c:d6:9b:fa:c5:17:a8:
ce:f9:e4:3f:1a:56:f4:fd:fa:85:db:9e:32:a8:72:
21:92:08:44:43:03:e3:57:f4:68:b9:35:cd:22:ac:
35:ad:47:97:86:2d:b6:a3:5d:fd:e2:cc:36:58:c7:
e9:38:1b:81:3c:94:29:ff:b6:44:f9:2c:a9:d7:57:
c9:94:c6:1e:b2:b4:b8:12:27:b3:48:39:4b:80:df:
84:82:90:3a:4b:27:07:e2:e3:e9:3e:7d:2b:c8:0f:
0e:99:19:ed:40:7f:6c:00:ce:ca:77:7c:61:0c:6d:
e4:47:fc:fd:91:0d:9e:1e:00:0a:48:97:08:13:28:
96:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:5C:F2:F8:0B:6E:52:7F:A3:D4:57:4A:4E:BB:4F:A3:13:E2:94:40
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/751d5a0a-c925-4787-ac94-98c23675f1ba.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:f840::/48
Signature Algorithm: sha256WithRSAEncryption
aa:58:22:5c:3e:22:fb:89:a7:c9:f3:1e:b9:94:0b:9a:c4:2a:
d5:7c:ca:67:8b:af:18:ba:64:b1:86:e9:2f:ca:ad:d6:a1:5a:
69:4e:b9:21:db:28:16:bf:ba:81:b0:2f:b6:bb:44:5e:f2:1e:
59:b0:6a:40:2b:80:d6:5f:8d:e6:a2:ff:9b:e6:8c:00:ad:0e:
16:95:f9:38:6a:e9:7a:c3:f3:2d:00:73:3c:79:36:4b:90:33:
e4:41:27:55:3f:60:8d:cb:e6:df:3b:7d:60:25:f2:03:48:38:
9f:49:39:bd:fe:5b:b5:65:b5:6b:ad:29:2d:8a:d3:47:c8:05:
94:ff:cb:c8:03:99:af:4b:d3:8a:57:70:a6:da:45:e7:da:df:
6a:9e:96:d7:57:93:99:d9:c7:b2:68:09:cb:b6:e0:d5:df:d7:
56:14:fd:62:78:5a:b8:d0:c1:ad:df:b9:bd:d2:cd:ae:c3:39:
3f:19:41:89:85:23:9a:26:70:91:1b:a6:73:c4:51:c1:dc:f7:
65:98:34:36:d8:9d:7f:94:df:24:f3:6f:90:b0:50:d1:a7:6d:
32:75:59:7d:f7:3b:1a:85:57:dd:ab:3a:eb:cf:85:a1:48:df:
51:e9:74:67:e1:c8:a0:03:40:85:fd:3e:c8:da:f8:bb:1a:5a:
c0:fd:95:2e
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUXHUwxwecixV2531J7PaLDjEJLocwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjA1MTEwMTQwMzdaFw0yNjA4MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDBhNjllOGFlNTNiYWMzM2JhOTE5MzJhM2Y3YmYyNTkzNmNmMThmY2Y4MTMw
ODE5YWYxMTc2OTQ0YWJjNDIwMGYxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALXTFfCViFW+MPySITg0NdRRTHJJoSgYSd843yiK4QyDUE7Kgj8jWQ4tIK01
EMvj3fkcE8cuu/UeC1Uujhy0PwJjLcKkBZZI/sAtjQwmkULHg7Iygo1mcSIdGIk2
FIlaAWTesRSJhQ5UrJqAWf22HKIq3JG0VnyGc4w96RcI62081pv6xReozvnkPxpW
9P36hdueMqhyIZIIREMD41f0aLk1zSKsNa1Hl4YttqNd/eLMNljH6TgbgTyUKf+2
RPksqddXyZTGHrK0uBIns0g5S4DfhIKQOksnB+Lj6T59K8gPDpkZ7UB/bADOynd8
YQxt5Ef8/ZENnh4ACkiXCBMolhkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSEXPL4
C25Sf6PUV0pOu0+jE+KUQDAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
NzUxZDVhMGEtYzkyNS00Nzg3LWFjOTQtOThjMjM2NzVmMWJhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8f4
QDANBgkqhkiG9w0BAQsFAAOCAQEAqlgiXD4i+4mnyfMeuZQLmsQq1XzKZ4uvGLpk
sYbpL8qt1qFaaU65IdsoFr+6gbAvtrtEXvIeWbBqQCuA1l+N5qL/m+aMAK0OFpX5
OGrpesPzLQBzPHk2S5Az5EEnVT9gjcvm3zt9YCXyA0g4n0k5vf5btWW1a60pLYrT
R8gFlP/LyAOZr0vTildwptpF59rfap6W11eTmdnHsmgJy7bg1d/XVhT9YnhauNDB
rd+5vdLNrsM5PxlBiYUjmiZwkRumc8RRwdz3ZZg0Ntidf5TfJPNvkLBQ0adtMnVZ
ffc7GoVX3as668+FoUjfUel0Z+HIoANAhf0+yNr4uxpawP2VLg==
-----END CERTIFICATE-----
Generated at Tue May 12 22:12:10 2026 by rpki-client