Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04034306-aaa4-40c8-9c1b-c3f1cfc23d5b.roa
File: 04034306-aaa4-40c8-9c1b-c3f1cfc23d5b.roa (raw, json)
Hash identifier: 6Z2VQwKHq9NOtna88YTgYCTZW+7J+mdeCFg/IT3SzuQ=
Subject key identifier: 17:9C:0F:E3:A6:60:16:F1:8A:7C:A9:7B:F5:52:E1:22:5B:03:5D:E4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 35CCB1910B8EA35216FB34C89A7404F86B328DB3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04034306-aaa4-40c8-9c1b-c3f1cfc23d5b.roa
Signing time: Fri 08 May 2026 03:20:55 +0000
ROA not before: Fri 08 May 2026 03:20:55 +0000
ROA not after: Thu 06 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d059:b000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:cc:b1:91:0b:8e:a3:52:16:fb:34:c8:9a:74:04:f8:6b:32:8d:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 8 03:20:55 2026 GMT
Not After : Aug 6 23:59:59 2026 GMT
Subject: serialNumber=c200bcdec294e90fa63ed35a6f94988659f3603ee083ce9e82ed0a546a7ef3c3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:58:75:38:83:70:3b:b1:3a:30:a7:95:5a:46:
2c:db:71:24:7e:d9:03:ba:64:7e:19:59:00:32:39:
9a:b7:ef:2c:c5:ef:c7:97:ee:05:cc:a0:15:4d:f4:
58:68:c7:2f:9b:dc:59:c0:8e:ae:28:1b:4c:be:35:
fc:c8:26:5b:a8:c9:34:ef:17:e7:2b:e3:0d:2b:10:
e1:99:01:66:8b:dd:a2:38:41:35:5f:f0:74:fe:2b:
21:22:33:7c:be:6f:49:0d:de:4c:b6:e2:f2:dd:17:
93:bd:60:90:ec:5c:83:bf:a9:db:14:94:cd:c3:ae:
b7:be:90:2c:bc:63:09:5a:be:6b:da:8e:cd:b9:ff:
e8:44:ee:21:2e:1c:51:77:24:ce:12:1e:92:e1:a1:
cd:4f:8b:b9:ed:0e:f8:a2:05:d2:5f:29:4c:97:cd:
cc:83:db:51:4f:b1:0e:cc:ea:b9:71:e0:98:8e:2e:
d8:fb:5f:60:41:25:e3:65:9b:29:b5:8b:9c:67:66:
51:7d:b9:fb:f7:c3:e2:db:f9:32:e5:c4:17:8b:15:
c9:03:c5:f6:d2:96:ce:30:69:d1:b4:bb:81:e9:43:
57:f2:51:93:41:21:17:e7:61:98:af:21:ce:ff:be:
72:bc:08:72:11:63:87:8f:e1:ee:3d:65:aa:cc:05:
94:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:9C:0F:E3:A6:60:16:F1:8A:7C:A9:7B:F5:52:E1:22:5B:03:5D:E4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04034306-aaa4-40c8-9c1b-c3f1cfc23d5b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:b000::/40
Signature Algorithm: sha256WithRSAEncryption
71:6c:bd:8c:28:cd:cb:c8:f0:f8:1e:21:52:9a:43:00:35:e8:
81:e1:83:65:e9:ca:7e:d4:ec:94:3f:69:fb:65:6d:4a:ad:14:
b3:97:6a:d0:8d:2d:7b:24:74:58:9a:b0:7a:9e:0a:0a:42:4e:
1f:b7:d4:d3:b0:14:cf:fc:c6:3f:76:01:11:66:93:41:34:dd:
2c:0f:70:2e:f6:73:ce:8f:43:a7:7b:cd:99:39:97:6b:a2:d8:
9c:49:08:31:ab:28:b5:e0:9a:f1:1d:47:81:02:73:ca:d7:29:
30:c9:8f:21:04:e3:e1:62:54:b9:2f:22:af:00:b8:dc:a6:b5:
c0:83:a2:cd:a5:5f:c6:77:4b:28:a9:9e:3d:7b:ed:d7:cd:ce:
e7:e9:38:12:dd:23:00:83:c7:2e:04:bd:3f:69:c5:0f:70:83:
92:0f:cc:18:a7:8d:83:de:15:f3:83:9a:d1:38:21:45:f2:60:
18:80:6e:38:7f:ca:54:53:17:30:81:ce:ac:84:45:7e:92:2e:
35:22:81:2c:fc:88:bd:18:94:e4:96:84:45:06:31:0f:95:30:
2d:99:b3:82:3b:0f:e5:eb:15:d4:4f:e4:da:91:a3:08:70:bc:
cd:a6:9e:33:42:0f:cc:59:7b:c6:85:6b:bf:de:3b:8b:c8:cd:
b4:1a:15:6b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNcyxkQuOo1IW+zTImnQE+GsyjbMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDgwMzIwNTVaFw0yNjA4MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGMyMDBiY2RlYzI5NGU5MGZhNjNlZDM1YTZmOTQ5ODg2NTlmMzYwM2VlMDgz
Y2U5ZTgyZWQwYTU0NmE3ZWYzYzMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK5YdTiDcDuxOjCnlVpGLNtxJH7ZA7pkfhlZADI5mrfvLMXvx5fuBcygFU30
WGjHL5vcWcCOrigbTL41/MgmW6jJNO8X5yvjDSsQ4ZkBZovdojhBNV/wdP4rISIz
fL5vSQ3eTLbi8t0Xk71gkOxcg7+p2xSUzcOut76QLLxjCVq+a9qOzbn/6ETuIS4c
UXckzhIekuGhzU+Lue0O+KIF0l8pTJfNzIPbUU+xDszquXHgmI4u2PtfYEEl42Wb
KbWLnGdmUX25+/fD4tv5MuXEF4sVyQPF9tKWzjBp0bS7gelDV/JRk0EhF+dhmK8h
zv++crwIchFjh4/h7j1lqswFlOUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQXnA/j
pmAW8Yp8qXv1UuEiWwNd5DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDQwMzQzMDYtYWFhNC00MGM4LTljMWItYzNmMWNmYzIzZDViLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fmw
MA0GCSqGSIb3DQEBCwUAA4IBAQBxbL2MKM3LyPD4HiFSmkMANeiB4YNl6cp+1OyU
P2n7ZW1KrRSzl2rQjS17JHRYmrB6ngoKQk4ft9TTsBTP/MY/dgERZpNBNN0sD3Au
9nPOj0One82ZOZdroticSQgxqyi14JrxHUeBAnPK1ykwyY8hBOPhYlS5LyKvALjc
prXAg6LNpV/Gd0soqZ49e+3Xzc7n6TgS3SMAg8cuBL0/acUPcIOSD8wYp42D3hXz
g5rROCFF8mAYgG44f8pUUxcwgc6shEV+ki41IoEs/Ii9GJTkloRFBjEPlTAtmbOC
Ow/l6xXUT+TakaMIcLzNpp4zQg/MWXvGhWu/3juLyM20GhVr
-----END CERTIFICATE-----
Generated at Tue May 12 23:13:15 2026 by rpki-client