Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/e27e7a59-99bf-4559-b0df-87da2f6dc6e9.roa
File: e27e7a59-99bf-4559-b0df-87da2f6dc6e9.roa (raw, json)
Hash identifier: djFIdnfbAy3AGW88otH3J3Tr/Q6vvCvZCJDHBlF+REE=
Subject key identifier: E9:47:4E:E2:7E:9A:06:CF:E0:C7:6A:C7:81:EE:CC:9D:F9:B2:33:69
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 44A8724F366CB964D07D3023C74043C4758AFC31
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/e27e7a59-99bf-4559-b0df-87da2f6dc6e9.roa
Signing time: Mon 11 May 2026 01:30:25 +0000
ROA not before: Mon 11 May 2026 01:30:25 +0000
ROA not after: Sun 09 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc1:8000::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:a8:72:4f:36:6c:b9:64:d0:7d:30:23:c7:40:43:c4:75:8a:fc:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: May 11 01:30:25 2026 GMT
Not After : Aug 9 23:59:59 2026 GMT
Subject: serialNumber=ba1cf8f7f9dde5c4a09bd73d251e97ff384ae26a412db387de5ac12b2f19c97f, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:eb:4d:ae:01:18:13:0f:c8:80:33:f1:11:39:
83:75:6c:eb:8b:d8:48:c8:c6:19:0e:37:cf:ce:79:
72:e0:dc:e9:02:9f:16:8a:45:be:72:4d:63:39:d3:
96:90:4f:e8:bb:61:cf:2e:16:77:9c:81:d6:0f:06:
b4:ae:f5:04:ff:73:2c:93:fb:ac:80:cc:08:92:70:
f7:3a:cf:ed:30:9c:99:9d:ae:0e:b8:ba:be:cb:d6:
2d:f7:c0:76:e5:35:15:5f:66:86:dd:60:9e:a9:cc:
00:64:e1:64:31:cc:2e:51:7b:cc:c5:fc:c4:ab:d8:
60:cd:d2:aa:a5:fb:d1:b7:8f:93:db:7c:af:ce:f8:
20:b5:0d:56:21:86:79:38:b3:7b:62:f2:c9:69:78:
13:06:01:bf:6f:dd:81:07:fe:05:be:ae:bb:4f:15:
1c:96:e8:98:33:9d:7c:d6:25:4d:b0:d4:75:a1:33:
9d:ba:34:5a:b5:fb:70:d2:f1:82:57:99:84:29:3d:
9f:61:83:c8:40:cb:ea:6b:2f:27:15:d2:b5:82:fe:
e6:3a:4d:6e:ba:c8:05:b7:ec:b6:ac:58:0b:f2:70:
8b:c2:c1:b3:2c:b9:5d:c3:0e:b8:3f:ad:23:f0:12:
51:ba:4e:c7:1c:05:b1:bf:00:9a:86:f8:e3:5d:3b:
aa:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:47:4E:E2:7E:9A:06:CF:E0:C7:6A:C7:81:EE:CC:9D:F9:B2:33:69
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/e27e7a59-99bf-4559-b0df-87da2f6dc6e9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc1:8000::/38
Signature Algorithm: sha256WithRSAEncryption
64:7e:eb:f7:77:a0:42:dc:6e:9c:62:ce:0b:31:ca:b9:0e:ee:
06:66:f7:2e:c8:55:f5:e9:13:84:20:cd:a5:73:e4:57:1e:63:
73:30:8b:aa:9b:a8:8f:02:3d:38:21:bc:8b:31:a0:98:0f:2a:
ef:d3:bb:59:54:fb:43:fb:79:8c:26:5d:ce:6e:16:5a:14:94:
aa:73:7d:64:bd:72:2e:40:4e:2a:f6:65:f1:10:71:a9:e2:00:
28:e2:78:6b:26:0d:a0:90:a5:25:9b:9f:ad:d5:6b:bf:38:80:
98:63:d8:22:74:f7:c6:f3:0e:a6:fd:b0:68:1b:ba:a5:76:e1:
86:13:20:50:2b:5f:0c:e1:37:38:87:84:47:a9:5b:91:9a:e0:
a9:95:21:d9:ae:60:de:1c:6c:58:7b:93:c0:94:ab:38:00:b8:
c1:45:3a:aa:fd:ba:76:79:b0:27:3d:11:81:94:3d:e6:f6:57:
40:46:a7:6f:66:58:74:91:e0:73:ab:dc:ae:bf:22:89:3d:f5:
b8:99:a2:27:d1:48:30:32:d8:99:5d:90:8b:df:ac:e3:97:5f:
82:c2:1a:40:f2:0d:48:72:ae:c5:14:3d:1d:ee:44:04:33:3b:
ff:8c:fd:98:66:33:7a:d0:1d:1a:4c:bc:8a:13:58:54:38:f1:
39:be:24:5e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURKhyTzZsuWTQfTAjx0BDxHWK/DEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjA1MTEwMTMwMjVaFw0yNjA4MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGJhMWNmOGY3ZjlkZGU1YzRhMDliZDczZDI1MWU5N2ZmMzg0YWUyNmE0MTJk
YjM4N2RlNWFjMTJiMmYxOWM5N2YxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALnrTa4BGBMPyIAz8RE5g3Vs64vYSMjGGQ43z855cuDc6QKfFopFvnJNYznT
lpBP6Lthzy4Wd5yB1g8GtK71BP9zLJP7rIDMCJJw9zrP7TCcmZ2uDri6vsvWLffA
duU1FV9mht1gnqnMAGThZDHMLlF7zMX8xKvYYM3SqqX70bePk9t8r874ILUNViGG
eTize2LyyWl4EwYBv2/dgQf+Bb6uu08VHJbomDOdfNYlTbDUdaEznbo0WrX7cNLx
gleZhCk9n2GDyEDL6msvJxXStYL+5jpNbrrIBbfstqxYC/Jwi8LBsyy5XcMOuD+t
I/ASUbpOxxwFsb8Amob44107qrkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTpR07i
fpoGz+DHaseB7syd+bIzaTAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
ZTI3ZTdhNTktOTliZi00NTU5LWIwZGYtODdkYTJmNmRjNmU5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAiABP8GA
MA0GCSqGSIb3DQEBCwUAA4IBAQBkfuv3d6BC3G6cYs4LMcq5Du4GZvcuyFX16ROE
IM2lc+RXHmNzMIuqm6iPAj04IbyLMaCYDyrv07tZVPtD+3mMJl3ObhZaFJSqc31k
vXIuQE4q9mXxEHGp4gAo4nhrJg2gkKUlm5+t1Wu/OICYY9gidPfG8w6m/bBoG7ql
duGGEyBQK18M4Tc4h4RHqVuRmuCplSHZrmDeHGxYe5PAlKs4ALjBRTqq/bp2ebAn
PRGBlD3m9ldARqdvZlh0keBzq9yuvyKJPfW4maIn0UgwMtiZXZCL36zjl1+CwhpA
8g1Icq7FFD0d7kQEMzv/jP2YZjN60B0aTLyKE1hUOPE5viRe
-----END CERTIFICATE-----
Generated at Tue May 12 22:38:01 2026 by rpki-client