Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/e4b894f5-1ea3-4cb8-b18b-66c26209110d.roa
File: e4b894f5-1ea3-4cb8-b18b-66c26209110d.roa (raw, json)
Hash identifier: ZJUxKjMoHl1vmz2GvvAc+lh2fwSHjteL3Gk0tf6At9k=
Subject key identifier: C2:66:C4:82:0B:ED:01:5E:3D:BC:00:83:76:48:65:31:2D:E3:E6:57
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 440A3121971077D9642DC3294B60D801DD5E68F6
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/e4b894f5-1ea3-4cb8-b18b-66c26209110d.roa
Signing time: Wed 06 May 2026 20:32:13 +0000
ROA not before: Wed 06 May 2026 20:32:13 +0000
ROA not after: Tue 04 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc5:1040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:0a:31:21:97:10:77:d9:64:2d:c3:29:4b:60:d8:01:dd:5e:68:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: May 6 20:32:13 2026 GMT
Not After : Aug 4 23:59:59 2026 GMT
Subject: serialNumber=f7e6a8306d28fa9ad66bcd6eab6662f1d214c29148e0df273f8be45e6528eeda, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:2a:8e:c2:a9:69:1f:37:6c:66:21:5c:df:ef:
31:63:65:97:db:53:d0:8f:54:12:7f:be:0d:e4:13:
c5:9e:81:1b:c0:dd:bf:3b:f4:18:45:f5:d2:d6:5e:
6d:5b:da:f9:66:30:7c:bd:6a:fb:42:05:cb:d6:12:
0d:c1:d1:a7:49:f7:cb:4a:96:06:77:56:f7:7a:06:
7c:d5:13:2c:0e:7d:7e:ab:c9:1e:e6:91:28:77:c9:
44:63:cf:9a:a3:3f:c0:bc:50:09:db:73:5a:48:d8:
37:cb:3d:ca:22:87:d4:0b:c7:38:af:79:0f:88:0d:
11:00:5c:45:04:ae:9a:45:89:54:47:29:19:5e:a0:
ca:10:26:de:27:64:e8:56:2c:c6:40:41:1c:90:74:
92:d6:10:00:f9:eb:fe:e1:0f:46:25:17:90:c4:d7:
46:2a:82:64:83:5b:6f:d9:c1:f5:db:d8:33:78:45:
f8:bc:9b:72:77:b5:a8:32:88:99:52:7d:c7:87:eb:
8d:6d:a2:b6:ff:dc:cb:4c:0b:e0:20:f3:4f:c8:b3:
d4:0f:6d:c4:5c:ce:b0:18:cb:c5:d2:b0:0c:81:65:
03:8e:82:f5:ef:85:cf:69:6d:ad:64:32:a8:03:c1:
40:34:03:e6:f5:ab:72:74:e4:1c:0b:37:5b:c1:44:
e6:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:66:C4:82:0B:ED:01:5E:3D:BC:00:83:76:48:65:31:2D:E3:E6:57
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/e4b894f5-1ea3-4cb8-b18b-66c26209110d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc5:1040::/48
Signature Algorithm: sha256WithRSAEncryption
53:73:88:d5:cc:28:33:a4:b7:50:02:28:58:cd:45:ba:33:fa:
1d:d7:3e:dc:a7:d2:7c:6b:1a:3f:94:9f:21:35:15:54:d9:5d:
04:ac:ff:42:c3:10:08:6c:a8:d8:2d:b4:23:61:68:ee:28:4b:
35:ee:51:ab:f2:76:76:bc:1c:9f:b0:17:4b:eb:48:a9:89:64:
ac:d2:0d:cd:ad:61:6c:52:54:68:0b:87:f1:04:17:10:3e:6e:
34:9e:19:a4:a0:1e:23:5f:0c:67:9d:9a:18:21:f5:19:0f:90:
6d:3e:5c:1c:35:ee:f2:ce:19:ff:29:28:51:03:8b:92:9e:51:
97:64:37:76:68:c7:16:66:d4:1a:74:5f:e8:85:4f:74:c9:af:
0b:22:75:56:0c:bf:6e:e0:81:2b:a5:57:48:b7:f2:ff:7a:d0:
58:7f:0b:7a:e8:00:ab:f0:f6:0e:5c:de:00:bb:94:25:cb:23:
e7:e0:09:95:85:ce:55:65:fa:e3:af:8a:f7:4b:3d:59:17:fe:
be:34:fe:0c:91:08:0d:6b:af:65:f5:cb:f4:b5:10:28:64:06:
7f:4b:4c:58:6a:db:c2:70:bf:68:76:0d:d4:fc:19:2d:7e:db:
c0:0c:83:21:34:5d:28:97:23:2c:7e:93:0b:d4:05:83:c4:e7:
d8:51:f9:c2
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIURAoxIZcQd9lkLcMpS2DYAd1eaPYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjA1MDYyMDMyMTNaFw0yNjA4MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQGY3ZTZhODMwNmQyOGZhOWFkNjZiY2Q2ZWFiNjY2MmYxZDIxNGMyOTE0OGUw
ZGYyNzNmOGJlNDVlNjUyOGVlZGExLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMIqjsKpaR83bGYhXN/vMWNll9tT0I9UEn++DeQTxZ6BG8Ddvzv0GEX10tZe
bVva+WYwfL1q+0IFy9YSDcHRp0n3y0qWBndW93oGfNUTLA59fqvJHuaRKHfJRGPP
mqM/wLxQCdtzWkjYN8s9yiKH1AvHOK95D4gNEQBcRQSumkWJVEcpGV6gyhAm3idk
6FYsxkBBHJB0ktYQAPnr/uEPRiUXkMTXRiqCZINbb9nB9dvYM3hF+Lybcne1qDKI
mVJ9x4frjW2itv/cy0wL4CDzT8iz1A9txFzOsBjLxdKwDIFlA46C9e+Fz2ltrWQy
qAPBQDQD5vWrcnTkHAs3W8FE5vkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTCZsSC
C+0BXj28AIN2SGUxLePmVzAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
ZTRiODk0ZjUtMWVhMy00Y2I4LWIxOGItNjZjMjYyMDkxMTBkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8UQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAU3OI1cwoM6S3UAIoWM1FujP6Hdc+3KfSfGsa
P5SfITUVVNldBKz/QsMQCGyo2C20I2Fo7ihLNe5Rq/J2drwcn7AXS+tIqYlkrNIN
za1hbFJUaAuH8QQXED5uNJ4ZpKAeI18MZ52aGCH1GQ+QbT5cHDXu8s4Z/ykoUQOL
kp5Rl2Q3dmjHFmbUGnRf6IVPdMmvCyJ1Vgy/buCBK6VXSLfy/3rQWH8LeugAq/D2
DlzeALuUJcsj5+AJlYXOVWX646+K90s9WRf+vjT+DJEIDWuvZfXL9LUQKGQGf0tM
WGrbwnC/aHYN1PwZLX7bwAyDITRdKJcjLH6TC9QFg8Tn2FH5wg==
-----END CERTIFICATE-----
Generated at Tue May 12 21:53:50 2026 by rpki-client