Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/325fa89c-1511-4efc-84ed-51af85c9ed14.roa
File: 325fa89c-1511-4efc-84ed-51af85c9ed14.roa (raw, json)
Hash identifier: +cy2W1QcMwblt7XBebBiqfapNyzxw+CqWKoXkuSg3Iw=
Subject key identifier: EC:24:D9:87:17:1D:F2:BF:11:68:10:AD:F8:2D:77:B9:2E:CF:11:E0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1AACC80DABA3595F550750774C51CF30F1E16E51
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/325fa89c-1511-4efc-84ed-51af85c9ed14.roa
Signing time: Fri 08 May 2026 03:30:09 +0000
ROA not before: Fri 08 May 2026 03:30:09 +0000
ROA not after: Thu 06 Aug 2026 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d074:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:ac:c8:0d:ab:a3:59:5f:55:07:50:77:4c:51:cf:30:f1:e1:6e:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 8 03:30:09 2026 GMT
Not After : Aug 6 23:59:59 2026 GMT
Subject: serialNumber=bfa9d367016a1c8be897a9670fc2dc4a5ae5699bfea0e5ff2da203db648a6e7f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:7b:27:43:3d:dd:c0:a4:e2:d7:2d:01:97:b6:
48:02:f2:b4:d1:5f:e4:63:8e:83:96:ed:b1:a0:9f:
7d:46:76:07:8d:2d:41:a9:e6:61:1f:ef:ab:3f:3d:
c8:5b:e6:d9:e7:38:1f:90:47:a8:52:e4:4b:87:47:
13:86:6b:b9:4b:81:76:c0:6e:e1:3f:e2:4e:ba:b6:
92:83:d2:e3:6b:0e:bc:f6:9b:aa:49:de:7f:f0:87:
79:7e:f9:3e:ce:7e:89:d3:4e:3c:2f:64:03:88:e0:
e3:69:6f:1a:5b:2c:2b:d1:50:f8:b1:65:09:fe:37:
4c:52:dc:48:5d:91:5c:9e:d1:e6:f3:82:79:7a:79:
d5:a5:41:ba:33:1e:76:ce:0b:55:06:f6:29:9b:5b:
ac:d8:98:a9:59:20:54:2b:c5:35:e0:92:cf:55:9a:
69:d7:08:46:da:25:bf:38:8e:3c:c4:14:35:b0:0d:
1a:0b:6a:c5:b2:b1:98:fa:a2:c1:fe:80:b1:2b:f2:
7c:64:8d:1b:d4:66:21:de:34:92:0a:a0:d5:62:38:
bd:0d:67:fe:9f:eb:2f:69:71:5c:c6:bc:59:a3:15:
cf:a2:a3:76:54:10:1c:3e:4f:73:cf:53:59:eb:35:
5f:ed:bb:7a:f3:e3:c0:6d:69:a6:ac:e4:22:d8:61:
6e:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:24:D9:87:17:1D:F2:BF:11:68:10:AD:F8:2D:77:B9:2E:CF:11:E0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/325fa89c-1511-4efc-84ed-51af85c9ed14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:1000::/40
Signature Algorithm: sha256WithRSAEncryption
8b:7c:1e:84:1e:07:25:74:35:cc:d8:b8:04:95:b7:66:e6:07:
4d:71:ce:24:05:7e:72:34:9e:20:d0:75:a2:ad:26:1c:8f:fc:
7f:f0:28:72:db:d8:80:df:8a:e5:ec:da:54:31:e5:a5:4d:27:
98:3a:18:8c:a5:96:fe:ba:6b:e6:7a:45:5f:3e:3a:cd:d2:3a:
2b:26:9f:38:50:87:31:5e:ce:0a:6a:1f:a9:b6:11:df:bd:ec:
c8:8e:ce:4a:52:66:dc:ca:e3:35:da:f5:71:2d:1e:2a:ba:55:
ed:67:f0:5f:8d:64:c3:eb:e6:be:a8:85:f8:53:d3:86:48:f9:
38:ef:ea:81:da:e9:03:82:ae:cd:56:d3:03:a5:ad:29:b5:75:
e5:cd:80:e0:f6:1e:84:a1:aa:5c:d9:1e:61:ba:e3:1e:e6:0d:
0e:8e:e6:94:b1:c9:09:75:98:6a:ba:84:bd:65:93:5c:e4:b0:
82:f0:01:f6:b9:e4:ae:a4:df:a2:e8:55:f1:8a:93:4d:29:94:
94:b4:ce:a3:41:d0:c8:dc:b9:4c:1e:12:f3:0e:36:61:c6:ea:
e7:1d:a0:eb:03:47:d1:fe:cf:ea:57:f1:e1:73:b7:06:97:64:
cc:c4:1a:e4:1b:1a:b3:b4:fd:d3:d3:f9:65:ea:b5:18:00:46:
2b:fa:6d:79
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGqzIDaujWV9VB1B3TFHPMPHhblEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDgwMzMwMDlaFw0yNjA4MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGJmYTlkMzY3MDE2YTFjOGJlODk3YTk2NzBmYzJkYzRhNWFlNTY5OWJmZWEw
ZTVmZjJkYTIwM2RiNjQ4YTZlN2YxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPB7J0M93cCk4tctAZe2SALytNFf5GOOg5btsaCffUZ2B40tQanmYR/vqz89
yFvm2ec4H5BHqFLkS4dHE4ZruUuBdsBu4T/iTrq2koPS42sOvPabqknef/CHeX75
Ps5+idNOPC9kA4jg42lvGlssK9FQ+LFlCf43TFLcSF2RXJ7R5vOCeXp51aVBujMe
ds4LVQb2KZtbrNiYqVkgVCvFNeCSz1WaadcIRtolvziOPMQUNbANGgtqxbKxmPqi
wf6AsSvyfGSNG9RmId40kgqg1WI4vQ1n/p/rL2lxXMa8WaMVz6KjdlQQHD5Pc89T
Wes1X+27evPjwG1ppqzkIthhboUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTsJNmH
Fx3yvxFoEK34LXe5Ls8R4DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzI1ZmE4OWMtMTUxMS00ZWZjLTg0ZWQtNTFhZjg1YzllZDE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HQQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCLfB6EHgcldDXM2LgElbdm5gdNcc4kBX5yNJ4g
0HWirSYcj/x/8Chy29iA34rl7NpUMeWlTSeYOhiMpZb+umvmekVfPjrN0jorJp84
UIcxXs4Kah+pthHfvezIjs5KUmbcyuM12vVxLR4qulXtZ/BfjWTD6+a+qIX4U9OG
SPk47+qB2ukDgq7NVtMDpa0ptXXlzYDg9h6Eoapc2R5huuMe5g0OjuaUsckJdZhq
uoS9ZZNc5LCC8AH2ueSupN+i6FXxipNNKZSUtM6jQdDI3LlMHhLzDjZhxurnHaDr
A0fR/s/qV/Hhc7cGl2TMxBrkGxqztP3T0/ll6rUYAEYr+m15
-----END CERTIFICATE-----
Generated at Tue May 12 23:15:56 2026 by rpki-client