Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0934ec3d-adc9-4da3-a247-ea0ad001df47.roa
File: 0934ec3d-adc9-4da3-a247-ea0ad001df47.roa (raw, json)
Hash identifier: faODWG3Sm+ZgBNvsewaccffK4xcOE0qddLLN17q7ZkE=
Subject key identifier: 3E:13:A4:9A:CB:37:0D:3E:80:5C:EA:09:26:7E:0C:69:D2:CE:55:DD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5BE74FE6A1B0E72CCD369013078521C28A081B22
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0934ec3d-adc9-4da3-a247-ea0ad001df47.roa
Signing time: Sat 02 May 2026 01:30:38 +0000
ROA not before: Sat 02 May 2026 01:30:38 +0000
ROA not after: Fri 31 Jul 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06a:e000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:e7:4f:e6:a1:b0:e7:2c:cd:36:90:13:07:85:21:c2:8a:08:1b:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 2 01:30:38 2026 GMT
Not After : Jul 31 23:59:59 2026 GMT
Subject: serialNumber=8838a3b5d65b0ac2f6c1e5f211559b2c1fcd0aac390a842c39860906d0072c61, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:74:44:ab:f6:31:55:6f:b5:97:8b:f8:66:8b:
41:b4:89:fa:87:27:51:e2:f0:48:7c:3b:52:d8:86:
14:18:0b:71:6f:f8:d8:d9:fa:7a:32:76:ba:2b:09:
34:44:48:dd:09:d6:20:42:e3:27:13:e9:22:44:a7:
7e:d8:78:19:de:a4:29:6d:c2:34:03:36:af:8e:fd:
36:9b:f0:8d:44:56:9f:59:9a:f8:5b:ba:ea:a0:46:
45:6d:71:b5:fa:23:2d:99:ab:ca:86:d0:d6:64:62:
8a:54:d2:35:58:88:d7:26:79:03:bd:d6:98:43:d6:
63:86:94:cc:70:5e:d5:f9:cd:c5:be:47:7c:8f:30:
11:31:11:3d:61:d3:15:d8:9d:61:a0:cd:90:94:09:
88:e2:28:88:71:b3:49:c2:4e:b0:c3:09:7d:f0:f4:
ed:f2:0c:da:12:9c:27:9b:0c:87:75:8a:72:47:9a:
ce:b1:fe:69:02:64:11:7c:5f:3c:5e:86:e2:a3:1e:
86:ed:61:a0:19:1e:65:53:ed:da:9f:fd:f2:3a:3a:
ce:43:42:97:fb:a1:11:6b:90:8c:66:0a:ea:c4:ae:
be:c2:3e:f1:ad:9d:10:78:5e:85:f2:ac:7a:33:91:
f9:ce:fc:ea:1f:4f:7c:2d:13:bd:4b:ee:e6:36:a4:
44:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:13:A4:9A:CB:37:0D:3E:80:5C:EA:09:26:7E:0C:69:D2:CE:55:DD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0934ec3d-adc9-4da3-a247-ea0ad001df47.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06a:e000::/40
Signature Algorithm: sha256WithRSAEncryption
99:8d:0e:03:19:0b:0a:b0:3e:01:a8:b6:f5:d6:16:6e:6f:d6:
c4:50:a9:4d:b4:47:44:b5:0f:03:5f:07:1b:dd:ac:03:4b:6b:
00:2f:53:03:73:1e:25:c8:d7:aa:ed:14:fb:06:d1:55:0b:cb:
dd:86:14:b8:99:f6:1a:ef:25:f4:d1:fc:31:64:b0:75:51:1d:
3f:2e:92:3e:57:49:7e:18:af:04:2f:e3:ef:8d:4f:b7:a4:bc:
95:7d:df:2e:23:5a:93:ff:dd:98:7d:e3:8f:46:98:50:bf:ab:
12:a5:c9:95:88:0e:6c:88:a5:6b:08:d2:3f:69:a3:10:20:9c:
24:0c:99:10:0a:2f:53:4f:e2:e5:5f:0c:b6:b6:d3:3b:a5:dc:
79:b1:02:fd:98:f7:f4:af:5c:3b:e1:6a:76:58:fd:aa:bd:5b:
ce:a4:5b:5c:12:56:cb:94:c0:c7:0f:9e:91:9f:18:08:36:67:
21:03:d1:0b:03:1c:0b:64:69:99:ba:99:23:8b:a1:7a:d4:e8:
cf:69:92:ef:03:74:e3:7f:14:a0:d7:4e:3b:30:b7:92:84:1a:
1d:04:de:09:e3:71:16:c2:1e:06:f5:44:46:7e:d3:f1:b0:4a:
3b:a8:9f:9d:e9:32:d6:35:d3:e0:5f:e2:fe:68:43:fe:3b:26:
2b:2d:63:e0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUW+dP5qGw5yzNNpATB4UhwooIGyIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDIwMTMwMzhaFw0yNjA3MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDg4MzhhM2I1ZDY1YjBhYzJmNmMxZTVmMjExNTU5YjJjMWZjZDBhYWMzOTBh
ODQyYzM5ODYwOTA2ZDAwNzJjNjExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALx0RKv2MVVvtZeL+GaLQbSJ+ocnUeLwSHw7UtiGFBgLcW/42Nn6ejJ2uisJ
NERI3QnWIELjJxPpIkSnfth4Gd6kKW3CNAM2r479NpvwjURWn1ma+Fu66qBGRW1x
tfojLZmryobQ1mRiilTSNViI1yZ5A73WmEPWY4aUzHBe1fnNxb5HfI8wETERPWHT
FdidYaDNkJQJiOIoiHGzScJOsMMJffD07fIM2hKcJ5sMh3WKckeazrH+aQJkEXxf
PF6G4qMehu1hoBkeZVPt2p/98jo6zkNCl/uhEWuQjGYK6sSuvsI+8a2dEHhehfKs
ejOR+c786h9PfC0TvUvu5jakRJ0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ+E6Sa
yzcNPoBc6gkmfgxp0s5V3TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDkzNGVjM2QtYWRjOS00ZGEzLWEyNDctZWEwYWQwMDFkZjQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Grg
MA0GCSqGSIb3DQEBCwUAA4IBAQCZjQ4DGQsKsD4BqLb11hZub9bEUKlNtEdEtQ8D
Xwcb3awDS2sAL1MDcx4lyNeq7RT7BtFVC8vdhhS4mfYa7yX00fwxZLB1UR0/LpI+
V0l+GK8EL+PvjU+3pLyVfd8uI1qT/92YfeOPRphQv6sSpcmViA5siKVrCNI/aaMQ
IJwkDJkQCi9TT+LlXwy2ttM7pdx5sQL9mPf0r1w74Wp2WP2qvVvOpFtcElbLlMDH
D56RnxgINmchA9ELAxwLZGmZupkji6F61OjPaZLvA3TjfxSg1047MLeShBodBN4J
43EWwh4G9URGftPxsEo7qJ+d6TLWNdPgX+L+aEP+OyYrLWPg
-----END CERTIFICATE-----
Generated at Tue May 12 23:28:01 2026 by rpki-client