Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/80297c9d-2fd7-4e7a-9f18-49ac9b12c680.roa
File: 80297c9d-2fd7-4e7a-9f18-49ac9b12c680.roa (raw, json)
Hash identifier: /0rLnMAmam46EVTWy0dBVB27QoiQHVn+NwJ9YjTvXEw=
Subject key identifier: 6D:8D:01:E1:AE:2C:70:60:6A:B5:C5:EA:05:B7:FA:AB:94:C8:BF:6C
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 39B477011E2A492FB7036F089A488A857D661EFB
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/80297c9d-2fd7-4e7a-9f18-49ac9b12c680.roa
Signing time: Thu 26 Feb 2026 02:00:30 +0000
ROA not before: Thu 26 Feb 2026 02:00:30 +0000
ROA not after: Wed 27 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 83.118.240.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:b4:77:01:1e:2a:49:2f:b7:03:6f:08:9a:48:8a:85:7d:66:1e:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: Feb 26 02:00:30 2026 GMT
Not After : May 27 23:59:59 2026 GMT
Subject: serialNumber=ed10944c6aa5f40b7acc068ffa73c7526a58d0cb058c43de384765376eee0b79, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:77:84:1e:3d:bb:a6:24:3c:eb:0e:33:ac:2a:
08:31:eb:43:42:ff:e8:ae:7e:dc:2d:86:d2:f4:a3:
06:c6:cb:05:37:2d:09:1c:5c:7d:2c:61:a5:49:bd:
dc:d2:87:13:f9:d0:ba:34:b4:97:6b:ae:97:0e:f0:
de:d5:7f:53:7d:96:86:05:3d:bf:d3:53:30:e3:44:
c3:d2:cf:03:76:2f:7b:cc:21:c2:50:97:ab:bc:61:
18:92:4e:61:da:a0:d4:b4:b1:4d:53:9d:ec:8e:fa:
b4:7c:ad:54:f6:44:bb:b0:4b:61:5e:ed:c7:c9:f7:
65:67:2b:4b:bb:dc:29:72:f5:16:6f:ee:88:49:f3:
05:86:60:06:e9:fd:a3:ba:48:92:f4:7b:c1:50:8b:
c5:bf:c0:81:6b:6c:37:d7:cb:9a:12:e1:67:83:5a:
f7:46:ae:d5:fc:5a:18:f7:3f:eb:e1:28:eb:9a:3c:
cb:b6:7b:a7:67:19:b4:30:00:bc:f3:5d:f3:2b:24:
18:36:42:a9:e1:99:68:89:7f:ea:97:c3:b1:50:2d:
e5:ca:4b:c8:5e:1d:69:17:b9:05:7f:17:22:e7:fe:
ba:0b:f4:c5:84:46:69:83:47:27:02:af:35:29:51:
78:d3:a4:7e:26:89:e3:11:53:db:c1:64:13:d0:35:
47:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:8D:01:E1:AE:2C:70:60:6A:B5:C5:EA:05:B7:FA:AB:94:C8:BF:6C
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/80297c9d-2fd7-4e7a-9f18-49ac9b12c680.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.118.240.0/20
Signature Algorithm: sha256WithRSAEncryption
b6:86:80:cb:37:d8:a9:76:f1:94:c7:0f:8a:e7:b9:82:94:f3:
ad:9e:92:d3:db:ff:34:fb:67:31:d0:51:9b:5e:da:3c:b3:9a:
3c:bb:c9:3a:28:c8:ac:7b:64:ff:a6:95:01:43:b6:41:b3:e5:
3a:56:22:d5:a7:94:d0:2a:0f:d5:c7:1a:74:26:64:e6:7f:a6:
c2:ad:69:a2:70:d2:7a:5e:a1:1f:fe:60:7f:99:f8:8f:68:5c:
56:b6:c0:47:2a:e3:de:29:bb:fa:9d:7c:c2:45:3f:97:4f:39:
82:2d:fc:9d:a0:32:58:61:5c:83:8f:d1:11:bb:6c:25:d9:97:
f5:62:a6:9b:e0:08:57:07:8e:c5:80:b8:11:c0:79:b6:cc:4c:
17:1a:a2:69:7c:39:59:cf:70:14:4e:5d:52:6a:96:37:13:4c:
61:15:0e:fd:d3:bd:e4:c5:6d:da:ca:40:8d:27:7c:a5:37:18:
fc:1f:09:a3:35:e6:42:8b:e9:83:92:6c:60:af:7a:74:24:c3:
d9:d9:49:32:d7:87:ab:76:6f:56:3e:d9:bf:46:7d:f2:ae:5d:
3b:f3:0a:c1:c2:8b:18:cb:1b:43:1d:b0:87:50:d4:d1:70:dc:
c8:8b:5a:21:11:24:b7:21:47:70:5f:67:5b:4c:c5:46:28:59:
bb:4e:2a:e9
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUObR3AR4qSS+3A28ImkiKhX1mHvswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjAyMjYwMjAwMzBaFw0yNjA1MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQGVkMTA5NDRjNmFhNWY0MGI3YWNjMDY4ZmZhNzNjNzUyNmE1OGQwY2IwNThj
NDNkZTM4NDc2NTM3NmVlZTBiNzkxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMB3hB49u6YkPOsOM6wqCDHrQ0L/6K5+3C2G0vSjBsbLBTctCRxcfSxhpUm9
3NKHE/nQujS0l2uulw7w3tV/U32WhgU9v9NTMONEw9LPA3Yve8whwlCXq7xhGJJO
Ydqg1LSxTVOd7I76tHytVPZEu7BLYV7tx8n3ZWcrS7vcKXL1Fm/uiEnzBYZgBun9
o7pIkvR7wVCLxb/AgWtsN9fLmhLhZ4Na90au1fxaGPc/6+Eo65o8y7Z7p2cZtDAA
vPNd8yskGDZCqeGZaIl/6pfDsVAt5cpLyF4daRe5BX8XIuf+ugv0xYRGaYNHJwKv
NSlReNOkfiaJ4xFT28FkE9A1RxcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRtjQHh
rixwYGq1xeoFt/qrlMi/bDAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
ODAyOTdjOWQtMmZkNy00ZTdhLTlmMTgtNDlhYzliMTJjNjgwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBFN28DAN
BgkqhkiG9w0BAQsFAAOCAQEAtoaAyzfYqXbxlMcPiue5gpTzrZ6S09v/NPtnMdBR
m17aPLOaPLvJOijIrHtk/6aVAUO2QbPlOlYi1aeU0CoP1ccadCZk5n+mwq1ponDS
el6hH/5gf5n4j2hcVrbARyrj3im7+p18wkU/l085gi38naAyWGFcg4/REbtsJdmX
9WKmm+AIVweOxYC4EcB5tsxMFxqiaXw5Wc9wFE5dUmqWNxNMYRUO/dO95MVt2spA
jSd8pTcY/B8JozXmQovpg5JsYK96dCTD2dlJMteHq3ZvVj7Zv0Z98q5dO/MKwcKL
GMsbQx2wh1DU0XDcyItaIREktyFHcF9nW0zFRihZu04q6Q==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:56:04 2026 by rpki-client