Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/559fdd1a-1e70-48bd-aacc-1c5c7f47eafc.roa
File: 559fdd1a-1e70-48bd-aacc-1c5c7f47eafc.roa (raw, json)
Hash identifier: w20Mv4gIXufS1QGfRT5NKT3kF04BkUxG8RE14awYsZo=
Subject key identifier: BF:E2:D4:D6:F3:E4:FF:50:77:35:F3:D5:BD:A0:49:40:46:DE:08:F8
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 52F11107594596EC589F4DF3B883967BD7015E07
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/559fdd1a-1e70-48bd-aacc-1c5c7f47eafc.roa
Signing time: Sun 24 May 2026 00:00:02 +0000
ROA not before: Sun 24 May 2026 00:00:02 +0000
ROA not after: Sat 22 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:3004::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:f1:11:07:59:45:96:ec:58:9f:4d:f3:b8:83:96:7b:d7:01:5e:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: May 24 00:00:02 2026 GMT
Not After : Aug 22 23:59:59 2026 GMT
Subject: serialNumber=23f9abf4624807b22e3c008db30028fb43928748ba71531fbf339f7b39785671, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:e8:8e:e5:05:51:03:44:d6:cb:95:30:1b:82:
ad:b8:60:e0:69:04:03:23:b6:46:1b:7e:6e:d7:96:
b2:27:30:f9:48:81:5d:8f:2f:38:99:5b:41:af:c8:
6d:00:98:41:08:7f:97:7e:35:68:6c:a6:6e:39:6d:
6b:0a:39:69:cc:99:d8:d7:99:b1:69:35:03:0c:72:
14:d6:64:ec:08:ea:13:c6:01:73:be:2f:b2:c6:66:
a9:19:49:b2:d9:a3:27:59:14:3c:7c:03:05:ec:41:
30:ad:b8:a3:77:ee:df:5a:6d:17:0c:b8:6e:1d:27:
96:ae:0c:de:1e:3a:b4:e5:cb:e4:8e:b2:49:e7:6b:
e2:9e:a4:0a:b3:a5:4e:e1:e7:f7:ec:99:ef:51:d6:
79:95:1b:94:7d:f7:bb:51:9b:6b:d4:0c:c2:fd:03:
48:e9:30:e2:d7:f8:d6:f4:47:ea:1e:13:08:94:33:
4d:8a:11:0a:9c:97:54:16:18:25:1a:64:af:b2:0f:
e9:03:2c:40:bf:00:ac:f4:16:8b:11:27:17:51:8d:
1e:a6:c9:df:ee:51:77:18:5f:9b:2a:1c:dc:05:2c:
6e:1a:01:aa:8f:d6:1c:2d:82:eb:5e:88:10:65:8d:
cc:39:dd:bd:89:3f:a2:3f:14:88:5f:d5:4a:11:c0:
45:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:E2:D4:D6:F3:E4:FF:50:77:35:F3:D5:BD:A0:49:40:46:DE:08:F8
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/559fdd1a-1e70-48bd-aacc-1c5c7f47eafc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:3004::/48
Signature Algorithm: sha256WithRSAEncryption
aa:f8:75:fd:0d:34:c8:19:0d:8b:fb:6b:dc:45:cb:ad:2f:71:
1e:2a:ff:95:62:b4:e9:3b:1e:37:48:11:03:51:a2:7d:39:2c:
ff:7c:83:b3:f3:6f:c0:37:6d:f7:7f:a3:55:ac:93:24:ac:10:
44:97:51:1c:09:ac:f6:52:1f:fb:a6:e4:fa:e8:d1:d9:78:12:
90:ac:28:97:46:3b:32:9d:d8:be:40:0d:ce:c3:08:7d:85:ea:
17:b6:ec:84:be:6b:12:f7:b8:b6:63:25:e1:64:56:a7:e3:21:
ee:fc:10:e4:02:2f:52:56:51:2f:3c:2f:b9:a8:6e:ab:9d:cd:
0a:89:d2:3c:b9:82:5e:6a:e4:c6:96:b4:d7:46:71:3b:6b:39:
25:79:6a:f0:ae:ac:8f:71:c1:0b:db:8d:e5:1b:c9:8d:36:d9:
87:19:25:66:9d:7d:ad:03:11:8a:0f:68:c5:4b:21:51:0c:f1:
9d:a8:b3:7d:40:fb:c6:e9:bc:08:82:fe:9b:d8:ce:e0:00:ce:
02:91:84:17:37:fb:de:2f:82:e3:73:b2:38:99:83:97:3d:40:
87:5c:e9:4b:3e:3b:1f:4a:b1:75:a0:93:b5:d2:a4:6e:6f:1a:
78:f5:b4:c5:2f:ef:0d:b8:03:8b:cf:50:bf:1f:27:a1:12:a5:
fb:6e:72:c0
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUUvERB1lFluxYn03zuIOWe9cBXgcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjA1MjQwMDAwMDJaFw0yNjA4MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDIzZjlhYmY0NjI0ODA3YjIyZTNjMDA4ZGIzMDAyOGZiNDM5Mjg3NDhiYTcx
NTMxZmJmMzM5ZjdiMzk3ODU2NzExLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMjojuUFUQNE1suVMBuCrbhg4GkEAyO2Rht+bteWsicw+UiBXY8vOJlbQa/I
bQCYQQh/l341aGymbjltawo5acyZ2NeZsWk1AwxyFNZk7AjqE8YBc74vssZmqRlJ
stmjJ1kUPHwDBexBMK24o3fu31ptFwy4bh0nlq4M3h46tOXL5I6ySedr4p6kCrOl
TuHn9+yZ71HWeZUblH33u1Gba9QMwv0DSOkw4tf41vRH6h4TCJQzTYoRCpyXVBYY
JRpkr7IP6QMsQL8ArPQWixEnF1GNHqbJ3+5Rdxhfmyoc3AUsbhoBqo/WHC2C616I
EGWNzDndvYk/oj8UiF/VShHARZECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS/4tTW
8+T/UHc189W9oElARt4I+DAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
NTU5ZmRkMWEtMWU3MC00OGJkLWFhY2MtMWM1YzdmNDdlYWZjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8cw
BDANBgkqhkiG9w0BAQsFAAOCAQEAqvh1/Q00yBkNi/tr3EXLrS9xHir/lWK06Tse
N0gRA1GifTks/3yDs/NvwDdt93+jVayTJKwQRJdRHAms9lIf+6bk+ujR2XgSkKwo
l0Y7Mp3YvkANzsMIfYXqF7bshL5rEve4tmMl4WRWp+Mh7vwQ5AIvUlZRLzwvuahu
q53NConSPLmCXmrkxpa010ZxO2s5JXlq8K6sj3HBC9uN5RvJjTbZhxklZp19rQMR
ig9oxUshUQzxnaizfUD7xum8CIL+m9jO4ADOApGEFzf73i+C43OyOJmDlz1Ah1zp
Sz47H0qxdaCTtdKkbm8aePW0xS/vDbgDi89Qvx8noRKl+25ywA==
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:02:43 2026 by rpki-client