Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/82447f39-606c-4fd4-b51c-911eb0449adc.roa
File: 82447f39-606c-4fd4-b51c-911eb0449adc.roa (raw, json)
Hash identifier: rJtiY9u/eaPZQX7jq9ZNhhyDr0hqNNuB2xhe58UaoEM=
Subject key identifier: 4B:92:76:23:6E:0B:07:33:41:6C:34:08:D2:DB:3A:58:BF:E4:91:0F
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 559ED81E514335EE04C6162D7C79F8D43F3D8FFB
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/82447f39-606c-4fd4-b51c-911eb0449adc.roa
Signing time: Thu 07 May 2026 13:47:10 +0000
ROA not before: Thu 07 May 2026 13:47:10 +0000
ROA not after: Wed 05 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc5:2020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:9e:d8:1e:51:43:35:ee:04:c6:16:2d:7c:79:f8:d4:3f:3d:8f:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: May 7 13:47:10 2026 GMT
Not After : Aug 5 23:59:59 2026 GMT
Subject: serialNumber=d2fa275d7b8adedac94f0f2d6ac634e7e1eaf3eeb9d796dc0b00b628b1a1a1c9, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:ae:33:e3:4c:23:0d:2e:b1:db:8c:fd:52:56:
de:5b:4c:d6:4c:48:be:4f:11:5d:38:8b:32:fe:d1:
9a:4f:94:c4:65:5c:32:e7:2f:2e:79:f6:f6:0c:58:
b8:71:98:6c:e8:e0:c9:6d:31:88:b3:7b:d5:7f:a9:
a6:d8:10:c3:04:e8:af:11:d8:cc:b6:6c:b9:82:09:
7c:3e:03:0f:19:f6:11:17:f7:c7:70:cd:33:7d:67:
28:fd:4c:6b:00:f6:2c:46:bd:e4:fd:49:b0:25:10:
d0:f4:92:cd:03:4e:d9:11:c3:8e:11:df:d9:2f:10:
bf:01:f1:ba:1a:19:50:ac:ef:fe:18:07:7b:81:3c:
15:a2:3c:6d:ac:2e:ba:ae:7d:ef:00:b5:57:9f:64:
47:a3:13:aa:77:ce:d3:30:b7:ce:73:c1:e5:27:cf:
02:0d:da:a6:d9:7c:0c:e1:27:8c:74:f3:8b:10:b9:
05:b8:03:6d:df:fe:54:3f:d9:c6:a3:7a:50:14:57:
01:d6:21:26:52:02:ad:39:50:c0:8a:83:55:ba:ef:
9f:2e:d8:96:b0:9d:20:67:7a:04:44:a4:22:66:c9:
47:0c:a3:7f:b1:b6:36:40:cc:17:4d:d1:26:b5:51:
e1:6d:0b:4d:8a:d2:a7:de:20:a5:9d:23:7f:b6:09:
aa:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:92:76:23:6E:0B:07:33:41:6C:34:08:D2:DB:3A:58:BF:E4:91:0F
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/82447f39-606c-4fd4-b51c-911eb0449adc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc5:2020::/48
Signature Algorithm: sha256WithRSAEncryption
71:a3:af:9c:e1:e4:74:f1:89:d2:4a:09:7a:3f:7c:02:d3:1e:
a9:c0:d3:9e:46:88:1b:f2:20:66:f9:21:4a:19:d9:4f:13:26:
1b:3b:f6:f6:e6:3c:3d:3a:a2:a3:1a:5d:78:db:6b:dc:9a:73:
36:ee:6d:8d:78:d7:36:7d:6c:c0:0c:4e:5d:8b:ef:17:06:6e:
5a:53:3f:b9:5e:ff:5d:51:1d:19:68:bc:98:c7:e9:7e:8e:69:
2c:9e:74:39:c3:36:48:94:33:b6:81:36:ad:2f:55:82:ca:db:
91:a5:33:2d:91:b6:25:00:df:da:9c:1c:35:8b:5f:c6:6e:9f:
c6:01:bd:15:8b:ec:7c:eb:90:a8:32:c6:54:31:45:68:c6:c9:
cd:f8:c9:0a:28:44:1b:00:51:ca:c1:d6:59:ce:32:45:f0:de:
93:de:a9:7e:90:55:44:b5:5c:fb:a4:ca:88:4d:e5:84:b2:94:
38:c6:87:73:d2:c0:f7:12:2b:ed:e6:00:a9:7b:86:6f:cd:1a:
0d:64:e7:a0:f8:df:ab:dd:f2:1a:1d:f6:5a:69:a4:c9:1a:cf:
bf:6a:b7:08:0d:0e:47:a9:59:1f:a9:ae:1e:7c:fd:6c:34:4c:
39:c7:83:85:25:9e:2c:3c:12:89:5c:4f:a5:bb:60:01:72:57:
95:fd:f2:21
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUVZ7YHlFDNe4ExhYtfHn41D89j/swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjA1MDcxMzQ3MTBaFw0yNjA4MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGQyZmEyNzVkN2I4YWRlZGFjOTRmMGYyZDZhYzYzNGU3ZTFlYWYzZWViOWQ3
OTZkYzBiMDBiNjI4YjFhMWExYzkxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKeuM+NMIw0usduM/VJW3ltM1kxIvk8RXTiLMv7Rmk+UxGVcMucvLnn29gxY
uHGYbOjgyW0xiLN71X+pptgQwwTorxHYzLZsuYIJfD4DDxn2ERf3x3DNM31nKP1M
awD2LEa95P1JsCUQ0PSSzQNO2RHDjhHf2S8QvwHxuhoZUKzv/hgHe4E8FaI8bawu
uq597wC1V59kR6MTqnfO0zC3znPB5SfPAg3aptl8DOEnjHTzixC5BbgDbd/+VD/Z
xqN6UBRXAdYhJlICrTlQwIqDVbrvny7YlrCdIGd6BESkImbJRwyjf7G2NkDMF03R
JrVR4W0LTYrSp94gpZ0jf7YJqrMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRLknYj
bgsHM0FsNAjS2zpYv+SRDzAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
ODI0NDdmMzktNjA2Yy00ZmQ0LWI1MWMtOTExZWIwNDQ5YWRjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8Ug
IDANBgkqhkiG9w0BAQsFAAOCAQEAcaOvnOHkdPGJ0koJej98AtMeqcDTnkaIG/Ig
ZvkhShnZTxMmGzv29uY8PTqioxpdeNtr3JpzNu5tjXjXNn1swAxOXYvvFwZuWlM/
uV7/XVEdGWi8mMfpfo5pLJ50OcM2SJQztoE2rS9VgsrbkaUzLZG2JQDf2pwcNYtf
xm6fxgG9FYvsfOuQqDLGVDFFaMbJzfjJCihEGwBRysHWWc4yRfDek96pfpBVRLVc
+6TKiE3lhLKUOMaHc9LA9xIr7eYAqXuGb80aDWTnoPjfq93yGh32WmmkyRrPv2q3
CA0OR6lZH6muHnz9bDRMOceDhSWeLDwSiVxPpbtgAXJXlf3yIQ==
-----END CERTIFICATE-----
Generated at Tue May 12 21:53:36 2026 by rpki-client