Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/8d661aab-e6b5-4ca0-8109-f0e7f4d24c4f.roa
File: 8d661aab-e6b5-4ca0-8109-f0e7f4d24c4f.roa (raw, json)
Hash identifier: o0bh+e4rBBoAzh1ClKnhsMGZGBlPQeCiwKMTWgSlOgk=
Subject key identifier: 4B:5B:8C:55:02:4E:E4:72:5B:5A:B2:19:FE:C0:6C:E5:0D:0D:D1:3B
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 767306FEA1E037C18DB92FF17315B9216AA91CEB
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/8d661aab-e6b5-4ca0-8109-f0e7f4d24c4f.roa
Signing time: Mon 11 May 2026 01:30:08 +0000
ROA not before: Mon 11 May 2026 01:30:08 +0000
ROA not after: Sun 09 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:b000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:73:06:fe:a1:e0:37:c1:8d:b9:2f:f1:73:15:b9:21:6a:a9:1c:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: May 11 01:30:08 2026 GMT
Not After : Aug 9 23:59:59 2026 GMT
Subject: serialNumber=0776a490bcfd24a45f2575e55c0be941406e1dccca91d6dee70966bf83849e56, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:d8:a7:c9:25:0d:a1:14:48:89:7c:b6:f7:ed:
42:50:20:4e:f3:0d:7f:5b:db:ef:82:04:05:ad:a6:
53:6b:2e:77:cf:03:3f:14:ff:ef:12:13:06:7f:d9:
20:e5:27:d7:c8:45:0b:48:ed:4b:2b:c9:c6:c4:48:
db:0b:19:3f:24:c5:92:2a:18:87:b0:4b:07:4c:c1:
5a:cc:bd:61:6e:53:d2:e2:21:55:04:03:e4:c9:6b:
b1:fe:c3:6c:15:ed:b3:e9:6a:49:ac:1b:b5:3c:b7:
95:22:1c:4f:56:30:92:75:65:63:ad:98:39:c0:9b:
60:9f:a6:5b:12:63:4a:ab:dc:98:90:1e:15:52:6b:
e6:79:6a:5b:86:96:ba:85:78:b7:69:49:95:fb:d7:
53:f5:ac:fd:d8:5d:2a:00:ca:62:b0:37:48:cf:37:
57:8c:0f:ec:94:dd:f9:ad:fc:26:5d:3c:10:61:82:
8d:8d:64:e3:8b:83:33:07:b0:30:9d:03:70:b5:84:
88:41:4d:af:9e:5d:b7:54:43:3e:e7:d7:12:9d:e7:
7b:36:a2:e9:d8:a8:c5:81:22:0a:db:e0:07:64:e6:
ac:e1:11:88:ce:5e:33:b7:a0:96:8c:c1:2d:59:b6:
7e:a3:a3:64:e6:06:1a:69:42:59:38:69:a8:81:52:
34:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:5B:8C:55:02:4E:E4:72:5B:5A:B2:19:FE:C0:6C:E5:0D:0D:D1:3B
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/8d661aab-e6b5-4ca0-8109-f0e7f4d24c4f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:b000::/36
Signature Algorithm: sha256WithRSAEncryption
3a:26:c5:ac:5f:3e:bb:c5:c5:e8:7a:03:65:53:1a:24:ae:76:
d7:77:45:0f:08:48:d1:f1:53:c6:69:20:4c:f3:80:f0:1d:71:
66:b6:f9:d7:60:fd:b2:24:62:4b:3c:d7:8f:3d:49:6b:bb:d5:
59:38:77:c9:3a:36:9b:b6:54:11:7e:77:49:48:44:da:a3:20:
f7:72:52:35:27:a4:e1:56:90:87:b8:a1:f5:21:cc:df:c0:12:
2b:d4:67:cc:0b:f8:80:4e:bc:40:be:f9:17:b2:35:fa:5d:bc:
d2:c2:26:6a:b6:b1:d8:fc:81:e6:8d:2b:2c:7a:54:f8:f2:17:
e7:e2:3a:c7:18:f5:b7:4d:80:0e:cf:33:bd:48:87:d5:04:2a:
c7:25:7e:c2:5a:ce:96:be:35:5b:d7:bf:9c:1d:a3:d1:80:35:
22:0f:25:28:3c:69:d9:de:96:e2:18:e0:19:34:38:a2:4b:e9:
3e:92:39:0d:a1:e6:f4:a2:71:63:fe:bf:98:88:ab:0c:14:aa:
4f:54:e2:de:de:67:6e:fc:79:f1:72:b8:7b:5b:3b:c7:b4:ff:
88:e2:21:f0:a7:f1:2d:7d:b5:58:00:b7:9e:9c:cb:6e:22:02:
dd:e6:30:2c:e8:01:ad:d8:86:5a:49:4f:80:2e:a5:ec:1a:21:
5b:2a:f1:d8
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdnMG/qHgN8GNuS/xcxW5IWqpHOswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjA1MTEwMTMwMDhaFw0yNjA4MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDA3NzZhNDkwYmNmZDI0YTQ1ZjI1NzVlNTVjMGJlOTQxNDA2ZTFkY2NjYTkx
ZDZkZWU3MDk2NmJmODM4NDllNTYxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJbYp8klDaEUSIl8tvftQlAgTvMNf1vb74IEBa2mU2sud88DPxT/7xITBn/Z
IOUn18hFC0jtSyvJxsRI2wsZPyTFkioYh7BLB0zBWsy9YW5T0uIhVQQD5Mlrsf7D
bBXts+lqSawbtTy3lSIcT1YwknVlY62YOcCbYJ+mWxJjSqvcmJAeFVJr5nlqW4aW
uoV4t2lJlfvXU/Ws/dhdKgDKYrA3SM83V4wP7JTd+a38Jl08EGGCjY1k44uDMwew
MJ0DcLWEiEFNr55dt1RDPufXEp3nezai6dioxYEiCtvgB2TmrOERiM5eM7eglozB
LVm2fqOjZOYGGmlCWThpqIFSNOUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRLW4xV
Ak7kcltashn+wGzlDQ3ROzAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
OGQ2NjFhYWItZTZiNS00Y2EwLTgxMDktZjBlN2Y0ZDI0YzRmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8ew
MA0GCSqGSIb3DQEBCwUAA4IBAQA6JsWsXz67xcXoegNlUxokrnbXd0UPCEjR8VPG
aSBM84DwHXFmtvnXYP2yJGJLPNePPUlru9VZOHfJOjabtlQRfndJSETaoyD3clI1
J6ThVpCHuKH1IczfwBIr1GfMC/iATrxAvvkXsjX6XbzSwiZqtrHY/IHmjSsselT4
8hfn4jrHGPW3TYAOzzO9SIfVBCrHJX7CWs6WvjVb17+cHaPRgDUiDyUoPGnZ3pbi
GOAZNDiiS+k+kjkNoeb0onFj/r+YiKsMFKpPVOLe3mdu/Hnxcrh7WzvHtP+I4iHw
p/EtfbVYALeenMtuIgLd5jAs6AGt2IZaSU+ALqXsGiFbKvHY
-----END CERTIFICATE-----
Generated at Tue May 12 22:01:38 2026 by rpki-client