Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/21d4170c-c1ef-47cd-8708-3b0548bfa5c5.roa
File: 21d4170c-c1ef-47cd-8708-3b0548bfa5c5.roa (raw, json)
Hash identifier: OviTOW/vd1F/C2u4xwGeghMrS3DwZY31GE7POt+1pGA=
Subject key identifier: 2D:85:2C:D3:61:01:7D:D5:94:1E:21:A3:F2:C0:D5:4B:C3:BF:1D:DA
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 1B2BECCACE2115033EE8EFC175C07CB77CB98544
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/21d4170c-c1ef-47cd-8708-3b0548bfa5c5.roa
Signing time: Wed 18 Mar 2026 20:21:47 +0000
ROA not before: Wed 18 Mar 2026 20:21:47 +0000
ROA not after: Tue 16 Jun 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:6800::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 20 Mar 2026 08:03:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:2b:ec:ca:ce:21:15:03:3e:e8:ef:c1:75:c0:7c:b7:7c:b9:85:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: Mar 18 20:21:47 2026 GMT
Not After : Jun 16 23:59:59 2026 GMT
Subject: serialNumber=7ff3d7e166c1460f6d7f2b1a8290a33b089626abac8ce20d06f3861eedfc81e6, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:c2:94:2b:10:60:5d:dc:a4:9b:fe:27:33:4a:
52:87:ca:0a:2b:fa:fe:8b:0f:ed:30:a4:1d:78:39:
68:6b:8b:4d:44:e7:78:3d:04:b0:2b:cf:81:88:bc:
7b:32:0f:f4:a3:55:e2:94:07:e8:ee:3d:b2:6a:d2:
05:3c:8c:06:99:ed:1b:a3:84:2b:80:55:a5:1d:6e:
62:26:50:ba:74:f8:82:c6:28:6a:75:56:6a:bf:8e:
d8:9c:fa:d2:c4:99:83:62:9f:36:73:5a:66:60:00:
75:34:a1:81:d5:d7:a1:c1:47:10:82:73:54:1d:9b:
3a:91:78:d5:f1:82:96:5a:36:3a:52:b0:cd:0e:6d:
42:10:2e:aa:ee:b4:b0:60:2b:62:aa:50:81:5e:cb:
f6:fe:25:b5:d2:93:49:59:c8:02:c2:2b:ce:b8:90:
20:ea:d4:72:25:34:94:c5:26:60:46:aa:60:79:94:
38:96:ee:6d:e9:c1:6b:6b:4d:bc:d5:66:95:de:83:
18:3d:8b:84:42:e2:a7:d3:a3:bb:53:2e:ba:31:a9:
b3:65:e7:b9:fa:6b:03:04:99:39:4b:a5:f8:39:05:
bd:7d:2c:44:4d:3e:65:2b:a8:5a:7d:88:d7:43:4d:
17:7f:4c:ce:88:cc:19:fd:b5:ed:06:2c:c2:ad:a8:
33:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:85:2C:D3:61:01:7D:D5:94:1E:21:A3:F2:C0:D5:4B:C3:BF:1D:DA
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/21d4170c-c1ef-47cd-8708-3b0548bfa5c5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:6800::/48
Signature Algorithm: sha256WithRSAEncryption
5b:10:b5:03:78:07:20:44:c0:82:cb:27:eb:e1:2b:a5:13:2e:
54:78:d6:d2:58:c2:ac:f7:69:50:27:96:07:47:5c:51:dc:33:
35:0d:a0:5d:d9:b7:56:86:72:f9:9e:b8:e3:93:d0:93:bd:41:
a9:74:72:ce:55:04:6d:05:7e:5d:85:21:fc:5a:ed:27:17:dc:
ad:c4:55:52:64:3a:8b:28:1b:a1:87:8c:2e:7c:cb:24:b2:e7:
88:4a:38:64:fd:cc:a4:3b:65:d0:8f:bf:ad:97:ba:17:93:3b:
a2:fc:e5:09:25:9a:e2:14:a2:e0:49:de:2d:15:c9:b5:7b:3a:
68:fb:df:39:4c:61:0e:15:93:40:3c:8d:e7:c5:75:ea:84:64:
01:a6:1c:7d:28:06:f5:f5:e5:b6:3a:9c:36:4f:b5:68:87:66:
f1:31:dd:bd:d3:6f:6e:56:b2:b6:55:14:7a:0c:04:9c:2b:15:
a8:2f:fa:f9:43:2c:79:73:5c:30:1b:d4:d6:70:be:5f:10:5e:
ff:c6:91:4f:40:1c:42:38:e1:ae:34:a6:b0:6e:c9:ac:2d:15:
08:84:a1:00:dc:1e:a1:20:08:2a:6a:c7:0e:9a:3e:a9:67:2b:
9a:77:1d:62:f5:0f:fb:ed:96:19:82:dd:bf:e0:e9:00:5d:7b:
5d:65:60:4e
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUGyvsys4hFQM+6O/BdcB8t3y5hUQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNjAzMTgyMDIxNDdaFw0yNjA2MTYyMzU5NTlaMHoxSTBHBgNV
BAUTQDdmZjNkN2UxNjZjMTQ2MGY2ZDdmMmIxYTgyOTBhMzNiMDg5NjI2YWJhYzhj
ZTIwZDA2ZjM4NjFlZWRmYzgxZTYxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKrClCsQYF3cpJv+JzNKUofKCiv6/osP7TCkHXg5aGuLTUTneD0EsCvPgYi8
ezIP9KNV4pQH6O49smrSBTyMBpntG6OEK4BVpR1uYiZQunT4gsYoanVWar+O2Jz6
0sSZg2KfNnNaZmAAdTShgdXXocFHEIJzVB2bOpF41fGCllo2OlKwzQ5tQhAuqu60
sGArYqpQgV7L9v4ltdKTSVnIAsIrzriQIOrUciU0lMUmYEaqYHmUOJbubenBa2tN
vNVmld6DGD2LhELip9Oju1MuujGps2XnufprAwSZOUul+DkFvX0sRE0+ZSuoWn2I
10NNF39MzojMGf217QYswq2oMwMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQthSzT
YQF91ZQeIaPywNVLw78d2jAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
MjFkNDE3MGMtYzFlZi00N2NkLTg3MDgtM2IwNTQ4YmZhNWM1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABP8do
ADANBgkqhkiG9w0BAQsFAAOCAQEAWxC1A3gHIETAgssn6+ErpRMuVHjW0ljCrPdp
UCeWB0dcUdwzNQ2gXdm3VoZy+Z6445PQk71BqXRyzlUEbQV+XYUh/FrtJxfcrcRV
UmQ6iygboYeMLnzLJLLniEo4ZP3MpDtl0I+/rZe6F5M7ovzlCSWa4hSi4EneLRXJ
tXs6aPvfOUxhDhWTQDyN58V16oRkAaYcfSgG9fXltjqcNk+1aIdm8THdvdNvblay
tlUUegwEnCsVqC/6+UMseXNcMBvU1nC+XxBe/8aRT0AcQjjhrjSmsG7JrC0VCISh
ANweoSAIKmrHDpo+qWcrmncdYvUP++2WGYLdv+DpAF17XWVgTg==
-----END CERTIFICATE-----
Generated at Thu Mar 19 12:28:05 2026 by rpki-client