Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/ee70ca3e-a7dd-43d8-bb30-01cc2f46e1fc.roa
File: ee70ca3e-a7dd-43d8-bb30-01cc2f46e1fc.roa (raw, json)
Hash identifier: jXWh9Ub6sQUQn7pfpQDEPfO2y29Ox7YczxQoX8CEy7Q=
Subject key identifier: D6:D0:89:DE:2B:8C:1D:C3:A4:7D:11:7D:70:6D:D5:12:C1:86:B7:E6
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 4EAA6A79D18E84F99FD119B8222D8B23EDC18979
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/ee70ca3e-a7dd-43d8-bb30-01cc2f46e1fc.roa
Signing time: Mon 11 May 2026 01:30:22 +0000
ROA not before: Mon 11 May 2026 01:30:22 +0000
ROA not after: Sun 09 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:aa:6a:79:d1:8e:84:f9:9f:d1:19:b8:22:2d:8b:23:ed:c1:89:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: May 11 01:30:22 2026 GMT
Not After : Aug 9 23:59:59 2026 GMT
Subject: serialNumber=03b72a445b2c713d5e1b4b6670e99013262fd5e2f82349784d4d30b34e792b49, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:bf:f0:f2:c4:9b:da:5d:16:e1:80:b0:43:8a:
64:d5:e2:ae:1f:3e:93:aa:81:6a:ce:35:35:06:4f:
22:8f:d8:27:b0:20:0d:f5:05:50:93:73:50:17:fb:
79:54:f2:72:8d:c2:52:3e:7a:8c:4c:45:9b:1f:22:
89:d1:7f:f5:ad:47:be:3b:be:29:67:39:52:08:14:
f1:ca:9a:53:75:62:6a:ef:c7:7a:8f:4c:a4:04:ca:
4f:88:2d:5f:c0:d6:9a:dd:48:e2:a1:10:b0:6b:c5:
2d:d2:b8:4e:3e:3d:b1:3f:2d:1c:7a:52:6d:b1:19:
29:92:06:e8:5b:29:2b:a1:d4:d4:d7:eb:f5:1e:7e:
7d:5c:a9:d1:99:c2:3b:76:3f:cb:e5:97:f8:3c:f0:
d1:08:e4:8b:fc:44:96:b0:fb:48:90:44:f4:04:d3:
a3:9b:f7:55:f8:76:55:5b:7b:25:05:d5:80:ae:71:
7e:2d:79:75:a9:91:47:32:84:ed:11:be:09:32:a6:
ae:d4:e4:97:10:25:ca:a8:c4:f1:ad:a9:97:b4:55:
c8:f0:00:ce:9e:6e:a9:66:b6:70:a6:44:0d:7f:6f:
ba:b0:97:6b:f3:15:19:e9:a8:88:be:a2:fd:f7:46:
b4:e5:bf:06:02:1d:ef:1a:ac:73:78:97:ea:60:e7:
4e:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:D0:89:DE:2B:8C:1D:C3:A4:7D:11:7D:70:6D:D5:12:C1:86:B7:E6
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/ee70ca3e-a7dd-43d8-bb30-01cc2f46e1fc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:800::/40
Signature Algorithm: sha256WithRSAEncryption
01:73:c6:56:dd:c8:f6:71:a5:6e:ee:1c:c8:1e:4a:61:64:56:
45:5d:b1:a2:bb:02:8d:d7:f4:82:9a:c0:da:8b:b8:49:25:98:
be:bb:67:eb:61:15:6c:6c:9b:f5:4a:60:dd:d2:8c:4c:8f:7f:
2c:e0:7d:6b:27:c9:75:31:04:f0:32:7a:b5:02:cd:4c:fc:2b:
e6:58:78:9c:1d:1f:f9:40:a5:01:fc:10:17:d9:62:44:c5:04:
5d:48:cb:83:a2:89:91:6c:20:7a:19:a5:83:c9:20:3c:13:99:
34:0e:ce:33:1a:4a:3c:a0:4e:c4:05:29:82:81:99:fe:c2:77:
b9:38:a7:65:cc:8f:8c:90:ad:75:a7:a8:10:4d:e0:96:32:74:
74:28:27:5a:02:44:1a:3c:f4:60:78:22:e3:27:e8:44:2c:8e:
b1:04:5c:71:7e:0d:8f:51:07:3f:f1:77:e3:5c:72:1a:dc:2f:
9f:3c:79:be:85:c3:71:16:37:d3:eb:af:33:6b:94:d3:12:9e:
a5:56:9a:38:8a:ed:b3:eb:36:2b:0c:55:a5:da:a0:b7:6d:9d:
be:f5:cc:6d:f5:85:e6:9e:96:0c:ed:49:26:62:1a:02:d5:88:
30:7d:2b:05:76:86:70:db:82:20:29:fc:77:0d:a4:7b:bf:23:
ca:b9:a6:73
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUTqpqedGOhPmf0Rm4Ii2LI+3BiXkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjA1MTEwMTMwMjJaFw0yNjA4MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDAzYjcyYTQ0NWIyYzcxM2Q1ZTFiNGI2NjcwZTk5MDEzMjYyZmQ1ZTJmODIz
NDk3ODRkNGQzMGIzNGU3OTJiNDkxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMe/8PLEm9pdFuGAsEOKZNXirh8+k6qBas41NQZPIo/YJ7AgDfUFUJNzUBf7
eVTyco3CUj56jExFmx8iidF/9a1Hvju+KWc5UggU8cqaU3Viau/Heo9MpATKT4gt
X8DWmt1I4qEQsGvFLdK4Tj49sT8tHHpSbbEZKZIG6FspK6HU1Nfr9R5+fVyp0ZnC
O3Y/y+WX+Dzw0Qjki/xElrD7SJBE9ATTo5v3Vfh2VVt7JQXVgK5xfi15damRRzKE
7RG+CTKmrtTklxAlyqjE8a2pl7RVyPAAzp5uqWa2cKZEDX9vurCXa/MVGemoiL6i
/fdGtOW/BgId7xqsc3iX6mDnTjUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTW0Ine
K4wdw6R9EX1wbdUSwYa35jAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
ZWU3MGNhM2UtYTdkZC00M2Q4LWJiMzAtMDFjYzJmNDZlMWZjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8MI
MA0GCSqGSIb3DQEBCwUAA4IBAQABc8ZW3cj2caVu7hzIHkphZFZFXbGiuwKN1/SC
msDai7hJJZi+u2frYRVsbJv1SmDd0oxMj38s4H1rJ8l1MQTwMnq1As1M/CvmWHic
HR/5QKUB/BAX2WJExQRdSMuDoomRbCB6GaWDySA8E5k0Ds4zGko8oE7EBSmCgZn+
wne5OKdlzI+MkK11p6gQTeCWMnR0KCdaAkQaPPRgeCLjJ+hELI6xBFxxfg2PUQc/
8XfjXHIa3C+fPHm+hcNxFjfT668za5TTEp6lVpo4iu2z6zYrDFWl2qC3bZ2+9cxt
9YXmnpYM7UkmYhoC1YgwfSsFdoZw24IgKfx3DaR7vyPKuaZz
-----END CERTIFICATE-----
Generated at Tue May 12 22:36:56 2026 by rpki-client