Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/e4dad8c7-9a9d-474f-aaf2-ab7a9e517288.roa
File: e4dad8c7-9a9d-474f-aaf2-ab7a9e517288.roa (raw, json)
Hash identifier: BDjdCWhKIv0MshwQDn69zR1Ja8fKIwQV3S0msvhGL8I=
Subject key identifier: F8:FA:44:7E:E1:8C:65:DC:E6:66:3E:DA:60:F3:ED:04:E6:98:0A:F9
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 6870B3BCC9FEE38B16EF9EA54B55DB8D3D2F9F8E
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/e4dad8c7-9a9d-474f-aaf2-ab7a9e517288.roa
Signing time: Mon 11 May 2026 01:30:11 +0000
ROA not before: Mon 11 May 2026 01:30:11 +0000
ROA not after: Sun 09 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc6:100::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:70:b3:bc:c9:fe:e3:8b:16:ef:9e:a5:4b:55:db:8d:3d:2f:9f:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: May 11 01:30:11 2026 GMT
Not After : Aug 9 23:59:59 2026 GMT
Subject: serialNumber=58c212105dcf87e5c696772f85fc5d7fa7916266223ccc3a93c58ac2eea50584, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:b7:eb:8e:ca:4f:85:3d:1c:f3:b9:45:cf:34:
1f:e7:ca:3c:97:44:41:5b:d7:da:69:3f:a3:00:93:
dc:6d:62:fc:49:50:b0:8c:8b:f5:e2:87:62:f5:f1:
dc:f1:ac:24:58:90:07:44:52:b6:71:90:8a:54:3e:
15:2f:15:88:3f:61:27:52:7d:fb:f7:98:73:68:15:
50:e0:91:a1:a4:ce:70:d2:d7:c1:98:0c:d0:99:f2:
e9:4a:61:ac:4f:c0:c2:6c:4e:a2:70:f6:53:01:27:
1a:da:d1:1e:f5:62:75:7d:a2:fd:79:88:68:4e:2f:
7e:1b:f6:38:a2:60:8e:df:70:b9:98:ec:ee:55:6d:
b6:25:89:7c:7d:b1:74:59:82:72:a2:54:95:e5:e5:
df:62:b4:72:bd:e2:4d:3b:a5:4a:b6:a7:a2:b2:c0:
99:fb:e2:96:50:55:ae:dc:f3:09:0d:a8:17:6e:b9:
21:7f:fd:ba:93:6f:a7:f6:52:06:2c:9b:73:bf:d9:
87:a2:6f:da:3a:14:1f:0b:c5:cd:0d:60:4b:34:85:
28:e6:ae:00:a2:26:79:3e:6f:59:08:87:84:8f:ab:
2e:17:70:f0:eb:30:48:26:e5:54:c8:5a:62:67:51:
41:14:ab:20:f4:d3:fd:95:19:84:df:4f:3a:8a:fe:
f4:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:FA:44:7E:E1:8C:65:DC:E6:66:3E:DA:60:F3:ED:04:E6:98:0A:F9
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/e4dad8c7-9a9d-474f-aaf2-ab7a9e517288.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc6:100::/48
Signature Algorithm: sha256WithRSAEncryption
49:5d:a0:05:fc:0e:e5:75:fa:94:b9:5e:a9:54:6a:02:13:28:
0d:49:b3:01:bb:ea:57:48:ab:41:0d:b9:cb:39:de:b6:c2:82:
2e:16:d6:67:f3:5b:1e:36:19:e5:e8:eb:4b:1b:44:1e:ba:7e:
11:d2:8b:9b:c1:6d:59:fa:50:06:d7:ae:bb:18:31:cc:96:af:
6f:f3:d7:2a:12:b5:ac:fa:f2:a1:ec:eb:1e:05:e1:3b:de:96:
f1:98:12:21:07:97:95:15:2d:8f:69:b8:5e:06:bc:0f:03:dc:
65:0c:45:ba:1e:4f:25:80:35:29:24:e6:86:9b:95:9c:68:47:
15:5f:01:63:48:a7:91:f0:b0:64:29:0e:e4:c8:3b:0e:0a:4e:
71:7f:91:1c:db:0a:0c:1c:44:f0:f7:66:4c:f3:a4:09:ea:25:
b1:47:d1:c1:d5:48:86:f5:e0:56:af:8d:16:ff:46:64:95:9f:
77:37:90:c5:08:cb:a4:54:cd:89:31:d8:44:8f:46:3e:5b:93:
71:29:a7:4a:7a:25:9e:ad:9d:9f:fa:73:1f:a0:25:13:1f:ef:
dd:92:24:66:50:ef:9c:ac:fb:05:af:f5:b3:c4:59:9e:0c:5e:
56:ad:b7:6b:af:e4:0b:b3:d9:a8:11:39:0e:ae:94:5d:0b:25:
aa:99:87:b3
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUaHCzvMn+44sW756lS1XbjT0vn44wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjA1MTEwMTMwMTFaFw0yNjA4MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDU4YzIxMjEwNWRjZjg3ZTVjNjk2NzcyZjg1ZmM1ZDdmYTc5MTYyNjYyMjNj
Y2MzYTkzYzU4YWMyZWVhNTA1ODQxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJu3647KT4U9HPO5Rc80H+fKPJdEQVvX2mk/owCT3G1i/ElQsIyL9eKHYvXx
3PGsJFiQB0RStnGQilQ+FS8ViD9hJ1J9+/eYc2gVUOCRoaTOcNLXwZgM0Jny6Uph
rE/AwmxOonD2UwEnGtrRHvVidX2i/XmIaE4vfhv2OKJgjt9wuZjs7lVttiWJfH2x
dFmCcqJUleXl32K0cr3iTTulSranorLAmfvillBVrtzzCQ2oF265IX/9upNvp/ZS
Biybc7/Zh6Jv2joUHwvFzQ1gSzSFKOauAKImeT5vWQiHhI+rLhdw8OswSCblVMha
YmdRQRSrIPTT/ZUZhN9POor+9NECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT4+kR+
4Yxl3OZmPtpg8+0E5pgK+TAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
ZTRkYWQ4YzctOWE5ZC00NzRmLWFhZjItYWI3YTllNTE3Mjg4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8YB
ADANBgkqhkiG9w0BAQsFAAOCAQEASV2gBfwO5XX6lLleqVRqAhMoDUmzAbvqV0ir
QQ25yznetsKCLhbWZ/NbHjYZ5ejrSxtEHrp+EdKLm8FtWfpQBteuuxgxzJavb/PX
KhK1rPryoezrHgXhO96W8ZgSIQeXlRUtj2m4Xga8DwPcZQxFuh5PJYA1KSTmhpuV
nGhHFV8BY0inkfCwZCkO5Mg7DgpOcX+RHNsKDBxE8PdmTPOkCeolsUfRwdVIhvXg
Vq+NFv9GZJWfdzeQxQjLpFTNiTHYRI9GPluTcSmnSnolnq2dn/pzH6AlEx/v3ZIk
ZlDvnKz7Ba/1s8RZngxeVq23a6/kC7PZqBE5Dq6UXQslqpmHsw==
-----END CERTIFICATE-----
Generated at Tue May 12 22:18:38 2026 by rpki-client