Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/a2cac7c7-df41-4db6-b8bd-1b27d0ffc119.roa
File: a2cac7c7-df41-4db6-b8bd-1b27d0ffc119.roa (raw, json)
Hash identifier: Pg21vfZTg8Ll/x4xmPcteBDVGMWJecu9w1XfsE4wP8o=
Subject key identifier: 6D:44:5F:28:CE:90:72:E0:4E:53:A9:7B:1A:1B:1F:2E:1E:0F:7E:B0
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 20B0AF696391DF7531FB915F3EC8325B99051DFF
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/a2cac7c7-df41-4db6-b8bd-1b27d0ffc119.roa
Signing time: Mon 11 May 2026 01:30:09 +0000
ROA not before: Mon 11 May 2026 01:30:09 +0000
ROA not after: Sun 09 Aug 2026 23:59:59 +0000
asID: 7224
IP address blocks: 2001:3fc7:d000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:b0:af:69:63:91:df:75:31:fb:91:5f:3e:c8:32:5b:99:05:1d:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: May 11 01:30:09 2026 GMT
Not After : Aug 9 23:59:59 2026 GMT
Subject: serialNumber=1d1e2906f1b63c3a0861f652f5f48d3d30efe5a509c7cb269bf0924dd081dc53, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:42:b9:18:33:8a:b7:4e:09:29:53:ef:bb:02:
c6:b0:af:29:88:c7:4b:df:24:63:0b:8a:e4:6e:62:
8f:2c:f7:ca:a7:5f:b3:dc:2d:42:e2:af:ec:1e:83:
51:24:a4:6e:05:39:b6:4d:99:62:a5:b9:63:4d:a5:
99:23:f0:1d:bd:9c:91:c6:ce:0e:f3:47:07:49:e7:
f4:62:e6:b7:7a:9b:e8:b6:21:e5:a7:4f:a8:46:f9:
4b:81:a4:90:f7:d0:53:c0:c0:58:23:94:8f:7c:6d:
c7:58:58:5e:a2:24:76:1c:76:42:11:f4:33:65:46:
54:ce:3e:c4:9b:3d:28:f2:ac:3f:fc:98:3d:83:cd:
09:9b:a9:45:23:11:22:74:59:32:aa:df:de:00:bd:
48:df:fd:36:50:f8:74:8e:f3:dc:59:a7:30:0f:f6:
92:6e:ee:00:b5:e4:46:6f:c1:64:0d:0c:01:f2:69:
8e:20:e7:df:2e:fd:06:2f:72:3a:f8:aa:0d:ac:87:
fc:97:b1:6f:44:11:c9:37:17:8e:32:e6:d7:d2:dc:
30:ed:d6:ac:00:f4:04:db:7e:87:58:39:11:9e:18:
6f:fd:16:e0:88:92:f8:46:35:a2:dc:51:4e:a2:6f:
d5:a7:f2:b8:74:d8:ee:27:20:b3:89:72:2f:80:7b:
78:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:44:5F:28:CE:90:72:E0:4E:53:A9:7B:1A:1B:1F:2E:1E:0F:7E:B0
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/a2cac7c7-df41-4db6-b8bd-1b27d0ffc119.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:d000::/36
Signature Algorithm: sha256WithRSAEncryption
0e:aa:85:88:23:f1:b8:b0:17:29:66:ff:41:cb:70:91:ce:bb:
f9:5f:9b:49:76:be:9b:16:3e:2d:85:bd:27:61:14:00:f9:68:
b4:eb:f8:a4:3c:95:d1:0b:25:9d:b6:a1:35:47:05:f0:16:71:
97:a4:1e:af:7e:85:26:21:d7:c3:50:cd:7c:15:40:f6:68:28:
7f:17:19:e5:1a:42:b7:8a:54:59:8a:4b:ef:a9:14:03:0a:f0:
fc:d0:88:db:95:b0:cf:86:41:75:f2:92:29:7e:2b:cb:b1:f9:
4a:d2:39:94:e9:b8:10:b1:45:1d:cc:65:8d:e1:9e:7f:d7:8f:
79:e8:16:89:72:9d:0a:97:f5:2d:b8:e0:e9:00:75:8c:8e:7d:
2e:55:13:06:4b:2d:ea:1d:ef:e6:c4:df:dc:c0:85:ce:ea:f2:
e9:6c:fe:f7:d6:65:78:23:26:2c:9b:88:3d:1d:8e:ce:55:cb:
92:f1:a4:d0:bc:39:7b:6a:0e:55:ab:0b:07:b2:2a:e5:a0:5d:
0e:b8:67:1c:25:2f:bf:37:06:24:66:22:ee:06:5a:85:f9:af:
3d:d6:89:69:ca:d5:83:4e:3c:b2:8b:20:e9:71:20:d6:e0:fb:
fa:15:4f:1c:da:59:f6:bb:57:d5:c4:8f:17:48:1e:94:0b:49:
e9:e9:08:6d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUILCvaWOR33Ux+5FfPsgyW5kFHf8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjA1MTEwMTMwMDlaFw0yNjA4MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDFkMWUyOTA2ZjFiNjNjM2EwODYxZjY1MmY1ZjQ4ZDNkMzBlZmU1YTUwOWM3
Y2IyNjliZjA5MjRkZDA4MWRjNTMxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK1CuRgzirdOCSlT77sCxrCvKYjHS98kYwuK5G5ijyz3yqdfs9wtQuKv7B6D
USSkbgU5tk2ZYqW5Y02lmSPwHb2ckcbODvNHB0nn9GLmt3qb6LYh5adPqEb5S4Gk
kPfQU8DAWCOUj3xtx1hYXqIkdhx2QhH0M2VGVM4+xJs9KPKsP/yYPYPNCZupRSMR
InRZMqrf3gC9SN/9NlD4dI7z3FmnMA/2km7uALXkRm/BZA0MAfJpjiDn3y79Bi9y
OviqDayH/Jexb0QRyTcXjjLm19LcMO3WrAD0BNt+h1g5EZ4Yb/0W4IiS+EY1otxR
TqJv1afyuHTY7icgs4lyL4B7eLUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRtRF8o
zpBy4E5TqXsaGx8uHg9+sDAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
YTJjYWM3YzctZGY0MS00ZGI2LWI4YmQtMWIyN2QwZmZjMTE5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8fQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAOqoWII/G4sBcpZv9By3CRzrv5X5tJdr6bFj4t
hb0nYRQA+Wi06/ikPJXRCyWdtqE1RwXwFnGXpB6vfoUmIdfDUM18FUD2aCh/Fxnl
GkK3ilRZikvvqRQDCvD80IjblbDPhkF18pIpfivLsflK0jmU6bgQsUUdzGWN4Z5/
14956BaJcp0Kl/UtuODpAHWMjn0uVRMGSy3qHe/mxN/cwIXO6vLpbP731mV4IyYs
m4g9HY7OVcuS8aTQvDl7ag5VqwsHsirloF0OuGccJS+/NwYkZiLuBlqF+a891olp
ytWDTjyyiyDpcSDW4Pv6FU8c2ln2u1fVxI8XSB6UC0np6Qht
-----END CERTIFICATE-----
Generated at Wed May 13 00:18:22 2026 by rpki-client