Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/03927569-0b5c-4807-96ea-c0c7c45fd675.roa
File: 03927569-0b5c-4807-96ea-c0c7c45fd675.roa (raw, json)
Hash identifier: pyC5zXH0rX3IHGVdGQL+BXm5F/E/C7pgpKLzg3bYaoQ=
Subject key identifier: 39:25:EE:9B:B9:DB:05:EA:0F:DF:6F:3F:64:74:A6:95:68:C8:1E:79
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 462835344E4DC201D93890E298414EFF4ED165B8
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/03927569-0b5c-4807-96ea-c0c7c45fd675.roa
Signing time: Tue 24 Feb 2026 00:30:10 +0000
ROA not before: Tue 24 Feb 2026 00:30:10 +0000
ROA not after: Mon 25 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc2::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:28:35:34:4e:4d:c2:01:d9:38:90:e2:98:41:4e:ff:4e:d1:65:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: Feb 24 00:30:10 2026 GMT
Not After : May 25 23:59:59 2026 GMT
Subject: serialNumber=9863507e9a8f9f5d04e10afc1f4e27344a9eaf7c4efd094db7683667f42fc041, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:ba:38:84:9e:b5:29:ec:77:3e:c0:03:ae:47:
08:05:a8:ea:c5:10:96:44:a6:7c:b2:20:c1:de:ff:
fd:61:4f:98:04:72:9a:1a:08:7c:24:57:14:8e:a0:
8f:be:02:d2:50:02:3c:c0:e2:0c:e4:86:7f:b6:c6:
ba:cb:5c:ed:21:b1:d4:8c:c1:5a:74:30:42:f1:07:
bd:d4:af:cb:34:6e:fd:a3:82:1f:41:ba:d0:0a:2d:
73:51:0f:bf:af:a8:dd:ff:9a:56:39:83:39:1b:dd:
8f:b9:ab:54:a2:4d:3f:5e:78:41:fb:e5:34:b9:bd:
ba:29:b8:3a:c4:5c:20:8a:74:37:84:04:f3:17:4f:
76:7a:c7:b7:36:76:d5:f6:a8:fd:6e:4e:61:d5:e4:
1e:8e:18:18:05:54:5a:fc:06:a0:3c:ce:7c:dd:94:
e2:58:9e:6e:d3:35:3c:3e:8a:e8:52:4a:e5:71:a2:
74:ec:23:5f:0b:17:2a:ee:99:40:e3:47:4e:ce:6b:
0b:94:13:64:fe:ba:a4:37:52:25:63:b1:b8:e1:c3:
62:6b:4e:73:d2:51:27:b4:03:dc:f4:55:77:f3:f7:
e8:e4:e5:52:c5:40:3c:82:ab:86:20:2a:69:ad:c8:
d6:a3:44:60:f4:f6:72:7a:6c:2a:d8:75:ec:5c:40:
82:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:25:EE:9B:B9:DB:05:EA:0F:DF:6F:3F:64:74:A6:95:68:C8:1E:79
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/03927569-0b5c-4807-96ea-c0c7c45fd675.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc2::/32
Signature Algorithm: sha256WithRSAEncryption
68:78:be:d5:e1:f6:1e:65:6a:0c:80:99:b9:0a:07:34:9b:e8:
87:8d:43:1d:61:6d:a1:59:07:d1:b6:9f:c9:ca:1e:49:67:bc:
f5:1b:d9:5b:65:ad:08:37:1f:1f:5e:87:81:17:6d:db:e4:df:
36:7b:42:ed:a3:aa:d4:4d:41:d0:7e:91:67:46:d3:e8:4c:45:
e2:8d:aa:4c:b0:f0:54:ee:90:ef:65:ca:ad:22:b5:e1:e0:31:
51:52:e0:61:89:eb:84:28:8f:22:8e:16:34:3c:bd:65:ec:d4:
38:07:e8:f2:7e:a3:15:be:c7:42:62:9e:de:55:f4:cc:16:4c:
55:15:b3:69:9a:26:15:57:ee:4b:69:cb:4a:72:b3:b0:0d:59:
a1:aa:dc:ea:68:73:8d:6a:76:02:e5:1b:c7:36:11:c7:d8:46:
f6:d5:07:db:d8:bb:2c:a6:52:07:58:bf:3a:a6:fd:ca:68:7d:
1d:b8:66:de:fc:46:8a:80:c1:67:70:cc:5d:c7:68:f2:4c:14:
f6:bb:53:68:b8:a4:3d:e1:8e:79:21:7b:e7:90:3c:b8:ca:f5:
6a:36:64:45:be:ef:1d:76:d8:92:71:62:d9:6c:de:02:e0:bc:
98:2b:94:72:2d:d7:f7:99:14:86:a9:d6:e9:66:7b:e8:25:57:
53:b7:ab:27
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIURig1NE5NwgHZOJDimEFO/07RZbgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjAyMjQwMDMwMTBaFw0yNjA1MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDk4NjM1MDdlOWE4ZjlmNWQwNGUxMGFmYzFmNGUyNzM0NGE5ZWFmN2M0ZWZk
MDk0ZGI3NjgzNjY3ZjQyZmMwNDExLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJC6OISetSnsdz7AA65HCAWo6sUQlkSmfLIgwd7//WFPmARymhoIfCRXFI6g
j74C0lACPMDiDOSGf7bGustc7SGx1IzBWnQwQvEHvdSvyzRu/aOCH0G60Aotc1EP
v6+o3f+aVjmDORvdj7mrVKJNP154QfvlNLm9uim4OsRcIIp0N4QE8xdPdnrHtzZ2
1fao/W5OYdXkHo4YGAVUWvwGoDzOfN2U4liebtM1PD6K6FJK5XGidOwjXwsXKu6Z
QONHTs5rC5QTZP66pDdSJWOxuOHDYmtOc9JRJ7QD3PRVd/P36OTlUsVAPIKrhiAq
aa3I1qNEYPT2cnpsKth17FxAgiECAwEAAaOCAiIwggIeMB0GA1UdDgQWBBQ5Je6b
udsF6g/fbz9kdKaVaMgeeTAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
MDM5Mjc1NjktMGI1Yy00ODA3LTk2ZWEtYzBjN2M0NWZkNjc1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACABP8Iw
DQYJKoZIhvcNAQELBQADggEBAGh4vtXh9h5lagyAmbkKBzSb6IeNQx1hbaFZB9G2
n8nKHklnvPUb2VtlrQg3Hx9eh4EXbdvk3zZ7Qu2jqtRNQdB+kWdG0+hMReKNqkyw
8FTukO9lyq0iteHgMVFS4GGJ64QojyKOFjQ8vWXs1DgH6PJ+oxW+x0Jint5V9MwW
TFUVs2maJhVX7ktpy0pys7ANWaGq3Opoc41qdgLlG8c2EcfYRvbVB9vYuyymUgdY
vzqm/cpofR24Zt78RoqAwWdwzF3HaPJMFPa7U2i4pD3hjnkhe+eQPLjK9Wo2ZEW+
7x122JJxYtls3gLgvJgrlHIt1/eZFIap1ulme+glV1O3qyc=
-----END CERTIFICATE-----
Generated at Sun Mar 1 22:10:02 2026 by rpki-client