Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/9a1e6435-6342-4b18-94d7-27beb2ce0519.roa
File: 9a1e6435-6342-4b18-94d7-27beb2ce0519.roa (raw, json)
Hash identifier: deE6iCEXZe82vF9Ae4xeVKwWqUsD394dzherMfJ2E+g=
Subject key identifier: 66:B5:87:06:A1:83:7E:CA:06:3A:01:08:60:B4:EC:45:E7:D6:C7:02
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 1CFFDD3BA2BA560CA92DCCCD96EAEC22B6D5287C
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/9a1e6435-6342-4b18-94d7-27beb2ce0519.roa
Signing time: Mon 11 May 2026 01:30:27 +0000
ROA not before: Mon 11 May 2026 01:30:27 +0000
ROA not after: Sun 09 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:a000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:ff:dd:3b:a2:ba:56:0c:a9:2d:cc:cd:96:ea:ec:22:b6:d5:28:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: May 11 01:30:27 2026 GMT
Not After : Aug 9 23:59:59 2026 GMT
Subject: serialNumber=9f53b89e31e0d31cbc157189c7299f3d22fd559c365f267cad14d74ff10b0775, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:de:e4:f3:35:fa:7d:6a:49:08:6b:67:0a:16:
ac:0b:37:ee:92:33:4e:f2:a3:af:02:9c:6a:e7:54:
ab:58:32:90:d6:2b:62:0b:24:5a:9a:c9:93:e7:47:
a8:aa:33:8a:b9:ff:f9:1e:a1:76:f1:eb:85:84:e6:
e3:18:db:8c:d9:9f:14:79:1e:e5:8e:3d:83:21:52:
6c:44:3b:de:98:f5:81:84:b5:ca:27:9e:af:77:fc:
67:23:5d:bf:22:f8:42:1e:cc:44:f5:9c:2d:e1:10:
fe:32:09:85:0e:bb:e9:58:4b:18:d3:39:f2:0b:d2:
4c:46:97:72:3b:7c:de:d4:85:42:75:0b:a5:6f:e4:
5f:4e:03:44:cd:33:15:a6:32:da:70:aa:64:e0:d6:
46:9c:61:e7:5d:03:f4:c3:e3:27:6e:1c:b3:88:2e:
2e:bb:d1:93:a1:62:ff:31:c1:5e:20:b0:96:c0:06:
48:c9:c6:29:03:b9:4d:81:11:e3:02:ab:bb:f5:61:
47:ea:03:df:4f:3b:5e:13:f4:da:f2:45:44:8a:7b:
2d:3e:5e:0d:76:9a:5b:9c:89:42:fb:f0:52:05:74:
fa:93:73:81:97:bd:34:a2:bb:a9:4e:f9:e6:91:17:
54:a0:dd:17:09:87:bb:a2:59:e9:7d:b5:24:f4:93:
7e:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:B5:87:06:A1:83:7E:CA:06:3A:01:08:60:B4:EC:45:E7:D6:C7:02
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/9a1e6435-6342-4b18-94d7-27beb2ce0519.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:a000::/36
Signature Algorithm: sha256WithRSAEncryption
7a:32:ac:03:1d:88:92:ac:0e:9f:01:7f:14:7d:67:dc:9d:22:
e7:de:73:af:a5:fa:60:02:c1:c6:78:ec:08:b2:68:a8:cf:d7:
83:e9:b0:5c:ef:44:53:20:8e:60:0d:bd:9f:41:99:55:f8:62:
08:f5:4f:77:24:89:00:39:2c:1f:3f:0b:69:69:b2:b0:97:2a:
a6:90:b7:4a:e6:f2:22:2a:43:bd:69:1e:a5:ac:13:e1:68:c6:
fc:17:31:18:34:2f:3f:6d:b8:8d:86:dd:c7:a4:59:e1:44:1f:
9f:25:c0:55:32:36:2b:e5:46:80:62:3f:59:b7:7c:9f:be:45:
20:c6:b6:d6:db:84:f0:80:7d:68:fd:39:61:f7:03:e3:fd:71:
1d:04:f1:6b:2e:8f:f1:28:ab:1e:17:67:07:30:bc:a2:d4:63:
cd:2c:c2:65:6d:12:a9:f3:75:09:7d:c9:db:de:2e:83:40:79:
4b:65:5c:b3:86:23:94:0c:46:2f:90:80:70:28:f0:1e:26:6d:
69:ef:1f:2c:b1:9f:ad:b7:f4:6e:11:5e:d1:ee:81:4c:67:70:
be:1c:9e:f8:a0:ca:23:f3:98:4e:ef:04:c4:ee:4e:2a:75:84:
96:f6:d3:7a:90:ca:7a:ef:a9:08:01:31:ed:48:e1:50:74:65:
01:46:a7:0a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHP/dO6K6VgypLczNlursIrbVKHwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjA1MTEwMTMwMjdaFw0yNjA4MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDlmNTNiODllMzFlMGQzMWNiYzE1NzE4OWM3Mjk5ZjNkMjJmZDU1OWMzNjVm
MjY3Y2FkMTRkNzRmZjEwYjA3NzUxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALXe5PM1+n1qSQhrZwoWrAs37pIzTvKjrwKcaudUq1gykNYrYgskWprJk+dH
qKozirn/+R6hdvHrhYTm4xjbjNmfFHke5Y49gyFSbEQ73pj1gYS1yieer3f8ZyNd
vyL4Qh7MRPWcLeEQ/jIJhQ676VhLGNM58gvSTEaXcjt83tSFQnULpW/kX04DRM0z
FaYy2nCqZODWRpxh510D9MPjJ24cs4guLrvRk6Fi/zHBXiCwlsAGSMnGKQO5TYER
4wKru/VhR+oD3087XhP02vJFRIp7LT5eDXaaW5yJQvvwUgV0+pNzgZe9NKK7qU75
5pEXVKDdFwmHu6JZ6X21JPSTflECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRmtYcG
oYN+ygY6AQhgtOxF59bHAjAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
OWExZTY0MzUtNjM0Mi00YjE4LTk0ZDctMjdiZWIyY2UwNTE5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8eg
MA0GCSqGSIb3DQEBCwUAA4IBAQB6MqwDHYiSrA6fAX8UfWfcnSLn3nOvpfpgAsHG
eOwIsmioz9eD6bBc70RTII5gDb2fQZlV+GII9U93JIkAOSwfPwtpabKwlyqmkLdK
5vIiKkO9aR6lrBPhaMb8FzEYNC8/bbiNht3HpFnhRB+fJcBVMjYr5UaAYj9Zt3yf
vkUgxrbW24TwgH1o/Tlh9wPj/XEdBPFrLo/xKKseF2cHMLyi1GPNLMJlbRKp83UJ
fcnb3i6DQHlLZVyzhiOUDEYvkIBwKPAeJm1p7x8ssZ+tt/RuEV7R7oFMZ3C+HJ74
oMoj85hO7wTE7k4qdYSW9tN6kMp676kIATHtSOFQdGUBRqcK
-----END CERTIFICATE-----
Generated at Tue May 12 22:18:37 2026 by rpki-client