Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/c772bd5a-4f72-4ad4-a5d0-9ed82e5f1e95.roa
File: c772bd5a-4f72-4ad4-a5d0-9ed82e5f1e95.roa (raw, json)
Hash identifier: FXnsoSbQT2tg9bruGEwaAihW00wOjpDFffUrSmmkMjk=
Subject key identifier: 7D:5D:D8:FE:32:69:C7:B8:8C:3E:F9:17:B3:DC:EA:92:63:E7:2E:66
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 76727E11688973F057644F35AD73975C73946409
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/c772bd5a-4f72-4ad4-a5d0-9ed82e5f1e95.roa
Signing time: Mon 11 May 2026 01:40:35 +0000
ROA not before: Mon 11 May 2026 01:40:35 +0000
ROA not after: Sun 09 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc6:a::/47 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:72:7e:11:68:89:73:f0:57:64:4f:35:ad:73:97:5c:73:94:64:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: May 11 01:40:35 2026 GMT
Not After : Aug 9 23:59:59 2026 GMT
Subject: serialNumber=82af402687972dc34829b2b01173778343e8f87cacc1cd8997320148aaf636c0, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:fa:89:a4:c8:8f:d6:20:29:34:b7:4e:03:5b:
97:d9:b6:e9:db:e6:32:3d:27:ce:21:02:ee:e4:a9:
57:d2:96:01:30:b3:10:18:a4:37:96:62:fd:af:8c:
27:50:c8:d6:b7:ca:e3:a6:f0:f7:2e:f2:ea:dd:9e:
a1:db:3e:5a:b3:c5:7f:a1:93:0f:77:8d:d3:4c:1a:
45:87:42:bd:3b:7d:43:12:21:0b:72:97:61:f2:66:
da:fb:e9:e2:cc:3a:00:71:7c:cd:d2:32:5c:ef:3c:
38:a1:fc:57:f2:f7:73:bc:de:df:f3:cb:36:a6:c9:
ee:fd:85:f6:c6:af:f1:2c:77:75:6d:b1:ff:08:2c:
64:d7:31:9a:07:0d:d4:9a:80:85:5c:31:de:36:09:
ab:d2:f5:fc:2e:cf:cf:51:f3:44:70:cc:b5:72:47:
10:b4:ed:e7:61:ac:c4:8e:55:92:b7:27:96:70:3f:
cd:36:81:a5:94:40:4a:a4:b9:5e:8a:0b:63:cd:d1:
f2:64:77:d8:5e:16:5f:89:37:88:b1:3e:24:51:14:
9d:cc:6b:61:99:5a:df:66:5f:e6:c4:5f:cd:a4:e9:
d9:ff:3d:3e:01:ca:62:03:15:86:48:29:87:8f:3c:
b9:3e:14:74:e1:b1:4f:3b:72:cf:7b:02:f6:f3:8c:
e7:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:5D:D8:FE:32:69:C7:B8:8C:3E:F9:17:B3:DC:EA:92:63:E7:2E:66
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/c772bd5a-4f72-4ad4-a5d0-9ed82e5f1e95.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc6:a::/47
Signature Algorithm: sha256WithRSAEncryption
04:83:e2:6f:20:c3:3e:53:10:41:5e:de:60:7c:0e:7a:bd:01:
74:07:76:38:ea:5e:45:90:ff:df:4c:d7:51:38:f2:97:61:1e:
5b:79:a6:ed:5d:d8:d3:c8:8f:b9:a9:1d:bc:0f:b1:12:38:b5:
18:ba:70:51:cc:ba:8c:c9:83:38:37:33:67:ca:de:c2:5d:97:
fb:7e:8a:d1:fa:61:bd:54:fe:5e:19:65:7d:19:b4:c7:4b:21:
06:5b:4b:87:87:d4:e9:22:37:7b:d9:41:0c:98:6a:d9:6b:dd:
95:c2:e9:d5:18:83:0a:43:d5:96:db:98:7b:b8:ea:97:e1:77:
a3:27:9e:e1:76:6b:66:b2:95:8d:1a:27:7b:9a:e7:16:af:41:
c4:19:a0:dd:fd:b7:bb:1c:38:26:9f:13:2e:63:5e:3e:73:e4:
0c:b3:f8:2f:88:02:48:4c:2d:f7:16:f0:5b:cb:a8:5e:be:9a:
30:d2:0d:9c:26:ea:3d:ef:96:bc:b6:2b:e9:45:77:df:82:7f:
f7:f8:eb:9c:2c:4f:a2:c0:0f:25:0b:1d:c4:9f:d1:6c:f0:d1:
34:ce:42:8c:50:0b:a5:06:0b:4a:85:1c:0f:b7:70:e9:b2:bb:
02:33:fd:6d:3b:9a:d6:5b:ec:e7:49:88:9d:7c:fd:51:6c:c3:
d8:eb:e2:60
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUdnJ+EWiJc/BXZE81rXOXXHOUZAkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjA1MTEwMTQwMzVaFw0yNjA4MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDgyYWY0MDI2ODc5NzJkYzM0ODI5YjJiMDExNzM3NzgzNDNlOGY4N2NhY2Mx
Y2Q4OTk3MzIwMTQ4YWFmNjM2YzAxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJj6iaTIj9YgKTS3TgNbl9m26dvmMj0nziEC7uSpV9KWATCzEBikN5Zi/a+M
J1DI1rfK46bw9y7y6t2eods+WrPFf6GTD3eN00waRYdCvTt9QxIhC3KXYfJm2vvp
4sw6AHF8zdIyXO88OKH8V/L3c7ze3/PLNqbJ7v2F9sav8Sx3dW2x/wgsZNcxmgcN
1JqAhVwx3jYJq9L1/C7Pz1HzRHDMtXJHELTt52GsxI5VkrcnlnA/zTaBpZRASqS5
XooLY83R8mR32F4WX4k3iLE+JFEUncxrYZla32Zf5sRfzaTp2f89PgHKYgMVhkgp
h488uT4UdOGxTztyz3sC9vOM530CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR9Xdj+
MmnHuIw++Rez3OqSY+cuZjAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
Yzc3MmJkNWEtNGY3Mi00YWQ0LWE1ZDAtOWVkODJlNWYxZTk1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHASABP8YA
CjANBgkqhkiG9w0BAQsFAAOCAQEABIPibyDDPlMQQV7eYHwOer0BdAd2OOpeRZD/
30zXUTjyl2EeW3mm7V3Y08iPuakdvA+xEji1GLpwUcy6jMmDODczZ8rewl2X+36K
0fphvVT+XhllfRm0x0shBltLh4fU6SI3e9lBDJhq2WvdlcLp1RiDCkPVltuYe7jq
l+F3oyee4XZrZrKVjRone5rnFq9BxBmg3f23uxw4Jp8TLmNePnPkDLP4L4gCSEwt
9xbwW8uoXr6aMNINnCbqPe+WvLYr6UV334J/9/jrnCxPosAPJQsdxJ/RbPDRNM5C
jFALpQYLSoUcD7dw6bK7AjP9bTua1lvs50mInXz9UWzD2OviYA==
-----END CERTIFICATE-----
Generated at Tue May 12 22:22:56 2026 by rpki-client