Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/dbbae141-16d6-4005-935c-887ace4080ba.roa
File: dbbae141-16d6-4005-935c-887ace4080ba.roa (raw, json)
Hash identifier: 6UydIfPcNr/44ha9ZPYAKvvfeHl19pHqEljDp8jPfxo=
Subject key identifier: 82:8B:48:15:66:38:D5:D1:3F:51:8F:48:45:C7:BA:82:8D:B4:22:3A
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 40D32D84755018E274254F0FD17FD63981257C10
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/dbbae141-16d6-4005-935c-887ace4080ba.roa
Signing time: Mon 11 May 2026 01:30:23 +0000
ROA not before: Mon 11 May 2026 01:30:23 +0000
ROA not after: Sun 09 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:f8c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:d3:2d:84:75:50:18:e2:74:25:4f:0f:d1:7f:d6:39:81:25:7c:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: May 11 01:30:23 2026 GMT
Not After : Aug 9 23:59:59 2026 GMT
Subject: serialNumber=6e24295eee4be0f7c118e776b6f47a61ea028d159afea55dfa9739f0833e3722, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:4b:50:01:f4:ae:d2:7a:94:47:d4:96:72:10:
d5:e3:93:59:96:29:1b:ee:02:93:02:94:07:98:f3:
45:96:bc:4a:3f:3f:c5:9b:15:8e:cc:db:ac:02:14:
a5:d0:98:87:37:b9:d8:c7:b7:51:4d:9f:21:5a:f3:
0d:b0:9d:c6:53:01:90:e6:e9:65:cf:bb:bc:1e:77:
27:28:fc:0c:3b:cd:ec:2f:29:ea:c8:90:0d:ad:10:
0d:22:86:92:f9:fa:49:8e:59:ab:56:e9:ca:c6:44:
dd:af:4e:ec:39:8b:02:2f:ba:6c:bf:d5:8d:b2:fb:
5e:c6:2d:6c:bd:cb:61:6f:99:8c:6f:3d:5d:f7:a9:
4a:92:25:bf:e3:2d:93:bb:26:bb:ce:5a:7f:6c:0f:
18:b7:46:88:e8:df:9e:1f:06:a7:86:99:c7:be:de:
80:24:c9:0e:f0:65:5e:d6:ed:d5:25:90:6a:70:36:
26:82:03:3c:b8:32:10:41:32:ec:15:ea:4d:b9:da:
3c:16:c8:b2:24:74:78:6b:a3:a3:04:fd:b5:a5:b9:
a4:44:63:a8:03:b0:79:20:92:6f:2e:c8:20:c2:b5:
a7:c6:48:0c:e3:49:c7:ff:3e:9a:93:40:18:f8:e9:
4a:9a:17:68:1d:b8:17:61:0f:51:03:58:4a:6d:d5:
8c:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:8B:48:15:66:38:D5:D1:3F:51:8F:48:45:C7:BA:82:8D:B4:22:3A
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/dbbae141-16d6-4005-935c-887ace4080ba.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:f8c0::/48
Signature Algorithm: sha256WithRSAEncryption
20:c4:df:9e:ee:c6:ad:f8:17:22:73:7a:92:e2:b5:b3:6e:60:
16:85:19:4f:c5:ba:3f:a5:af:9a:d9:d9:33:ad:24:89:5d:82:
09:ac:28:b0:13:16:c2:3e:54:a7:e5:b5:fd:09:c2:53:6b:dd:
f0:a7:94:7e:e1:db:b7:42:d5:ea:f1:a2:1e:4f:cc:7d:d3:e6:
a6:27:61:f2:fe:d1:81:21:b5:59:90:92:3c:f1:0f:61:7b:82:
a9:32:c8:f6:eb:21:de:d2:98:52:10:6f:10:89:22:f7:ad:85:
94:7f:22:40:b5:4f:a5:36:3f:d1:34:b5:ae:cc:9f:ef:3e:9f:
bd:87:74:ff:90:73:54:78:c4:74:1b:bd:98:85:18:8d:68:18:
f9:47:08:a2:35:d5:ae:f3:c5:09:2f:eb:68:eb:81:83:4c:f8:
1a:71:ce:c0:29:a1:98:52:8a:e7:5e:d7:4f:82:fa:88:4a:03:
75:cf:bf:64:f2:3a:b8:ea:59:1a:d7:fc:45:01:0a:c2:17:0d:
ed:a3:68:0b:4a:e8:da:ac:19:ea:f3:eb:59:47:87:2a:88:3d:
95:fd:7b:30:29:33:2b:8b:6d:f1:ca:c4:e1:a3:e4:90:3a:4a:
65:de:a5:b9:c1:c9:a5:7f:f5:90:3e:74:56:9c:4e:b0:cf:1b:
20:6d:77:c5
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUQNMthHVQGOJ0JU8P0X/WOYElfBAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjA1MTEwMTMwMjNaFw0yNjA4MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDZlMjQyOTVlZWU0YmUwZjdjMTE4ZTc3NmI2ZjQ3YTYxZWEwMjhkMTU5YWZl
YTU1ZGZhOTczOWYwODMzZTM3MjIxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMVLUAH0rtJ6lEfUlnIQ1eOTWZYpG+4CkwKUB5jzRZa8Sj8/xZsVjszbrAIU
pdCYhze52Me3UU2fIVrzDbCdxlMBkObpZc+7vB53Jyj8DDvN7C8p6siQDa0QDSKG
kvn6SY5Zq1bpysZE3a9O7DmLAi+6bL/VjbL7XsYtbL3LYW+ZjG89XfepSpIlv+Mt
k7smu85af2wPGLdGiOjfnh8Gp4aZx77egCTJDvBlXtbt1SWQanA2JoIDPLgyEEEy
7BXqTbnaPBbIsiR0eGujowT9taW5pERjqAOweSCSby7IIMK1p8ZIDONJx/8+mpNA
GPjpSpoXaB24F2EPUQNYSm3VjI0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSCi0gV
ZjjV0T9Rj0hFx7qCjbQiOjAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
ZGJiYWUxNDEtMTZkNi00MDA1LTkzNWMtODg3YWNlNDA4MGJhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8f4
wDANBgkqhkiG9w0BAQsFAAOCAQEAIMTfnu7GrfgXInN6kuK1s25gFoUZT8W6P6Wv
mtnZM60kiV2CCawosBMWwj5Up+W1/QnCU2vd8KeUfuHbt0LV6vGiHk/MfdPmpidh
8v7RgSG1WZCSPPEPYXuCqTLI9ush3tKYUhBvEIki962FlH8iQLVPpTY/0TS1rsyf
7z6fvYd0/5BzVHjEdBu9mIUYjWgY+UcIojXVrvPFCS/raOuBg0z4GnHOwCmhmFKK
517XT4L6iEoDdc+/ZPI6uOpZGtf8RQEKwhcN7aNoC0ro2qwZ6vPrWUeHKog9lf17
MCkzK4tt8crE4aPkkDpKZd6lucHJpX/1kD50VpxOsM8bIG13xQ==
-----END CERTIFICATE-----
Generated at Tue May 12 22:28:43 2026 by rpki-client