Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/21d4170c-c1ef-47cd-8708-3b0548bfa5c5.roa
File: 21d4170c-c1ef-47cd-8708-3b0548bfa5c5.roa (raw, json)
Hash identifier: cuo2Gdw1w59uD9IwYm9wsBH08RtY6ZLEW8L8HRs9Ezw=
Subject key identifier: CD:20:BE:94:5D:90:ED:AA:AF:82:11:9B:77:2D:0E:C3:6B:30:77:42
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 53EB2FB80125B788ED281EDF80FB351F48ECD84D
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/21d4170c-c1ef-47cd-8708-3b0548bfa5c5.roa
Signing time: Sat 06 Jun 2026 00:00:05 +0000
ROA not before: Sat 06 Jun 2026 00:00:05 +0000
ROA not after: Fri 04 Sep 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:6800::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:eb:2f:b8:01:25:b7:88:ed:28:1e:df:80:fb:35:1f:48:ec:d8:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: Jun 6 00:00:05 2026 GMT
Not After : Sep 4 23:59:59 2026 GMT
Subject: serialNumber=97e0c1314c53369b8d022399df7dab14214249cbe2d1ae10981f79585be04ece, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:10:b4:55:18:d2:52:d9:14:a3:0e:39:32:12:
83:d6:c9:10:0a:ef:00:7d:5c:2d:cd:03:c3:fe:ba:
fe:16:42:90:29:dc:a8:29:dc:8b:98:d8:77:30:cf:
64:35:ea:c2:fb:48:dc:00:82:6c:79:67:15:fc:5a:
6a:a9:ff:2c:55:7c:9f:5b:08:d9:9d:75:32:bc:dc:
d3:3e:4c:0a:8c:6a:56:1c:c2:2f:8a:f8:06:30:30:
40:a1:be:cf:b9:6d:5a:e4:e1:8e:54:a6:64:2f:4f:
fe:fb:67:d1:e8:52:5b:38:c5:d4:cc:2e:17:9b:23:
3a:4d:b4:c7:07:93:b6:29:90:d6:1a:b2:19:20:2f:
b5:eb:ba:37:2b:9f:b8:ee:e5:4e:24:05:f2:af:1b:
ae:4c:e3:e0:fd:58:38:fe:e0:a0:1d:79:2c:76:59:
40:ea:71:05:27:23:f9:94:08:ee:02:99:c0:46:aa:
1e:a8:25:d5:99:af:46:4f:a9:97:24:66:46:26:77:
e6:ac:c7:09:e0:75:fd:39:c4:9b:39:94:9c:6e:0c:
92:45:aa:7b:df:69:66:0f:6c:cf:c3:32:f7:78:68:
c6:cd:18:7e:9f:ea:2c:2c:1f:82:34:b6:c7:c8:fc:
19:5c:f4:96:46:69:53:fb:6e:47:f6:33:82:8b:a3:
83:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:20:BE:94:5D:90:ED:AA:AF:82:11:9B:77:2D:0E:C3:6B:30:77:42
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/21d4170c-c1ef-47cd-8708-3b0548bfa5c5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:6800::/48
Signature Algorithm: sha256WithRSAEncryption
64:6f:16:fc:b3:e5:b2:85:95:89:e0:0b:f6:a7:ed:ae:df:7b:
48:71:77:cc:d8:47:24:78:1c:d7:57:55:df:2d:73:77:4a:39:
9d:3f:f3:ee:0a:d9:51:92:50:f3:70:ce:03:1a:a4:62:aa:26:
ae:02:07:0a:58:ff:3f:e9:5c:0b:6b:93:e2:39:26:49:4f:ba:
2f:03:d9:09:ea:bd:ec:8d:e8:b1:a7:20:f3:21:f2:2c:48:49:
dc:6a:51:6d:f7:86:f3:80:25:85:88:81:f0:c8:79:02:dc:15:
06:87:2c:f5:60:f2:99:b3:4a:21:bf:53:aa:40:8e:77:ee:db:
2e:e7:e0:ef:1e:95:a1:33:6c:f1:fc:27:9d:e0:05:32:03:de:
a7:81:05:da:73:0f:1d:e4:64:ee:ad:52:df:04:89:cc:21:df:
5a:5e:5d:18:4f:75:77:91:49:be:70:35:3c:4e:b6:62:c8:6a:
82:13:4c:1a:44:0f:37:ce:52:4a:79:7f:0c:a5:3a:b0:10:d8:
08:00:de:dc:e8:7b:43:e6:71:d6:e4:7e:77:58:af:3d:a1:75:
2a:1d:56:3d:55:d5:94:e1:33:dc:fe:c5:44:72:83:99:4b:5a:
cb:28:6d:88:c4:75:a6:89:b3:44:87:b8:08:88:98:7e:12:b8:
39:f6:02:06
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUU+svuAElt4jtKB7fgPs1H0js2E0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjA2MDYwMDAwMDVaFw0yNjA5MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDk3ZTBjMTMxNGM1MzM2OWI4ZDAyMjM5OWRmN2RhYjE0MjE0MjQ5Y2JlMmQx
YWUxMDk4MWY3OTU4NWJlMDRlY2UxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALcQtFUY0lLZFKMOOTISg9bJEArvAH1cLc0Dw/66/hZCkCncqCnci5jYdzDP
ZDXqwvtI3ACCbHlnFfxaaqn/LFV8n1sI2Z11Mrzc0z5MCoxqVhzCL4r4BjAwQKG+
z7ltWuThjlSmZC9P/vtn0ehSWzjF1MwuF5sjOk20xweTtimQ1hqyGSAvteu6Nyuf
uO7lTiQF8q8brkzj4P1YOP7goB15LHZZQOpxBScj+ZQI7gKZwEaqHqgl1ZmvRk+p
lyRmRiZ35qzHCeB1/TnEmzmUnG4MkkWqe99pZg9sz8My93hoxs0Yfp/qLCwfgjS2
x8j8GVz0lkZpU/tuR/Yzgoujg+8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTNIL6U
XZDtqq+CEZt3LQ7DazB3QjAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
MjFkNDE3MGMtYzFlZi00N2NkLTg3MDgtM2IwNTQ4YmZhNWM1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8do
ADANBgkqhkiG9w0BAQsFAAOCAQEAZG8W/LPlsoWVieAL9qftrt97SHF3zNhHJHgc
11dV3y1zd0o5nT/z7grZUZJQ83DOAxqkYqomrgIHClj/P+lcC2uT4jkmSU+6LwPZ
Ceq97I3osacg8yHyLEhJ3GpRbfeG84AlhYiB8Mh5AtwVBocs9WDymbNKIb9TqkCO
d+7bLufg7x6VoTNs8fwnneAFMgPep4EF2nMPHeRk7q1S3wSJzCHfWl5dGE91d5FJ
vnA1PE62YshqghNMGkQPN85SSnl/DKU6sBDYCADe3Oh7Q+Zx1uR+d1ivPaF1Kh1W
PVXVlOEz3P7FRHKDmUtayyhtiMR1pomzRIe4CIiYfhK4OfYCBg==
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:01:26 2026 by rpki-client