Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/b1191abf-2871-473a-8ee2-a2089f6894a7.roa
File: b1191abf-2871-473a-8ee2-a2089f6894a7.roa (raw, json)
Hash identifier: DcXiNXY09V2umLSAVLannObHixeCNLm7350Uv27PbII=
Subject key identifier: DC:88:67:CD:8D:9B:E9:BF:C1:88:A8:37:C8:C1:FB:CF:51:A9:87:C4
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 03F9B8AF081024BCDD760796B87AB0542A92DD42
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/b1191abf-2871-473a-8ee2-a2089f6894a7.roa
Signing time: Mon 11 May 2026 01:40:56 +0000
ROA not before: Mon 11 May 2026 01:40:56 +0000
ROA not after: Sun 09 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:2840::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:f9:b8:af:08:10:24:bc:dd:76:07:96:b8:7a:b0:54:2a:92:dd:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: May 11 01:40:56 2026 GMT
Not After : Aug 9 23:59:59 2026 GMT
Subject: serialNumber=b6b79e75e78c0f5dca768ceaa1763cdd75cfa8f13f5d231ad0890d0f37893025, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:ed:b5:47:d7:a0:61:3e:6c:d1:db:46:1f:68:
00:54:be:53:27:af:51:8a:c0:90:9b:a9:60:00:c5:
a6:d3:80:ae:2c:49:85:c3:f7:e2:36:8c:b6:f2:a7:
c7:1c:6c:76:10:ad:c0:89:6d:3f:39:47:ce:23:31:
94:8c:a5:9d:67:1d:64:8b:2b:f9:27:51:9c:98:44:
fa:bd:bc:46:80:bd:ea:ad:fe:c7:da:c5:18:81:72:
ea:4a:0b:b9:74:f1:37:69:a6:7a:65:a5:ff:cd:14:
1c:3f:86:51:42:6f:c3:51:6e:9a:80:cd:b1:5a:91:
c8:8e:1d:9e:3a:43:e6:cc:c5:ac:1e:2f:bb:96:12:
0c:7a:db:48:45:fa:17:a0:f1:85:f7:30:d1:25:56:
d2:6d:28:74:1e:04:3b:7e:ac:37:49:0b:df:46:3a:
56:87:c2:06:ab:9a:51:a0:de:c0:5e:dd:07:d0:32:
01:fe:b8:e1:80:43:70:e5:21:c5:e1:b9:0f:4f:6e:
14:2a:92:e1:6e:bc:36:4a:79:19:89:68:19:dc:c6:
e8:91:83:1b:0b:1f:6b:98:32:46:0a:d4:64:c9:5c:
03:49:68:ba:f4:8c:ef:8e:3e:33:89:49:18:00:c4:
8d:39:4e:61:a1:f4:2e:b1:d4:21:46:da:6a:22:de:
f8:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:88:67:CD:8D:9B:E9:BF:C1:88:A8:37:C8:C1:FB:CF:51:A9:87:C4
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/b1191abf-2871-473a-8ee2-a2089f6894a7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:2840::/48
Signature Algorithm: sha256WithRSAEncryption
6a:55:58:9a:8e:56:fb:ef:d3:dc:64:34:af:03:d9:72:f1:da:
2f:b5:51:07:06:7b:ff:69:a7:e5:3b:65:a8:8e:b1:c8:b5:58:
f7:6c:00:7d:d6:77:fb:0a:1f:14:bf:c3:eb:9d:3b:58:26:85:
43:0e:67:89:00:9a:cc:3c:0d:34:34:41:21:47:c0:36:e1:dd:
78:53:08:0a:29:92:f3:3b:ef:29:e6:eb:b3:5d:3b:de:6c:39:
5c:11:33:14:49:11:7f:ef:65:f5:f1:eb:f7:6f:2e:eb:3e:e1:
4b:48:94:76:d7:93:3d:78:6f:df:03:45:9a:45:52:f2:8d:28:
24:bc:82:cf:b0:36:fe:cf:8b:28:a9:4c:49:ba:33:d3:24:8c:
2f:ef:25:63:71:18:14:49:0d:97:92:7a:cc:81:6d:55:e9:4d:
fb:69:97:df:ed:0a:3b:51:b5:5e:ee:17:31:4d:f1:b1:49:bf:
d2:32:77:e1:af:ef:88:67:c4:39:49:b7:b8:89:6c:b2:d8:b4:
bc:d0:ff:50:3b:26:b6:f6:e8:0f:4f:9a:c5:5f:9c:4e:26:4e:
02:ef:c6:a8:62:75:9e:31:41:c1:59:1e:5a:eb:71:11:2c:39:
8e:a9:45:24:6d:3d:31:02:75:26:17:8e:f9:ed:4c:86:2d:27:
94:4b:c1:02
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUA/m4rwgQJLzddgeWuHqwVCqS3UIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjA1MTEwMTQwNTZaFw0yNjA4MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGI2Yjc5ZTc1ZTc4YzBmNWRjYTc2OGNlYWExNzYzY2RkNzVjZmE4ZjEzZjVk
MjMxYWQwODkwZDBmMzc4OTMwMjUxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANHttUfXoGE+bNHbRh9oAFS+UyevUYrAkJupYADFptOArixJhcP34jaMtvKn
xxxsdhCtwIltPzlHziMxlIylnWcdZIsr+SdRnJhE+r28RoC96q3+x9rFGIFy6koL
uXTxN2mmemWl/80UHD+GUUJvw1FumoDNsVqRyI4dnjpD5szFrB4vu5YSDHrbSEX6
F6Dxhfcw0SVW0m0odB4EO36sN0kL30Y6VofCBquaUaDewF7dB9AyAf644YBDcOUh
xeG5D09uFCqS4W68Nkp5GYloGdzG6JGDGwsfa5gyRgrUZMlcA0louvSM744+M4lJ
GADEjTlOYaH0LrHUIUbaaiLe+P8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTciGfN
jZvpv8GIqDfIwfvPUamHxDAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
YjExOTFhYmYtMjg3MS00NzNhLThlZTItYTIwODlmNjg5NGE3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8co
QDANBgkqhkiG9w0BAQsFAAOCAQEAalVYmo5W++/T3GQ0rwPZcvHaL7VRBwZ7/2mn
5TtlqI6xyLVY92wAfdZ3+wofFL/D6507WCaFQw5niQCazDwNNDRBIUfANuHdeFMI
CimS8zvvKebrs1073mw5XBEzFEkRf+9l9fHr928u6z7hS0iUdteTPXhv3wNFmkVS
8o0oJLyCz7A2/s+LKKlMSboz0ySML+8lY3EYFEkNl5J6zIFtVelN+2mX3+0KO1G1
Xu4XMU3xsUm/0jJ34a/viGfEOUm3uIlssti0vND/UDsmtvboD0+axV+cTiZOAu/G
qGJ1njFBwVkeWutxESw5jqlFJG09MQJ1JheO+e1Mhi0nlEvBAg==
-----END CERTIFICATE-----
Generated at Tue May 12 22:12:11 2026 by rpki-client