Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/03927569-0b5c-4807-96ea-c0c7c45fd675.roa
File: 03927569-0b5c-4807-96ea-c0c7c45fd675.roa (raw, json)
Hash identifier: zuLMJdE5rm566/gxPYXjjcmCS5YDUgPynykq7GAIXyo=
Subject key identifier: 13:DF:8E:A9:EA:25:E0:2F:ED:70:53:83:0B:C5:97:01:6A:75:0F:17
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 5354FBC02955074949FB345CFC08FFDA41B4B8CB
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/03927569-0b5c-4807-96ea-c0c7c45fd675.roa
Signing time: Fri 15 May 2026 00:30:10 +0000
ROA not before: Fri 15 May 2026 00:30:10 +0000
ROA not after: Thu 13 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc2::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 May 2026 08:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:54:fb:c0:29:55:07:49:49:fb:34:5c:fc:08:ff:da:41:b4:b8:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: May 15 00:30:10 2026 GMT
Not After : Aug 13 23:59:59 2026 GMT
Subject: serialNumber=308d4f4a8113ea7941bd2b29a430dbce5c9f445c1fc7ad5c8d5e3724f1ec6f4e, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:d2:72:ab:97:cd:84:97:b9:19:d4:03:1b:41:
db:a9:35:66:78:27:4c:b7:0c:07:43:46:c7:be:a2:
fb:2c:dc:53:98:6a:90:54:e7:ef:15:65:ee:fe:82:
4c:7d:d1:9e:83:e1:a0:32:13:a7:0c:6e:3f:7c:2c:
9e:b3:02:fa:c7:2e:44:1b:c3:47:62:da:d2:87:92:
e6:bd:d7:a2:0f:fb:1b:5e:f6:04:37:1b:27:42:3b:
fd:5c:fd:c9:31:70:b7:10:81:58:d9:d3:58:6d:86:
50:95:54:5b:a3:0d:69:ac:53:ac:c8:3b:d0:5d:e2:
de:36:16:c2:8d:23:6b:c4:be:7b:0b:e3:66:6b:e1:
ab:79:ee:cb:85:78:46:bb:ed:46:d7:f8:6f:fb:88:
93:a9:77:50:03:f8:0e:5c:65:db:33:d9:a9:d2:1f:
98:92:39:9e:b7:d1:64:2a:92:d7:b8:54:4f:9f:df:
81:53:77:16:01:fe:18:ff:44:d6:5e:3f:ac:14:b9:
a4:bc:91:83:9a:6a:45:be:fa:07:f9:74:24:9e:6c:
0e:56:12:28:b8:65:dd:ed:e7:47:5c:45:05:d7:68:
3b:e3:ad:d4:e9:22:86:d4:4d:e3:6a:e7:7e:78:0e:
d0:9d:88:34:65:7a:a1:ee:ae:dc:8c:c8:b0:ca:c4:
86:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:DF:8E:A9:EA:25:E0:2F:ED:70:53:83:0B:C5:97:01:6A:75:0F:17
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/03927569-0b5c-4807-96ea-c0c7c45fd675.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc2::/32
Signature Algorithm: sha256WithRSAEncryption
1d:24:f3:7a:f4:37:81:5b:1f:2b:b9:2e:9f:d1:d3:b6:91:52:
60:40:49:11:85:db:29:b7:5d:bb:4e:51:7d:33:ff:70:8a:0a:
b4:ad:67:04:74:3f:59:95:d8:42:cd:11:9b:cc:13:33:1a:0f:
02:fc:ed:95:ee:f7:a4:3f:18:ab:26:4b:17:21:5d:3d:58:bd:
e2:5f:10:3a:d9:9b:95:72:87:a7:3f:89:02:af:41:6d:17:a8:
26:23:75:50:4c:0e:40:fd:f9:e5:77:98:5a:b8:2c:a2:ff:ff:
a5:54:52:f3:ee:23:c1:9f:7f:61:87:ab:6c:f5:cd:bf:66:f8:
c6:aa:75:6f:f4:8f:df:e1:7e:f7:f1:d0:68:82:ec:ed:28:a3:
e3:ad:7d:50:6d:69:3c:37:aa:e9:c3:9b:32:89:b8:61:c0:8a:
a5:39:17:7e:e7:8c:b1:ba:ae:48:4e:bf:a2:e8:8f:6b:1e:90:
bc:16:a8:98:d7:48:84:b9:34:3b:48:20:0e:7c:1f:a0:6e:5c:
df:b2:d3:ec:36:25:d1:1c:2a:5b:64:de:c8:9d:d6:47:51:72:
cb:86:1d:82:85:d5:a8:d1:14:68:33:33:ba:fa:65:5a:81:cb:
6d:28:be:fa:03:e6:8d:e7:cc:ed:59:71:a8:60:8e:54:fb:b6:
d1:bc:6f:55
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUU1T7wClVB0lJ+zRc/Aj/2kG0uMswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjA1MTUwMDMwMTBaFw0yNjA4MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDMwOGQ0ZjRhODExM2VhNzk0MWJkMmIyOWE0MzBkYmNlNWM5ZjQ0NWMxZmM3
YWQ1YzhkNWUzNzI0ZjFlYzZmNGUxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJXScquXzYSXuRnUAxtB26k1ZngnTLcMB0NGx76i+yzcU5hqkFTn7xVl7v6C
TH3RnoPhoDITpwxuP3wsnrMC+scuRBvDR2La0oeS5r3Xog/7G172BDcbJ0I7/Vz9
yTFwtxCBWNnTWG2GUJVUW6MNaaxTrMg70F3i3jYWwo0ja8S+ewvjZmvhq3nuy4V4
RrvtRtf4b/uIk6l3UAP4Dlxl2zPZqdIfmJI5nrfRZCqS17hUT5/fgVN3FgH+GP9E
1l4/rBS5pLyRg5pqRb76B/l0JJ5sDlYSKLhl3e3nR1xFBddoO+Ot1OkihtRN42rn
fngO0J2INGV6oe6u3IzIsMrEhmUCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBQT346p
6iXgL+1wU4MLxZcBanUPFzAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
MDM5Mjc1NjktMGI1Yy00ODA3LTk2ZWEtYzBjN2M0NWZkNjc1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACABP8Iw
DQYJKoZIhvcNAQELBQADggEBAB0k83r0N4FbHyu5Lp/R07aRUmBASRGF2ym3XbtO
UX0z/3CKCrStZwR0P1mV2ELNEZvMEzMaDwL87ZXu96Q/GKsmSxchXT1YveJfEDrZ
m5Vyh6c/iQKvQW0XqCYjdVBMDkD9+eV3mFq4LKL//6VUUvPuI8Gff2GHq2z1zb9m
+MaqdW/0j9/hfvfx0GiC7O0oo+OtfVBtaTw3qunDmzKJuGHAiqU5F37njLG6rkhO
v6Loj2sekLwWqJjXSIS5NDtIIA58H6BuXN+y0+w2JdEcKltk3sid1kdRcsuGHYKF
1ajRFGgzM7r6ZVqBy20ovvoD5o3nzO1ZcahgjlT7ttG8b1U=
-----END CERTIFICATE-----
Generated at Fri May 22 17:36:44 2026 by rpki-client