Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/546cfd08-b81d-4272-8862-184f9f677df0.roa
File: 546cfd08-b81d-4272-8862-184f9f677df0.roa (raw, json)
Hash identifier: w0ceCynYyw/GOFK0ftE3YCc2PNf2RYAElfTapmN2Ij8=
Subject key identifier: 80:34:2C:6C:2F:F0:EC:0D:BF:1D:72:19:D6:4C:35:93:05:CE:AE:D3
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 722D7707CDCEC3F0F169FB4FD397E8CD5FA1F27D
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/546cfd08-b81d-4272-8862-184f9f677df0.roa
Signing time: Sun 24 May 2026 00:00:03 +0000
ROA not before: Sun 24 May 2026 00:00:03 +0000
ROA not after: Sat 22 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:3000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:2d:77:07:cd:ce:c3:f0:f1:69:fb:4f:d3:97:e8:cd:5f:a1:f2:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: May 24 00:00:03 2026 GMT
Not After : Aug 22 23:59:59 2026 GMT
Subject: serialNumber=65d8d662208c5ea5443e641bc285ec9a7bbf17d724320214a7029fb3edca3e1e, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:4f:38:bc:c8:d1:24:a3:29:19:3b:a7:de:e7:
81:3b:e5:27:43:6a:c0:dd:22:3f:cf:b3:f4:1e:59:
15:f7:05:0b:a3:70:24:50:b9:24:db:f8:be:4c:8f:
b6:9b:07:c8:cb:46:5b:ec:88:68:5d:7b:74:71:b2:
21:9b:a5:56:c1:38:f6:4f:3a:1c:c5:53:12:86:11:
38:b4:50:15:9a:45:eb:3d:a1:63:63:f8:09:dc:f8:
f6:95:0d:53:a5:73:85:a0:c8:31:a0:30:fc:05:49:
e9:e4:fd:13:33:33:0a:be:fe:d0:6b:f4:e9:01:cb:
af:d4:21:34:29:27:a0:3c:57:e3:be:72:c4:f2:ea:
8a:6c:17:13:56:fd:64:72:a9:59:69:e3:68:b0:c8:
6b:08:82:18:4b:4f:4b:d0:66:e2:ec:70:1e:c8:78:
08:5e:26:47:0b:1d:f8:88:df:02:a3:f4:b5:c6:24:
bb:b8:c4:1e:6e:b1:ab:12:5e:9c:78:36:e8:cb:07:
d5:c6:6b:c1:75:d3:5e:50:0f:72:9c:a3:5b:3d:20:
c1:65:e3:20:62:e1:3b:90:68:7c:8e:02:01:0d:f4:
e2:8e:94:5d:e7:1e:aa:eb:00:63:34:9c:32:26:67:
ff:fb:42:94:1b:70:e2:95:38:7f:2e:5d:32:89:20:
c4:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:34:2C:6C:2F:F0:EC:0D:BF:1D:72:19:D6:4C:35:93:05:CE:AE:D3
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/546cfd08-b81d-4272-8862-184f9f677df0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:3000::/48
Signature Algorithm: sha256WithRSAEncryption
72:28:e5:04:16:03:55:e0:3f:91:82:d7:1a:6d:c2:9a:5d:18:
83:ac:83:e8:47:66:38:f0:f7:9b:3b:ce:8d:c9:84:e4:2a:bf:
3a:2a:ba:a3:49:c5:b8:c3:12:ae:10:6b:1c:f8:5f:ca:f2:2c:
26:53:78:ed:e7:ad:d0:c6:6a:d7:7a:f1:68:e9:b9:8f:90:1b:
11:d4:87:03:b3:60:4f:74:9b:2b:7c:e8:11:54:07:1b:1f:1f:
67:4a:46:1c:83:58:70:77:0a:29:cb:e9:22:c4:04:84:90:3c:
41:74:e7:0d:9d:d7:93:43:f7:c5:0d:30:b2:45:90:75:f8:39:
8e:1f:2e:72:6c:ad:2f:08:dc:e9:d8:af:7f:dc:c4:71:0e:fd:
59:f9:ff:36:5d:0a:0e:6a:f2:17:aa:a5:04:b4:0e:21:0f:40:
0a:3f:6b:21:5c:53:18:20:9a:e6:cf:8f:8b:c0:8c:0a:6f:ca:
5a:05:47:f4:98:c5:60:a9:a5:6f:ab:ef:71:48:c2:da:e0:6a:
0f:f7:bd:1e:f2:72:1a:07:20:7a:9a:7f:21:2a:ee:5f:a6:f9:
59:5c:58:66:9b:2d:a0:58:4b:27:65:2b:a7:17:6e:ce:65:20:
a4:c7:86:46:5b:c1:b9:7d:1f:72:74:91:92:23:8c:18:72:7d:
6b:2a:d4:12
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUci13B83Ow/DxaftP05fozV+h8n0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjA1MjQwMDAwMDNaFw0yNjA4MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDY1ZDhkNjYyMjA4YzVlYTU0NDNlNjQxYmMyODVlYzlhN2JiZjE3ZDcyNDMy
MDIxNGE3MDI5ZmIzZWRjYTNlMWUxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMdPOLzI0SSjKRk7p97ngTvlJ0NqwN0iP8+z9B5ZFfcFC6NwJFC5JNv4vkyP
tpsHyMtGW+yIaF17dHGyIZulVsE49k86HMVTEoYROLRQFZpF6z2hY2P4Cdz49pUN
U6VzhaDIMaAw/AVJ6eT9EzMzCr7+0Gv06QHLr9QhNCknoDxX475yxPLqimwXE1b9
ZHKpWWnjaLDIawiCGEtPS9Bm4uxwHsh4CF4mRwsd+IjfAqP0tcYku7jEHm6xqxJe
nHg26MsH1cZrwXXTXlAPcpyjWz0gwWXjIGLhO5BofI4CAQ304o6UXecequsAYzSc
MiZn//tClBtw4pU4fy5dMokgxI8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSANCxs
L/DsDb8dchnWTDWTBc6u0zAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
NTQ2Y2ZkMDgtYjgxZC00MjcyLTg4NjItMTg0ZjlmNjc3ZGYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8cw
ADANBgkqhkiG9w0BAQsFAAOCAQEAcijlBBYDVeA/kYLXGm3Cml0Yg6yD6EdmOPD3
mzvOjcmE5Cq/Oiq6o0nFuMMSrhBrHPhfyvIsJlN47eet0MZq13rxaOm5j5AbEdSH
A7NgT3SbK3zoEVQHGx8fZ0pGHINYcHcKKcvpIsQEhJA8QXTnDZ3Xk0P3xQ0wskWQ
dfg5jh8ucmytLwjc6divf9zEcQ79Wfn/Nl0KDmryF6qlBLQOIQ9ACj9rIVxTGCCa
5s+Pi8CMCm/KWgVH9JjFYKmlb6vvcUjC2uBqD/e9HvJyGgcgepp/ISruX6b5WVxY
ZpstoFhLJ2UrpxduzmUgpMeGRlvBuX0fcnSRkiOMGHJ9ayrUEg==
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:15:12 2026 by rpki-client