Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11758a9b-0e07-4929-92b2-ff867af4fa4f.roa
File: 11758a9b-0e07-4929-92b2-ff867af4fa4f.roa (raw, json)
Hash identifier: G/zwTdteVcxOmGWwP7McaYj3fAt/akb66k9Hv4P/wH4=
Subject key identifier: 29:32:00:D2:BE:50:83:A8:49:6A:2F:F2:A2:9F:D5:30:A4:AF:AE:2E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5151DDA2968D66AEF6E175333C5EB2066E35D028
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11758a9b-0e07-4929-92b2-ff867af4fa4f.roa
Signing time: Mon 11 May 2026 01:40:07 +0000
ROA not before: Mon 11 May 2026 01:40:07 +0000
ROA not after: Sun 09 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:51:dd:a2:96:8d:66:ae:f6:e1:75:33:3c:5e:b2:06:6e:35:d0:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 11 01:40:07 2026 GMT
Not After : Aug 9 23:59:59 2026 GMT
Subject: serialNumber=5ac2a89e3f2e478d375b562586aad8be342c9c4e3cc4a00326d4f8d47a5ff0e1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:6c:84:ef:31:98:7f:01:e7:41:27:e8:25:a3:
d1:7d:e4:75:e2:15:45:13:a1:d2:0c:89:bc:b5:29:
63:4e:16:a1:1d:66:50:11:39:84:ca:c1:40:41:6b:
a3:29:77:08:2b:3b:d7:b4:1f:5c:30:e1:50:6d:31:
96:04:ca:d8:96:c8:16:90:89:4c:98:b4:1b:e2:4a:
e7:09:7d:04:23:f6:e6:de:e3:b4:e3:21:62:2b:65:
43:59:df:94:36:4e:d7:17:18:50:6a:9f:55:0a:ec:
13:18:c7:2a:e8:12:18:c6:e7:58:c1:95:eb:ea:42:
b3:14:a0:81:33:08:68:30:68:61:6c:51:e7:f8:9e:
51:2e:d4:6b:6b:59:ea:56:60:59:ba:dc:e5:a5:5a:
36:2d:ec:3c:18:23:5a:67:90:41:33:97:b8:d2:4a:
ff:2f:05:86:31:1b:0b:14:0c:22:ac:e7:a4:c5:bd:
93:aa:09:80:37:1a:0c:00:3c:9b:29:06:35:ff:46:
bc:8d:40:c8:04:80:8a:28:aa:cf:01:bf:04:95:13:
71:08:07:3b:38:70:35:da:42:ea:c6:71:8f:87:ea:
e8:24:25:b7:0f:00:35:7c:10:ff:c9:74:38:d3:29:
ba:58:b0:a0:66:35:71:a6:2d:92:a6:72:9c:fb:17:
73:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:32:00:D2:BE:50:83:A8:49:6A:2F:F2:A2:9F:D5:30:A4:AF:AE:2E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/11758a9b-0e07-4929-92b2-ff867af4fa4f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:2000::/40
Signature Algorithm: sha256WithRSAEncryption
21:6c:f0:7f:69:02:31:83:0a:e4:97:fd:7c:ac:ff:91:e5:2c:
c8:13:d6:0e:35:84:8a:b2:6e:98:e1:ec:0e:00:d2:3c:0d:ca:
74:64:52:22:13:c4:df:84:e8:5a:9a:dc:eb:7d:ef:8a:e4:d7:
5e:04:54:99:86:82:f7:11:ab:e6:75:77:94:94:1f:00:20:31:
42:db:32:4a:50:8a:df:25:6a:a0:c9:6e:00:16:f1:90:f9:36:
7c:5c:73:4b:fa:86:43:e7:e2:91:04:f9:d4:1a:9a:67:ae:67:
f7:9c:25:c1:ba:57:5c:ee:a4:98:bc:0e:a4:8a:5e:9b:57:d4:
7d:4f:b2:59:81:fa:44:5f:29:b4:66:06:00:2c:36:c2:0f:50:
f8:6e:d2:c1:2d:f1:7e:36:65:49:85:c7:18:23:fc:45:a8:b2:
38:d2:df:f2:08:2d:56:bf:03:db:35:86:5c:94:20:80:8a:07:
20:fe:05:e4:ee:c7:8b:f3:e6:b5:98:b7:e8:11:f3:34:17:1e:
2d:80:2a:ae:56:5b:87:cc:2d:3c:46:35:79:19:e8:fa:8a:92:
7b:67:33:c3:99:49:cc:10:32:af:5f:de:fd:73:c9:33:04:0a:
bf:cb:ac:6a:2a:7c:31:bd:bb:1e:4b:31:4c:f8:30:34:8c:e4:
ba:64:f8:41
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUVHdopaNZq724XUzPF6yBm410CgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTEwMTQwMDdaFw0yNjA4MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDVhYzJhODllM2YyZTQ3OGQzNzViNTYyNTg2YWFkOGJlMzQyYzljNGUzY2M0
YTAwMzI2ZDRmOGQ0N2E1ZmYwZTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO5shO8xmH8B50En6CWj0X3kdeIVRROh0gyJvLUpY04WoR1mUBE5hMrBQEFr
oyl3CCs717QfXDDhUG0xlgTK2JbIFpCJTJi0G+JK5wl9BCP25t7jtOMhYitlQ1nf
lDZO1xcYUGqfVQrsExjHKugSGMbnWMGV6+pCsxSggTMIaDBoYWxR5/ieUS7Ua2tZ
6lZgWbrc5aVaNi3sPBgjWmeQQTOXuNJK/y8FhjEbCxQMIqznpMW9k6oJgDcaDAA8
mykGNf9GvI1AyASAiiiqzwG/BJUTcQgHOzhwNdpC6sZxj4fq6CQltw8ANXwQ/8l0
ONMpuliwoGY1caYtkqZynPsXc6cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQpMgDS
vlCDqElqL/Kin9UwpK+uLjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTE3NThhOWItMGUwNy00OTI5LTkyYjItZmY4NjdhZjRmYTRmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HQg
MA0GCSqGSIb3DQEBCwUAA4IBAQAhbPB/aQIxgwrkl/18rP+R5SzIE9YONYSKsm6Y
4ewOANI8Dcp0ZFIiE8TfhOhamtzrfe+K5NdeBFSZhoL3EavmdXeUlB8AIDFC2zJK
UIrfJWqgyW4AFvGQ+TZ8XHNL+oZD5+KRBPnUGppnrmf3nCXBuldc7qSYvA6kil6b
V9R9T7JZgfpEXym0ZgYALDbCD1D4btLBLfF+NmVJhccYI/xFqLI40t/yCC1WvwPb
NYZclCCAigcg/gXk7seL8+a1mLfoEfM0Fx4tgCquVluHzC08RjV5Gej6ipJ7ZzPD
mUnMEDKvX979c8kzBAq/y6xqKnwxvbseSzFM+DA0jOS6ZPhB
-----END CERTIFICATE-----
Generated at Tue May 12 23:14:01 2026 by rpki-client