Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/8141b7c7-3722-47fb-a87c-13473348f317.roa
File: 8141b7c7-3722-47fb-a87c-13473348f317.roa (raw, json)
Hash identifier: fD0lMRBZ/+Gcc4MPTOisjaWrh2QsFGX+LNA/9BtPChk=
Subject key identifier: D5:31:F8:20:44:AF:80:7C:37:BB:A8:D7:2A:AD:62:06:7D:84:AC:19
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 73675339DD79AE0A3A2A6F5A8B991C1DBFC2849A
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/8141b7c7-3722-47fb-a87c-13473348f317.roa
Signing time: Mon 11 May 2026 01:40:39 +0000
ROA not before: Mon 11 May 2026 01:40:39 +0000
ROA not after: Sun 09 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc1:8800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:67:53:39:dd:79:ae:0a:3a:2a:6f:5a:8b:99:1c:1d:bf:c2:84:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: May 11 01:40:39 2026 GMT
Not After : Aug 9 23:59:59 2026 GMT
Subject: serialNumber=7d2c2d72901ef9e30d7000c2cc959debed6056fe5cbff38f5d4db50d860c33a9, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:84:cc:34:86:f5:f8:d9:e8:ce:86:00:18:f2:
68:88:36:bd:cb:ce:26:15:92:fe:af:9e:ab:98:ea:
ce:c6:e7:08:16:7a:2c:4a:41:64:e2:87:43:f4:7c:
e8:02:e8:97:a4:de:bb:93:ac:5d:c1:da:29:4d:9d:
57:ec:f8:6b:b6:c8:f9:44:58:d4:fa:90:59:24:3d:
4e:c8:97:8d:24:63:1d:f3:42:3d:34:72:f6:b3:57:
5d:63:23:ad:c9:59:d8:6f:c0:81:35:36:30:e9:26:
40:ec:e6:66:0b:ab:93:a0:86:45:a3:69:71:08:4d:
c1:9c:85:2b:5e:94:87:66:97:d0:ed:92:d6:5e:ec:
2e:a7:34:0a:52:54:ce:fa:96:c0:ef:38:eb:d0:60:
58:57:cc:0e:bd:21:27:cb:77:03:fd:f1:cf:0c:ac:
73:4e:ce:9b:0f:e1:bd:47:a1:02:15:25:63:65:1b:
74:13:73:d3:67:b3:79:42:be:e7:16:c7:6c:5e:f2:
8c:8d:da:15:79:c2:cc:e8:1c:ce:66:4c:5a:3c:92:
ce:f5:09:96:02:bc:2e:de:e8:16:98:75:6a:b4:5e:
13:fa:1c:a7:4a:84:c8:36:03:8f:7f:c4:42:c6:b9:
2e:13:0c:df:aa:53:93:fe:1a:6e:ed:dc:26:72:a1:
7d:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:31:F8:20:44:AF:80:7C:37:BB:A8:D7:2A:AD:62:06:7D:84:AC:19
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/8141b7c7-3722-47fb-a87c-13473348f317.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc1:8800::/38
Signature Algorithm: sha256WithRSAEncryption
4d:17:08:e9:41:b6:ee:23:06:08:44:fe:80:b5:22:4b:e9:c1:
18:06:7d:c0:30:3d:6d:d1:c1:c0:c2:7a:06:96:0b:e6:a9:b0:
a3:cb:cc:5a:71:5f:7c:c7:55:09:54:b2:ea:70:02:39:23:19:
ae:1a:7e:43:d8:b2:af:38:b2:75:d3:b5:f0:1f:76:20:02:2d:
43:4a:4a:56:cc:9c:db:96:bd:a1:bb:a2:3d:bd:77:a8:74:97:
97:e9:ef:45:26:c6:95:dc:37:2e:09:f4:e1:6d:64:28:60:8d:
ae:75:45:b0:86:d4:92:9b:43:19:db:46:be:e2:5e:53:b0:61:
82:2b:3c:e2:6e:71:7b:e6:d0:fa:c3:53:a9:9e:04:af:8e:6b:
1f:96:7e:df:1e:6e:68:13:47:cc:6a:a4:ee:2c:5b:bb:68:1d:
01:42:23:25:f4:89:22:07:61:50:fd:85:37:a7:c6:4b:6c:e5:
ea:87:32:6f:5f:07:27:fc:12:5a:2c:83:99:db:33:ff:88:be:
24:0a:90:90:27:e5:e8:cc:ab:20:ef:60:b7:a6:61:e4:2f:08:
5b:6d:06:a2:c1:99:fd:d0:cd:77:7e:05:08:34:11:51:8e:3c:
41:0c:d0:87:09:26:f8:e7:a6:b5:9c:5a:32:6f:2c:f3:a2:52:
6b:f9:01:bf
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUc2dTOd15rgo6Km9ai5kcHb/ChJowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjA1MTEwMTQwMzlaFw0yNjA4MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDdkMmMyZDcyOTAxZWY5ZTMwZDcwMDBjMmNjOTU5ZGViZWQ2MDU2ZmU1Y2Jm
ZjM4ZjVkNGRiNTBkODYwYzMzYTkxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALiEzDSG9fjZ6M6GABjyaIg2vcvOJhWS/q+eq5jqzsbnCBZ6LEpBZOKHQ/R8
6ALol6Teu5OsXcHaKU2dV+z4a7bI+URY1PqQWSQ9TsiXjSRjHfNCPTRy9rNXXWMj
rclZ2G/AgTU2MOkmQOzmZgurk6CGRaNpcQhNwZyFK16Uh2aX0O2S1l7sLqc0ClJU
zvqWwO8469BgWFfMDr0hJ8t3A/3xzwysc07Omw/hvUehAhUlY2UbdBNz02ezeUK+
5xbHbF7yjI3aFXnCzOgczmZMWjySzvUJlgK8Lt7oFph1arReE/ocp0qEyDYDj3/E
Qsa5LhMM36pTk/4abu3cJnKhfTsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTVMfgg
RK+AfDe7qNcqrWIGfYSsGTAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
ODE0MWI3YzctMzcyMi00N2ZiLWE4N2MtMTM0NzMzNDhmMzE3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAiABP8GI
MA0GCSqGSIb3DQEBCwUAA4IBAQBNFwjpQbbuIwYIRP6AtSJL6cEYBn3AMD1t0cHA
wnoGlgvmqbCjy8xacV98x1UJVLLqcAI5IxmuGn5D2LKvOLJ107XwH3YgAi1DSkpW
zJzblr2hu6I9vXeodJeX6e9FJsaV3DcuCfThbWQoYI2udUWwhtSSm0MZ20a+4l5T
sGGCKzzibnF75tD6w1OpngSvjmsfln7fHm5oE0fMaqTuLFu7aB0BQiMl9IkiB2FQ
/YU3p8ZLbOXqhzJvXwcn/BJaLIOZ2zP/iL4kCpCQJ+XozKsg72C3pmHkLwhbbQai
wZn90M13fgUINBFRjjxBDNCHCSb456a1nFoybyzzolJr+QG/
-----END CERTIFICATE-----
Generated at Wed May 13 01:45:43 2026 by rpki-client