Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/81c0e08f-5df8-4d0d-a070-70ca484fbf18.roa
File: 81c0e08f-5df8-4d0d-a070-70ca484fbf18.roa (raw, json)
Hash identifier: JrHqBlg/MwEboFLrEDifqPBFdUaIxQt7rOAStuLHUOU=
Subject key identifier: B5:14:A8:5B:0C:D9:F1:BF:79:02:C9:A8:76:14:80:B8:68:5E:F8:38
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 03D9D89B176CD5FC7D38FA484F2B0E2EB5758CD0
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/81c0e08f-5df8-4d0d-a070-70ca484fbf18.roa
Signing time: Mon 11 May 2026 01:40:39 +0000
ROA not before: Mon 11 May 2026 01:40:39 +0000
ROA not after: Sun 09 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:2000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:d9:d8:9b:17:6c:d5:fc:7d:38:fa:48:4f:2b:0e:2e:b5:75:8c:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: May 11 01:40:39 2026 GMT
Not After : Aug 9 23:59:59 2026 GMT
Subject: serialNumber=7bcd3422e46888a65acf4bc51885716d4218324f5a775b9dcba2c6f47bb3407a, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:d5:d2:f5:72:be:a0:92:9d:77:a8:3e:8b:8c:
8c:d0:86:30:ce:e1:2a:a6:16:2b:6e:ea:94:f0:a8:
23:75:5c:82:89:65:9a:e0:3c:0b:30:b5:1d:dc:a4:
21:fa:ce:7e:00:d8:78:13:14:88:7c:7f:b3:28:fa:
41:65:c3:34:2c:d8:97:c0:a1:4f:f6:a9:65:29:84:
db:d7:ed:ff:2f:89:a5:15:42:1b:2b:7e:bb:4b:ae:
80:82:9c:72:e3:c0:04:c9:82:6e:50:03:fe:33:df:
ab:10:ae:db:5b:25:f5:df:c7:c6:69:8a:fc:4b:59:
67:d3:3d:15:82:5e:f1:af:a8:27:da:b6:1b:24:a2:
38:e3:cc:32:76:b9:ea:97:56:2f:04:4e:8a:1c:75:
cb:7a:ee:64:a2:96:b4:46:67:23:c9:b4:2b:67:d6:
dc:a6:38:1d:f7:4d:bc:6c:62:39:2a:c2:c4:fe:06:
c7:86:26:90:3c:9c:3d:5b:92:1e:49:12:97:a4:59:
e0:70:a5:aa:b4:f6:1d:3a:8a:a7:65:8e:8f:ca:39:
d9:b7:57:0a:89:1e:df:18:b2:f7:60:ff:1f:51:5a:
4a:2f:12:30:d5:4c:77:bd:a3:6c:f8:d6:c0:a6:5d:
c0:57:d2:ff:32:0e:b5:2f:0c:c1:1a:da:ef:99:7b:
f0:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:14:A8:5B:0C:D9:F1:BF:79:02:C9:A8:76:14:80:B8:68:5E:F8:38
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/81c0e08f-5df8-4d0d-a070-70ca484fbf18.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:2000::/36
Signature Algorithm: sha256WithRSAEncryption
a9:e1:87:71:05:fd:7f:42:51:0c:b1:3a:cb:38:f8:ae:97:e5:
ec:94:58:39:83:ab:bf:ec:53:51:96:a0:ab:ab:6f:2e:30:f1:
ad:8c:a3:c9:ee:10:30:73:a5:36:1a:ac:e7:bf:4b:a7:9d:71:
69:b0:cf:48:3b:73:c8:c4:55:0a:b2:87:1e:23:3f:7a:ec:a4:
18:06:b4:5d:42:f1:dd:7e:2d:f3:45:31:35:f5:19:b0:37:1c:
45:fb:2a:b2:bf:19:84:f1:9a:fd:7a:dc:ee:4f:57:7f:c8:a8:
70:82:32:58:9a:d5:8b:e4:02:03:f1:56:06:72:f9:99:ba:e4:
3a:ea:98:9e:3b:8d:66:ed:29:48:c8:02:19:cf:55:78:84:54:
6f:ce:38:aa:ea:5a:59:85:bc:08:3b:cb:da:a3:0f:49:fb:0d:
c8:54:6a:5d:69:44:90:7c:3c:78:92:92:f1:0e:10:ae:22:d0:
a7:5a:82:83:91:ff:b0:fa:de:8b:76:b4:7c:76:2f:ef:ed:67:
54:7f:dc:69:30:28:2f:71:c4:15:9e:b0:78:0f:e3:64:21:3b:
dd:ae:36:3a:45:34:09:ec:96:08:46:0d:60:8a:94:31:2c:d1:
3f:49:1d:2d:90:2f:8c:ff:47:f5:76:74:cf:c1:b9:90:47:2f:
24:64:7f:50
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUA9nYmxds1fx9OPpITysOLrV1jNAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjA1MTEwMTQwMzlaFw0yNjA4MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDdiY2QzNDIyZTQ2ODg4YTY1YWNmNGJjNTE4ODU3MTZkNDIxODMyNGY1YTc3
NWI5ZGNiYTJjNmY0N2JiMzQwN2ExLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANLV0vVyvqCSnXeoPouMjNCGMM7hKqYWK27qlPCoI3VcgollmuA8CzC1Hdyk
IfrOfgDYeBMUiHx/syj6QWXDNCzYl8ChT/apZSmE29ft/y+JpRVCGyt+u0uugIKc
cuPABMmCblAD/jPfqxCu21sl9d/HxmmK/EtZZ9M9FYJe8a+oJ9q2GySiOOPMMna5
6pdWLwROihx1y3ruZKKWtEZnI8m0K2fW3KY4HfdNvGxiOSrCxP4Gx4YmkDycPVuS
HkkSl6RZ4HClqrT2HTqKp2WOj8o52bdXCoke3xiy92D/H1FaSi8SMNVMd72jbPjW
wKZdwFfS/zIOtS8MwRra75l78L8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS1FKhb
DNnxv3kCyah2FIC4aF74ODAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
ODFjMGUwOGYtNWRmOC00ZDBkLWEwNzAtNzBjYTQ4NGZiZjE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8cg
MA0GCSqGSIb3DQEBCwUAA4IBAQCp4YdxBf1/QlEMsTrLOPiul+XslFg5g6u/7FNR
lqCrq28uMPGtjKPJ7hAwc6U2Gqznv0unnXFpsM9IO3PIxFUKsoceIz967KQYBrRd
QvHdfi3zRTE19RmwNxxF+yqyvxmE8Zr9etzuT1d/yKhwgjJYmtWL5AID8VYGcvmZ
uuQ66pieO41m7SlIyAIZz1V4hFRvzjiq6lpZhbwIO8vaow9J+w3IVGpdaUSQfDx4
kpLxDhCuItCnWoKDkf+w+t6LdrR8di/v7WdUf9xpMCgvccQVnrB4D+NkITvdrjY6
RTQJ7JYIRg1gipQxLNE/SR0tkC+M/0f1dnTPwbmQRy8kZH9Q
-----END CERTIFICATE-----
Generated at Tue May 12 23:32:48 2026 by rpki-client