Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/92b566f4-9c90-4070-b5bd-f89c7da23c8a.roa
File: 92b566f4-9c90-4070-b5bd-f89c7da23c8a.roa (raw, json)
Hash identifier: 7foguIuiYDsHfKWWwxkywfuoNAxqT/8QzJMWzulS5lc=
Subject key identifier: A1:7B:5C:E8:72:79:60:B1:57:E2:66:B1:82:74:2B:7A:80:E2:0C:D4
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 476D38B558E5BC3B48CFF5F8A56EA4A0C7E9E206
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/92b566f4-9c90-4070-b5bd-f89c7da23c8a.roa
Signing time: Mon 11 May 2026 01:40:52 +0000
ROA not before: Mon 11 May 2026 01:40:52 +0000
ROA not after: Sun 09 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:4000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:6d:38:b5:58:e5:bc:3b:48:cf:f5:f8:a5:6e:a4:a0:c7:e9:e2:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: May 11 01:40:52 2026 GMT
Not After : Aug 9 23:59:59 2026 GMT
Subject: serialNumber=4b762cb1d7de9375eef204b64d87649ee57e7396f93f5e684037d977e571a320, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:6d:90:64:4f:1e:5d:58:ae:2f:4e:6b:83:a0:
a1:fe:9e:a1:1b:f1:50:9e:7e:be:3d:a9:ad:4f:f8:
2f:b9:6e:5a:cf:8d:a6:85:6c:d8:ec:31:31:63:0a:
56:3d:d0:51:f5:05:8f:e7:1c:4a:b3:a3:10:c5:3b:
d6:9d:a5:05:f6:16:3f:60:aa:de:6a:04:1d:49:d2:
64:ca:32:f8:bb:48:6b:13:8a:01:50:c2:11:27:6e:
cc:c4:e6:8c:7d:d6:45:24:ed:a9:36:76:4b:08:9c:
97:bb:41:aa:dc:a0:93:58:18:5c:40:e7:9a:5e:92:
35:09:53:73:4b:68:0c:16:4e:69:79:b8:89:1d:8c:
dd:51:41:c4:65:31:9b:44:c9:da:41:70:dc:1f:b6:
11:ae:d5:65:dc:46:7e:6d:39:73:5a:4f:ae:17:3b:
80:ae:34:fb:78:36:87:4f:94:dc:6c:36:12:ad:ce:
68:14:9b:2a:d6:65:e3:4e:21:d0:d5:39:67:a3:d2:
18:16:b7:33:b6:6b:91:55:1c:ad:91:1d:d2:a0:c1:
27:47:ca:34:cd:08:f9:d7:d7:8f:de:f8:86:6e:f8:
93:fc:e3:5e:ac:7a:4c:6c:78:75:fc:80:47:2d:e0:
71:72:3c:71:4c:e8:4f:d2:00:80:ac:24:40:93:5f:
83:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:7B:5C:E8:72:79:60:B1:57:E2:66:B1:82:74:2B:7A:80:E2:0C:D4
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/92b566f4-9c90-4070-b5bd-f89c7da23c8a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:4000::/36
Signature Algorithm: sha256WithRSAEncryption
06:3c:22:b3:d7:32:e5:7a:9f:a7:ea:b8:21:99:bb:6e:7a:3e:
3c:a1:bf:95:27:b7:61:b0:f0:f8:2e:9f:b2:ad:82:06:f6:62:
3d:d8:07:5c:45:9c:7a:d0:c1:25:71:f5:97:28:ab:a4:1c:89:
c4:c2:50:3a:1d:dc:26:61:e8:7d:00:95:2b:12:e0:b9:ce:4a:
bc:1f:7e:74:20:1a:1c:d5:42:69:97:5f:8d:2b:1c:3c:4c:41:
f1:c7:51:65:12:53:d4:dc:a0:2f:03:a0:3e:79:af:83:4f:61:
c2:6f:dc:f6:8c:6e:76:32:d5:73:60:2e:73:bb:69:3f:0f:47:
ed:86:15:9e:cc:d5:0a:ce:dd:3e:b9:41:18:bd:43:d7:38:94:
3f:29:dc:a2:6c:15:04:cc:db:6d:99:e2:2d:52:1c:0e:8a:17:
3f:94:20:02:25:da:b9:e4:9a:f6:12:2f:8c:67:a2:cd:99:1d:
ab:95:3e:7b:b9:4e:4c:b5:32:5c:1f:67:60:6e:8f:61:24:2d:
b8:a2:e3:14:d4:5c:ee:d2:83:ef:7c:cd:e2:3b:95:d6:ce:6c:
7f:2a:84:f9:42:bf:51:b4:d5:da:e9:08:ec:e2:3a:4b:89:8c:
59:0f:38:0e:c9:1c:ed:3c:46:69:fc:6d:f5:a8:76:a3:63:5d:
d0:68:dc:9e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUR204tVjlvDtIz/X4pW6koMfp4gYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjA1MTEwMTQwNTJaFw0yNjA4MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDRiNzYyY2IxZDdkZTkzNzVlZWYyMDRiNjRkODc2NDllZTU3ZTczOTZmOTNm
NWU2ODQwMzdkOTc3ZTU3MWEzMjAxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ1tkGRPHl1Yri9Oa4Ogof6eoRvxUJ5+vj2prU/4L7luWs+NpoVs2OwxMWMK
Vj3QUfUFj+ccSrOjEMU71p2lBfYWP2Cq3moEHUnSZMoy+LtIaxOKAVDCESduzMTm
jH3WRSTtqTZ2Swicl7tBqtygk1gYXEDnml6SNQlTc0toDBZOaXm4iR2M3VFBxGUx
m0TJ2kFw3B+2Ea7VZdxGfm05c1pPrhc7gK40+3g2h0+U3Gw2Eq3OaBSbKtZl404h
0NU5Z6PSGBa3M7ZrkVUcrZEd0qDBJ0fKNM0I+dfXj974hm74k/zjXqx6TGx4dfyA
Ry3gcXI8cUzoT9IAgKwkQJNfg58CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBShe1zo
cnlgsVfiZrGCdCt6gOIM1DAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
OTJiNTY2ZjQtOWM5MC00MDcwLWI1YmQtZjg5YzdkYTIzYzhhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8NA
MA0GCSqGSIb3DQEBCwUAA4IBAQAGPCKz1zLlep+n6rghmbtuej48ob+VJ7dhsPD4
Lp+yrYIG9mI92AdcRZx60MElcfWXKKukHInEwlA6HdwmYeh9AJUrEuC5zkq8H350
IBoc1UJpl1+NKxw8TEHxx1FlElPU3KAvA6A+ea+DT2HCb9z2jG52MtVzYC5zu2k/
D0fthhWezNUKzt0+uUEYvUPXOJQ/KdyibBUEzNttmeItUhwOihc/lCACJdq55Jr2
Ei+MZ6LNmR2rlT57uU5MtTJcH2dgbo9hJC24ouMU1Fzu0oPvfM3iO5XWzmx/KoT5
Qr9RtNXa6Qjs4jpLiYxZDzgOyRztPEZp/G31qHajY13QaNye
-----END CERTIFICATE-----
Generated at Tue May 12 22:18:20 2026 by rpki-client