Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/d7cfce38-f111-4991-b8b5-ef1d6f0ad997.roa
File: d7cfce38-f111-4991-b8b5-ef1d6f0ad997.roa (raw, json)
Hash identifier: qDOllYOqzCdWoxsWkklHQ9iTeRhjujOxIcMXx4JIb18=
Subject key identifier: 92:E0:16:4D:63:82:C3:F2:76:6E:B2:83:67:42:08:46:D6:F2:85:76
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 6CBE9D940465B7910CE9B57BF53457E026A5DB2D
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/d7cfce38-f111-4991-b8b5-ef1d6f0ad997.roa
Signing time: Thu 07 May 2026 16:02:07 +0000
ROA not before: Thu 07 May 2026 16:02:07 +0000
ROA not after: Wed 05 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc6:20::/43 maxlen: 43
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:be:9d:94:04:65:b7:91:0c:e9:b5:7b:f5:34:57:e0:26:a5:db:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: May 7 16:02:07 2026 GMT
Not After : Aug 5 23:59:59 2026 GMT
Subject: serialNumber=1266a54d5a60982fd431d369bbddeea2c72fca8b0efd099b8d2614fc9510f4ce, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:d2:1a:5a:2d:93:b7:3e:c3:14:36:84:56:a1:
17:13:94:1c:a9:44:5e:39:7e:a7:81:78:26:2e:5e:
8f:b7:e3:a9:d1:a0:f7:13:44:4a:24:8f:5c:93:25:
a7:11:72:39:d1:1f:56:46:fd:2d:d2:fb:34:82:95:
34:8b:53:99:d6:29:84:f6:5f:b8:ce:37:49:a2:be:
63:4f:99:92:d5:0d:41:f8:8c:3c:f2:40:5f:49:42:
44:0e:52:6b:b5:93:51:7f:f1:7c:ab:bf:b7:2c:20:
b7:42:ee:b3:1f:22:cb:ab:2a:1d:21:d9:18:e5:d6:
3d:b6:18:57:ca:94:53:b5:3c:9c:ae:02:3b:59:de:
3c:df:ed:a7:23:3a:b7:52:0d:f0:a1:f1:41:8a:ca:
91:7e:e1:d5:6c:96:58:4d:fb:d5:39:5e:af:0d:69:
9e:eb:c2:d2:74:f6:6d:49:39:c4:3d:37:f4:65:15:
11:cb:14:8f:54:00:cf:eb:c3:59:12:f9:31:02:4e:
03:c9:32:a5:86:d8:7b:17:be:c8:ac:ca:d2:9c:34:
69:dc:e5:38:36:69:43:f1:dd:57:0d:7c:b2:40:16:
a0:a0:88:d1:df:38:02:e5:5b:56:f9:1b:b6:9d:e3:
40:82:6f:87:0c:80:9d:02:71:76:cd:6f:97:f6:fa:
72:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:E0:16:4D:63:82:C3:F2:76:6E:B2:83:67:42:08:46:D6:F2:85:76
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/d7cfce38-f111-4991-b8b5-ef1d6f0ad997.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc6:20::/43
Signature Algorithm: sha256WithRSAEncryption
af:42:2c:5f:4d:8e:70:e7:bc:aa:55:de:56:44:be:b7:49:80:
4e:67:f8:f2:8b:7a:00:88:9d:3d:14:e5:1f:3b:be:61:2f:36:
b3:58:27:ba:3c:3e:16:54:94:bc:9a:af:b2:46:01:3f:57:31:
ae:de:10:64:2e:a2:75:e2:a8:8f:58:22:02:74:66:c3:1a:8a:
92:3c:ad:45:f7:08:c6:48:f9:f2:c6:f4:47:36:67:5d:68:c9:
84:d6:15:80:3a:80:f4:16:f8:33:49:c4:cd:ca:1b:f0:44:e9:
37:da:37:6b:7c:23:9b:db:db:24:55:7a:be:d7:a7:45:7f:05:
1a:80:4b:d9:86:2b:4b:ef:96:44:16:b4:64:bf:55:a8:4b:aa:
94:ca:25:9f:0b:3c:48:74:0d:f7:09:14:a3:af:f9:f0:0d:23:
56:d7:3e:14:d4:f9:0e:35:6f:86:c5:06:27:01:a3:c5:30:2a:
36:31:7c:f6:0b:fd:0a:ba:35:91:1c:24:d0:c0:a7:d5:de:f9:
7e:18:a4:03:6e:10:14:c2:3e:bd:ea:d2:f3:88:d0:59:31:30:
5e:c5:c1:7e:09:05:60:e2:63:66:c8:a8:8c:37:24:71:5a:a6:
61:22:10:f3:59:d1:c1:e7:d8:b1:49:31:9b:f6:37:cf:c6:f7:
c9:ae:2c:fc
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUbL6dlARlt5EM6bV79TRX4Cal2y0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjA1MDcxNjAyMDdaFw0yNjA4MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDEyNjZhNTRkNWE2MDk4MmZkNDMxZDM2OWJiZGRlZWEyYzcyZmNhOGIwZWZk
MDk5YjhkMjYxNGZjOTUxMGY0Y2UxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOjSGlotk7c+wxQ2hFahFxOUHKlEXjl+p4F4Ji5ej7fjqdGg9xNESiSPXJMl
pxFyOdEfVkb9LdL7NIKVNItTmdYphPZfuM43SaK+Y0+ZktUNQfiMPPJAX0lCRA5S
a7WTUX/xfKu/tywgt0Lusx8iy6sqHSHZGOXWPbYYV8qUU7U8nK4CO1nePN/tpyM6
t1IN8KHxQYrKkX7h1WyWWE371Tlerw1pnuvC0nT2bUk5xD039GUVEcsUj1QAz+vD
WRL5MQJOA8kypYbYexe+yKzK0pw0adzlODZpQ/HdVw18skAWoKCI0d84AuVbVvkb
tp3jQIJvhwyAnQJxds1vl/b6chECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSS4BZN
Y4LD8nZusoNnQghG1vKFdjAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
ZDdjZmNlMzgtZjExMS00OTkxLWI4YjUtZWYxZDZmMGFkOTk3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBSABP8YA
IDANBgkqhkiG9w0BAQsFAAOCAQEAr0IsX02OcOe8qlXeVkS+t0mATmf48ot6AIid
PRTlHzu+YS82s1gnujw+FlSUvJqvskYBP1cxrt4QZC6ideKoj1giAnRmwxqKkjyt
RfcIxkj58sb0RzZnXWjJhNYVgDqA9Bb4M0nEzcob8ETpN9o3a3wjm9vbJFV6vten
RX8FGoBL2YYrS++WRBa0ZL9VqEuqlMolnws8SHQN9wkUo6/58A0jVtc+FNT5DjVv
hsUGJwGjxTAqNjF89gv9Cro1kRwk0MCn1d75fhikA24QFMI+verS84jQWTEwXsXB
fgkFYOJjZsiojDckcVqmYSIQ81nRwefYsUkxm/Y3z8b3ya4s/A==
-----END CERTIFICATE-----
Generated at Tue May 12 21:53:37 2026 by rpki-client