Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/e1761481-a0e9-4093-b4d3-7919660f0dfa.roa
File: e1761481-a0e9-4093-b4d3-7919660f0dfa.roa (raw, json)
Hash identifier: EhRZTNkPrSPbz29aMmTOlBhK1dG3vM22RpjUfNKKm/8=
Subject key identifier: 63:83:45:14:45:45:1D:3D:4F:FF:38:58:FB:31:AA:51:3B:7E:61:95
Certificate issuer: /CN=df759b5af3da6c9df033b0de998970a4e79655d0
Certificate serial: 15579735CBF822B3E2ED3845AF149DFA8EED68CA
Authority key identifier: DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/e1761481-a0e9-4093-b4d3-7919660f0dfa.roa
Signing time: Fri 07 Nov 2025 20:21:55 +0000
ROA not before: Fri 07 Nov 2025 20:21:55 +0000
ROA not after: Fri 12 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:4800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.mft
rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:57:97:35:cb:f8:22:b3:e2:ed:38:45:af:14:9d:fa:8e:ed:68:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df759b5af3da6c9df033b0de998970a4e79655d0
Validity
Not Before: Nov 7 20:21:55 2025 GMT
Not After : Dec 12 23:59:59 2025 GMT
Subject: serialNumber=723f225a4b88689024d79b80f6596e944ec2abd5969bed5732425b35c4b8691f, CN=98d67deb-bb75-4e77-b1a0-36016b2d6350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:1b:b1:95:f3:a1:39:3d:97:93:26:7c:aa:0e:
be:95:68:31:5b:79:68:93:53:b0:f4:b4:ed:b3:10:
2a:4a:9e:8e:62:4d:f0:e5:a0:2a:af:e1:53:c9:6d:
2c:4f:20:7e:a6:67:94:8c:d6:6a:e2:6f:f0:c7:b6:
40:99:d7:d9:7d:0e:a6:6e:72:60:2e:c1:36:92:4c:
8b:1f:ef:a8:4b:4f:c8:44:bc:d7:32:da:5e:8e:5a:
a7:47:fa:3e:b5:56:d8:7a:1d:b4:b4:a9:5a:8a:ec:
dc:c3:8e:cd:40:07:b2:6d:43:f3:a6:30:4d:b5:3c:
e4:dd:37:cb:4b:04:63:08:1e:ea:ec:de:80:fe:99:
b9:eb:bb:cf:6c:e1:25:78:1e:bb:41:63:53:aa:b7:
c4:1d:e6:1d:52:60:b0:aa:ba:ef:6d:4d:8d:7f:e3:
a5:41:cd:08:6e:4a:b6:85:a9:8d:1e:36:69:68:53:
f1:3a:99:af:99:9c:1a:72:fb:d3:62:04:89:1c:0f:
60:6e:4a:9a:1c:5e:68:fe:1c:e7:ac:68:25:9c:d4:
a2:bc:59:af:7d:8f:8e:86:fa:2b:d4:c0:87:f9:ce:
b7:7c:19:fe:ee:26:de:e9:ad:f8:f0:2c:56:83:05:
ce:37:62:9f:bf:30:00:db:8e:45:0d:5b:bb:a9:68:
a1:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:83:45:14:45:45:1D:3D:4F:FF:38:58:FB:31:AA:51:3B:7E:61:95
X509v3 Authority Key Identifier:
keyid:DF:75:9B:5A:F3:DA:6C:9D:F0:33:B0:DE:99:89:70:A4:E7:96:55:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33WbWvPabJ3wM7DemYlwpOeWVdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/e1761481-a0e9-4093-b4d3-7919660f0dfa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/fe3737fb-095d-444c-92f4-3f7221fb544c/0XE5tZVyuGeaA_h7-1qBp7aY4So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:4800::/40
Signature Algorithm: sha256WithRSAEncryption
4c:15:a8:f6:7d:dd:4c:04:ae:4b:18:96:f2:38:04:1e:a1:55:
81:77:dc:21:c2:06:74:ad:48:e5:ec:96:95:ee:ca:aa:09:1a:
fa:e3:f5:9c:40:0e:4e:c9:fb:51:15:b5:d7:64:94:ae:75:53:
bb:ca:de:ca:0a:ac:68:c7:ed:bf:62:26:14:a0:a8:45:0e:dc:
af:56:97:6c:c1:c6:f6:ca:17:99:d0:b9:0c:9c:0b:85:53:4e:
98:44:9a:7e:52:65:8f:7a:b1:2f:ca:e3:6d:9c:53:3e:4e:53:
45:69:46:af:fa:c0:74:6a:37:a8:de:c5:03:ef:0e:29:fd:c2:
5b:55:23:a3:9a:39:b1:0e:fc:a2:4f:59:f0:dc:7d:fa:f6:79:
ee:de:f1:4f:36:28:af:7b:f8:e6:32:5a:da:35:ed:4b:0a:d7:
2c:63:87:ed:27:f5:49:62:cf:64:78:7a:7e:e2:87:14:42:5e:
22:ca:1d:5f:0b:8d:57:16:00:6b:28:43:ac:3f:dc:e2:ea:28:
8a:b6:77:33:e7:90:d6:88:ce:3e:a0:9b:51:78:54:8f:bb:7d:
98:23:6e:7d:25:73:93:64:22:ee:4b:44:c8:75:4b:e6:5e:71:
85:49:c2:2a:29:5a:c9:f2:b2:20:bc:17:de:54:b8:77:82:c6:
fc:21:bc:b8
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFVeXNcv4IrPi7ThFrxSd+o7taMowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY3NTliNWFmM2RhNmM5ZGYwMzNiMGRlOTk4OTcwYTRl
Nzk2NTVkMDAeFw0yNTExMDcyMDIxNTVaFw0yNTEyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDcyM2YyMjVhNGI4ODY4OTAyNGQ3OWI4MGY2NTk2ZTk0NGVjMmFiZDU5Njli
ZWQ1NzMyNDI1YjM1YzRiODY5MWYxLTArBgNVBAMTJDk4ZDY3ZGViLWJiNzUtNGU3
Ny1iMWEwLTM2MDE2YjJkNjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMUbsZXzoTk9l5MmfKoOvpVoMVt5aJNTsPS07bMQKkqejmJN8OWgKq/hU8lt
LE8gfqZnlIzWauJv8Me2QJnX2X0Opm5yYC7BNpJMix/vqEtPyES81zLaXo5ap0f6
PrVW2HodtLSpWors3MOOzUAHsm1D86YwTbU85N03y0sEYwge6uzegP6Zueu7z2zh
JXgeu0FjU6q3xB3mHVJgsKq6721NjX/jpUHNCG5KtoWpjR42aWhT8TqZr5mcGnL7
02IEiRwPYG5KmhxeaP4c56xoJZzUorxZr32Pjob6K9TAh/nOt3wZ/u4m3umt+PAs
VoMFzjdin78wANuORQ1bu6looXUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRjg0UU
RUUdPU//OFj7MapRO35hlTAfBgNVHSMEGDAWgBTfdZta89psnfAzsN6ZiXCk55ZV
0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMzV2JXdlBh
Ykozd003RGVtWWx3cE9lV1ZkQS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9mZTM3MzdmYi0wOTVkLTQ0NGMtOTJmNC0zZjcyMjFmYjU0NGMv
ZTE3NjE0ODEtYTBlOS00MDkzLWI0ZDMtNzkxOTY2MGYwZGZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZmUzNzM3ZmItMDk1ZC00NDRjLTkyZjQtM2Y3MjIxZmI1
NDRjLzBYRTV0WlZ5dUdlYUFfaDctMXFCcDdhWTRTby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACABP8dI
MA0GCSqGSIb3DQEBCwUAA4IBAQBMFaj2fd1MBK5LGJbyOAQeoVWBd9whwgZ0rUjl
7JaV7sqqCRr64/WcQA5OyftRFbXXZJSudVO7yt7KCqxox+2/YiYUoKhFDtyvVpds
wcb2yheZ0LkMnAuFU06YRJp+UmWPerEvyuNtnFM+TlNFaUav+sB0ajeo3sUD7w4p
/cJbVSOjmjmxDvyiT1nw3H369nnu3vFPNiive/jmMlraNe1LCtcsY4ftJ/VJYs9k
eHp+4ocUQl4iyh1fC41XFgBrKEOsP9zi6iiKtncz55DWiM4+oJtReFSPu32YI259
JXOTZCLuS0TIdUvmXnGFScIqKVrJ8rIgvBfeVLh3gsb8Iby4
-----END CERTIFICATE-----
Generated at Tue Nov 11 13:54:57 2025 by rpki-client