Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/76596d4d-5093-4468-a590-5fe51a279b6f.roa
File: 76596d4d-5093-4468-a590-5fe51a279b6f.roa (raw, json)
Hash identifier: 4FCOPmdXzNzfSAcRUqbgy5iuFsQzRKSO0dfhBYicFNs=
Subject key identifier: 1A:B4:9B:1D:AB:4A:6C:91:D6:2B:21:46:4C:17:52:85:8B:AE:60:DC
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 579D25634A3B109BDD574DF515E4EB9E3CB02A15
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/76596d4d-5093-4468-a590-5fe51a279b6f.roa
Signing time: Mon 11 May 2026 01:40:52 +0000
ROA not before: Mon 11 May 2026 01:40:52 +0000
ROA not after: Sun 09 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:8800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:9d:25:63:4a:3b:10:9b:dd:57:4d:f5:15:e4:eb:9e:3c:b0:2a:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: May 11 01:40:52 2026 GMT
Not After : Aug 9 23:59:59 2026 GMT
Subject: serialNumber=e1f8c6a9f246843df8558d4f69ec4e4299eb54893909465b4c26d7f3d3bc1257, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:70:70:31:d4:e1:e4:f4:ba:24:ba:8e:f2:c5:
dc:2f:d4:86:29:17:b1:7e:6f:4c:52:25:73:3f:f3:
56:48:de:02:e6:68:55:04:4f:43:6d:cc:de:a1:33:
d3:b8:b5:ec:da:f6:40:e2:20:12:31:d7:7a:35:b2:
bc:c4:57:62:2f:81:d1:a1:54:10:33:e2:a6:69:9f:
b8:b7:34:8f:6a:f4:87:b5:20:9d:ac:ef:dd:37:7c:
d1:74:c0:04:38:98:11:75:92:59:eb:50:ef:25:34:
c0:69:34:80:3f:7e:4f:2b:f8:7c:b6:e8:d5:a1:53:
6c:c6:f5:85:0e:37:7d:6b:78:53:db:5e:fc:85:bf:
7d:64:40:d9:37:1a:7a:d7:62:02:f4:6a:bc:a8:be:
13:e9:57:36:7a:5a:e3:3a:29:26:9a:2d:bb:9d:91:
27:30:a4:cf:59:f0:69:8c:22:34:38:03:96:80:6a:
aa:b4:7d:89:fe:c9:84:23:d4:db:19:75:d6:9a:ef:
81:78:7b:b8:67:e2:c7:38:68:24:ac:cc:e2:04:ac:
99:f7:62:60:a0:da:4d:70:4e:99:ea:cd:8d:fd:2a:
e4:49:0e:6e:71:0d:ce:e2:56:ec:91:9c:f4:4a:ac:
c9:01:f9:3e:03:46:7d:e6:c5:ed:de:db:93:8b:ee:
65:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:B4:9B:1D:AB:4A:6C:91:D6:2B:21:46:4C:17:52:85:8B:AE:60:DC
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/76596d4d-5093-4468-a590-5fe51a279b6f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:8800::/40
Signature Algorithm: sha256WithRSAEncryption
bb:d5:45:4f:31:5e:24:3e:d1:cc:4b:6d:dc:b0:50:44:4e:55:
8d:bc:53:e7:52:75:4b:b3:e6:3e:be:12:8b:c2:81:7c:17:bb:
00:fb:33:5b:89:27:85:f7:bd:b9:60:18:ff:af:d5:0e:77:20:
06:bf:b8:b9:0a:42:f3:4f:d6:6a:d9:fa:22:dc:9b:66:e2:f9:
16:60:77:01:07:03:59:ad:a0:bb:f2:14:3e:0b:d5:60:b9:a3:
2f:cf:f0:43:04:32:bd:3c:38:f6:19:87:29:cf:0e:92:a4:08:
f1:ee:7f:4b:fd:85:f2:c1:d5:5c:49:ab:d7:16:97:0e:7d:29:
bb:33:89:13:a0:58:f1:5f:8d:c7:c2:1b:7d:ff:ef:ec:33:4b:
16:9e:77:0e:93:54:0f:78:17:94:7a:d3:23:3e:cf:77:31:24:
46:f1:43:5c:96:04:ab:c1:74:a8:9c:80:85:4f:9d:d9:da:0a:
7c:3f:ee:88:86:55:8f:a8:be:71:e5:a8:d7:a5:92:cd:e7:c6:
d6:6a:ad:2c:f8:9b:2d:fd:43:fd:a2:89:4a:24:e3:6b:ac:a3:
a2:7b:6e:b3:e9:3e:1c:4a:be:59:21:53:93:bd:a2:22:5a:7e:
64:86:67:55:21:31:89:66:d7:9c:63:a8:5a:00:06:9f:0c:b6:
da:b4:88:7c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUV50lY0o7EJvdV031FeTrnjywKhUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjA1MTEwMTQwNTJaFw0yNjA4MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGUxZjhjNmE5ZjI0Njg0M2RmODU1OGQ0ZjY5ZWM0ZTQyOTllYjU0ODkzOTA5
NDY1YjRjMjZkN2YzZDNiYzEyNTcxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKhwcDHU4eT0uiS6jvLF3C/UhikXsX5vTFIlcz/zVkjeAuZoVQRPQ23M3qEz
07i17Nr2QOIgEjHXejWyvMRXYi+B0aFUEDPipmmfuLc0j2r0h7Ugnazv3Td80XTA
BDiYEXWSWetQ7yU0wGk0gD9+Tyv4fLbo1aFTbMb1hQ43fWt4U9te/IW/fWRA2Tca
etdiAvRqvKi+E+lXNnpa4zopJpotu52RJzCkz1nwaYwiNDgDloBqqrR9if7JhCPU
2xl11prvgXh7uGfixzhoJKzM4gSsmfdiYKDaTXBOmerNjf0q5EkObnENzuJW7JGc
9EqsyQH5PgNGfebF7d7bk4vuZYUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQatJsd
q0pskdYrIUZMF1KFi65g3DAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
NzY1OTZkNGQtNTA5My00NDY4LWE1OTAtNWZlNTFhMjc5YjZmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8OI
MA0GCSqGSIb3DQEBCwUAA4IBAQC71UVPMV4kPtHMS23csFBETlWNvFPnUnVLs+Y+
vhKLwoF8F7sA+zNbiSeF9725YBj/r9UOdyAGv7i5CkLzT9Zq2foi3Jtm4vkWYHcB
BwNZraC78hQ+C9VguaMvz/BDBDK9PDj2GYcpzw6SpAjx7n9L/YXywdVcSavXFpcO
fSm7M4kToFjxX43Hwht9/+/sM0sWnncOk1QPeBeUetMjPs93MSRG8UNclgSrwXSo
nICFT53Z2gp8P+6IhlWPqL5x5ajXpZLN58bWaq0s+Jst/UP9oolKJONrrKOie26z
6T4cSr5ZIVOTvaIiWn5khmdVITGJZtecY6haAAafDLbatIh8
-----END CERTIFICATE-----
Generated at Tue May 12 22:07:22 2026 by rpki-client