Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/698aa0c9-36c3-4a47-847c-0c241221ba32.roa
File: 698aa0c9-36c3-4a47-847c-0c241221ba32.roa (raw, json)
Hash identifier: bWPTVz69V2lz8koxy0ZagFI+beKFsvaBPqZDe0qK288=
Subject key identifier: B0:81:E9:CD:18:E4:E2:11:B3:37:46:4B:91:61:92:20:39:53:C0:89
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 4C44DE333B5AAA25099737DC0E8B749C7E0CB964
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/698aa0c9-36c3-4a47-847c-0c241221ba32.roa
Signing time: Mon 13 Apr 2026 00:00:05 +0000
ROA not before: Mon 13 Apr 2026 00:00:05 +0000
ROA not after: Sun 12 Jul 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc6:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:44:de:33:3b:5a:aa:25:09:97:37:dc:0e:8b:74:9c:7e:0c:b9:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: Apr 13 00:00:05 2026 GMT
Not After : Jul 12 23:59:59 2026 GMT
Subject: serialNumber=0204e80707ae0ef7f283d249fe28011da98c408c1a188478998b826d94eb14c7, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:60:5f:99:44:89:d0:38:1c:5f:55:39:52:66:
09:5a:87:b2:99:27:90:33:df:91:db:d5:ff:51:a2:
76:d7:06:16:1e:da:d9:dc:f1:43:36:37:5c:84:86:
62:54:74:d8:26:d3:aa:19:0f:9b:65:f0:49:3c:0b:
9e:c0:b5:22:a8:7c:b1:0e:c6:17:9d:78:3e:63:2d:
51:b7:93:0a:cc:70:77:70:22:ac:7f:32:f0:62:a9:
4a:6b:5f:dc:26:63:80:ef:ca:66:08:d0:a6:f0:1c:
67:7d:2d:7e:48:49:39:16:5c:d7:f6:41:8f:a6:46:
7d:2c:49:33:48:59:3a:a0:cc:e5:b4:51:2b:3a:bc:
ac:e5:68:31:bf:78:29:c1:fd:d1:90:13:d2:5e:e8:
8f:c8:4e:91:f9:b0:ff:7d:bf:38:62:28:15:f6:26:
2d:fa:f7:87:4e:4a:2f:45:d9:4d:9e:a7:95:7e:e3:
15:a2:04:c3:96:3a:e0:53:30:03:d4:03:de:a2:0c:
21:71:55:50:82:32:60:ec:57:3d:57:8d:8d:2b:d9:
97:ab:ce:4f:68:e4:da:08:5b:f6:77:d8:f2:82:98:
9f:09:5b:49:18:7f:7a:c4:ef:94:46:91:f0:32:49:
e6:53:71:8b:37:55:ce:c2:2e:62:d1:3c:73:31:96:
a7:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:81:E9:CD:18:E4:E2:11:B3:37:46:4B:91:61:92:20:39:53:C0:89
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/698aa0c9-36c3-4a47-847c-0c241221ba32.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc6:1::/48
Signature Algorithm: sha256WithRSAEncryption
48:fa:5e:d7:c0:1c:4d:9c:cf:ed:83:29:d4:24:db:df:84:d3:
f9:7f:f0:e0:bf:bf:13:d0:fc:25:ba:99:fd:9c:e3:b0:b2:9e:
9f:89:dd:5a:79:60:68:ef:d2:a4:9a:0e:4a:53:b9:f0:34:e9:
20:88:31:52:53:e3:58:b6:cf:6b:e5:25:03:85:eb:45:b7:20:
68:0d:5a:23:67:b2:86:f2:0c:6c:ef:ca:96:37:5c:4b:00:ab:
c6:14:de:2a:31:20:4d:62:36:f9:62:00:04:04:1c:cf:6e:f9:
9d:77:dc:17:6b:77:89:d4:66:c3:52:c9:3f:ca:c6:02:4e:bf:
5d:bd:cb:83:a2:53:cb:9d:2b:76:b7:ec:fd:92:cc:35:d3:a9:
6a:36:f1:6b:3b:98:6c:02:dd:a7:1c:23:fa:bb:ec:1b:b4:98:
d6:89:0c:97:0a:6d:0d:5f:d8:2a:f3:9e:a7:26:f7:af:b0:fe:
bb:b0:0b:f7:de:5c:d4:32:ef:1c:e4:ff:90:91:ab:d0:e1:7c:
f6:24:75:59:f3:f8:b8:4e:32:9a:8a:9d:cf:9d:f4:bc:dd:7f:
25:74:4b:d3:82:49:56:00:a7:fc:2f:78:07:d6:21:db:f0:0b:
5b:59:fc:fb:51:84:39:b9:2a:8b:0c:b9:f8:ba:58:f2:40:10:
6c:0d:12:16
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUTETeMztaqiUJlzfcDot0nH4MuWQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjA0MTMwMDAwMDVaFw0yNjA3MTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDAyMDRlODA3MDdhZTBlZjdmMjgzZDI0OWZlMjgwMTFkYTk4YzQwOGMxYTE4
ODQ3ODk5OGI4MjZkOTRlYjE0YzcxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ5gX5lEidA4HF9VOVJmCVqHspknkDPfkdvV/1GidtcGFh7a2dzxQzY3XISG
YlR02CbTqhkPm2XwSTwLnsC1Iqh8sQ7GF514PmMtUbeTCsxwd3AirH8y8GKpSmtf
3CZjgO/KZgjQpvAcZ30tfkhJORZc1/ZBj6ZGfSxJM0hZOqDM5bRRKzq8rOVoMb94
KcH90ZAT0l7oj8hOkfmw/32/OGIoFfYmLfr3h05KL0XZTZ6nlX7jFaIEw5Y64FMw
A9QD3qIMIXFVUIIyYOxXPVeNjSvZl6vOT2jk2ghb9nfY8oKYnwlbSRh/esTvlEaR
8DJJ5lNxizdVzsIuYtE8czGWpy0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSwgenN
GOTiEbM3RkuRYZIgOVPAiTAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
Njk4YWEwYzktMzZjMy00YTQ3LTg0N2MtMGMyNDEyMjFiYTMyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8YA
ATANBgkqhkiG9w0BAQsFAAOCAQEASPpe18AcTZzP7YMp1CTb34TT+X/w4L+/E9D8
JbqZ/ZzjsLKen4ndWnlgaO/SpJoOSlO58DTpIIgxUlPjWLbPa+UlA4XrRbcgaA1a
I2eyhvIMbO/KljdcSwCrxhTeKjEgTWI2+WIABAQcz275nXfcF2t3idRmw1LJP8rG
Ak6/Xb3Lg6JTy50rdrfs/ZLMNdOpajbxazuYbALdpxwj+rvsG7SY1okMlwptDV/Y
KvOepyb3r7D+u7AL995c1DLvHOT/kJGr0OF89iR1WfP4uE4ymoqdz530vN1/JXRL
04JJVgCn/C94B9Yh2/ALW1n8+1GEObkqiwy5+LpY8kAQbA0SFg==
-----END CERTIFICATE-----
Generated at Fri Apr 17 08:20:29 2026 by rpki-client