Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/6d69a6a5-1d1c-454d-a569-3c74d280c7d7.roa
File: 6d69a6a5-1d1c-454d-a569-3c74d280c7d7.roa (raw, json)
Hash identifier: py4106QoIGXMcbwdyKnJwzRX7BId81ufVjEY39a0ay0=
Subject key identifier: 81:D8:35:F3:EB:2D:DC:CC:26:5F:14:05:6E:80:E7:15:4D:9C:5D:CE
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 3DB5DF27EA0254B3A4D01F43A83DBA3F18C4DE16
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/6d69a6a5-1d1c-454d-a569-3c74d280c7d7.roa
Signing time: Mon 25 May 2026 00:00:04 +0000
ROA not before: Mon 25 May 2026 00:00:04 +0000
ROA not after: Sun 23 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc6:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:b5:df:27:ea:02:54:b3:a4:d0:1f:43:a8:3d:ba:3f:18:c4:de:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: May 25 00:00:04 2026 GMT
Not After : Aug 23 23:59:59 2026 GMT
Subject: serialNumber=1aee256f23d08c3c8057ccef0c480054e494d8b07f0c7e8750d6ebb0a60d7efb, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:3e:5a:1c:80:38:0d:75:75:e1:85:fa:19:fe:
fe:79:24:d1:fb:f0:3a:3c:bb:99:ae:97:0d:9f:94:
40:5f:a3:9f:cd:6d:4c:54:f3:ec:38:2d:98:48:93:
40:b2:62:bb:2f:45:32:02:91:cb:bc:e3:82:83:76:
25:9a:00:99:d6:50:83:df:78:ed:7a:77:ac:2c:49:
c9:fe:ce:af:71:12:10:f2:57:56:89:83:36:96:eb:
61:cc:f4:a8:bb:0d:18:6a:a0:1d:be:94:0b:1c:55:
c3:e1:09:28:4d:42:15:9d:77:ed:dd:07:46:7c:c3:
1a:6d:1c:78:37:b2:44:20:7a:c6:2d:b9:72:c7:fe:
e9:a9:c0:07:b9:ee:2f:4a:fe:22:48:f2:fd:53:ea:
ff:51:82:31:39:25:68:b6:86:d8:4d:0d:49:7f:91:
7c:59:ca:fc:d6:9d:23:8f:ac:d1:e4:28:93:ad:39:
2d:7d:00:9f:db:78:9f:34:3c:2a:23:93:c9:aa:bf:
e6:2b:bb:f6:08:33:24:50:7c:24:87:37:dc:6a:8a:
73:61:de:f1:01:cc:da:1c:97:2d:89:df:8e:7c:c9:
1a:ca:c4:74:63:03:c5:db:0d:7b:b1:79:67:6c:6a:
bc:ee:d8:12:db:6b:1c:4e:e5:29:75:67:b6:e0:f2:
32:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:D8:35:F3:EB:2D:DC:CC:26:5F:14:05:6E:80:E7:15:4D:9C:5D:CE
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/6d69a6a5-1d1c-454d-a569-3c74d280c7d7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc6:2::/48
Signature Algorithm: sha256WithRSAEncryption
27:c3:ec:49:63:12:e5:3e:a4:fc:c8:29:83:c7:4a:ba:58:cf:
cf:7f:fc:7b:89:fd:dd:f8:ce:50:a9:87:a9:e4:18:9b:e0:27:
ee:5a:93:f2:7e:b6:ed:10:d8:ed:59:f6:64:88:28:63:98:af:
19:58:79:aa:a6:3f:0e:70:bf:08:e8:19:83:0c:c6:3e:4b:91:
4d:8e:77:79:46:a6:02:04:a5:84:47:0d:4c:a3:69:32:18:11:
a1:7b:02:d8:4f:d0:8b:34:6f:e4:00:f3:3f:de:6c:3c:dd:0d:
35:57:55:2b:d5:8f:b1:fe:89:95:b2:d3:b1:61:ca:15:ee:37:
21:6c:ec:4f:71:1e:1f:78:ad:88:a5:1f:42:be:1c:08:d5:ea:
b6:86:23:2c:56:5e:ab:e1:ca:bd:ad:cb:02:74:ea:65:02:93:
49:5b:54:df:1a:75:27:a4:54:4d:82:ac:c3:68:df:e5:9a:f3:
08:02:1f:4d:b8:d5:b9:23:6b:29:e2:df:e8:53:5e:75:f5:cb:
13:14:8f:a5:ef:b2:e4:5f:12:a4:39:97:0b:74:53:b1:02:9d:
f6:26:5d:48:c4:99:f4:29:21:c9:6b:02:dd:52:4e:ba:83:12:
50:9d:b2:71:f2:b1:03:c4:12:1b:a7:23:bf:f0:0d:95:04:98:
ad:84:b0:da
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUPbXfJ+oCVLOk0B9DqD26PxjE3hYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjA1MjUwMDAwMDRaFw0yNjA4MjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDFhZWUyNTZmMjNkMDhjM2M4MDU3Y2NlZjBjNDgwMDU0ZTQ5NGQ4YjA3ZjBj
N2U4NzUwZDZlYmIwYTYwZDdlZmIxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKU+WhyAOA11deGF+hn+/nkk0fvwOjy7ma6XDZ+UQF+jn81tTFTz7DgtmEiT
QLJiuy9FMgKRy7zjgoN2JZoAmdZQg9947Xp3rCxJyf7Or3ESEPJXVomDNpbrYcz0
qLsNGGqgHb6UCxxVw+EJKE1CFZ137d0HRnzDGm0ceDeyRCB6xi25csf+6anAB7nu
L0r+Ikjy/VPq/1GCMTklaLaG2E0NSX+RfFnK/NadI4+s0eQok605LX0An9t4nzQ8
KiOTyaq/5iu79ggzJFB8JIc33GqKc2He8QHM2hyXLYnfjnzJGsrEdGMDxdsNe7F5
Z2xqvO7YEttrHE7lKXVntuDyMh8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSB2DXz
6y3czCZfFAVugOcVTZxdzjAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
NmQ2OWE2YTUtMWQxYy00NTRkLWE1NjktM2M3NGQyODBjN2Q3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8YA
AjANBgkqhkiG9w0BAQsFAAOCAQEAJ8PsSWMS5T6k/Mgpg8dKuljPz3/8e4n93fjO
UKmHqeQYm+An7lqT8n627RDY7Vn2ZIgoY5ivGVh5qqY/DnC/COgZgwzGPkuRTY53
eUamAgSlhEcNTKNpMhgRoXsC2E/QizRv5ADzP95sPN0NNVdVK9WPsf6JlbLTsWHK
Fe43IWzsT3EeH3itiKUfQr4cCNXqtoYjLFZeq+HKva3LAnTqZQKTSVtU3xp1J6RU
TYKsw2jf5ZrzCAIfTbjVuSNrKeLf6FNedfXLExSPpe+y5F8SpDmXC3RTsQKd9iZd
SMSZ9CkhyWsC3VJOuoMSUJ2ycfKxA8QSG6cjv/ANlQSYrYSw2g==
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:03:52 2026 by rpki-client