Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5b65b415-a397-41d3-99dc-207c8689d0ee.roa
File: 5b65b415-a397-41d3-99dc-207c8689d0ee.roa (raw, json)
Hash identifier: iHAWcUuMhE6N69fOkp8xeoFc+qlZ1xL1vLQEFEUzL0Y=
Subject key identifier: EB:FB:E5:E6:C5:F8:50:CF:5D:CB:8C:3B:59:A5:DF:DC:95:64:7F:03
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 13EA13685E95E717ABA63D50BF063285B681BA72
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5b65b415-a397-41d3-99dc-207c8689d0ee.roa
Signing time: Mon 11 May 2026 01:51:09 +0000
ROA not before: Mon 11 May 2026 01:51:09 +0000
ROA not after: Sun 09 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:6000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:ea:13:68:5e:95:e7:17:ab:a6:3d:50:bf:06:32:85:b6:81:ba:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 11 01:51:09 2026 GMT
Not After : Aug 9 23:59:59 2026 GMT
Subject: serialNumber=140f1bd5f278beea7f1be5ef200b75db7cdccd957d1bb7de959546997d7b0095, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:66:9a:3a:33:b8:6e:ee:f1:1e:26:d1:88:4a:
e4:4e:67:66:d9:03:0e:75:52:c5:97:ef:10:b2:99:
e5:ce:28:93:29:ec:96:3d:81:d3:f8:fd:de:95:7f:
34:f1:5b:4e:c9:c7:b5:03:30:42:c5:95:d2:d4:f2:
1b:60:d2:91:7f:2e:1c:eb:99:67:c9:9f:fe:c8:2b:
71:ff:85:81:99:0b:49:d6:29:52:3d:63:f8:52:84:
28:36:cc:52:9e:32:30:76:e3:de:0b:ee:ef:dd:55:
da:68:ad:28:37:2e:04:be:c2:2b:26:fa:2a:7e:72:
a7:a0:2f:ae:c8:33:a6:41:eb:a7:f3:99:33:74:47:
47:9e:6d:6d:5d:10:e9:4f:3d:be:d4:38:99:5c:33:
10:64:de:0a:59:82:d1:5a:6a:6d:f4:1d:b1:29:24:
9b:8d:c3:fc:43:ad:fe:f6:d3:f7:e4:60:0c:33:6a:
1b:f4:35:54:d0:b8:0f:df:79:82:01:42:54:9e:32:
a2:05:74:e6:fc:62:fb:01:4d:49:14:63:e3:b8:f6:
5f:c6:93:97:3a:63:7b:70:fe:65:bd:71:89:86:09:
21:60:35:83:c0:3f:a3:62:9d:ec:5d:87:ab:77:1e:
93:fd:b8:27:8b:90:9b:77:62:6a:f1:fe:4b:5b:dc:
d3:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:FB:E5:E6:C5:F8:50:CF:5D:CB:8C:3B:59:A5:DF:DC:95:64:7F:03
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5b65b415-a397-41d3-99dc-207c8689d0ee.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:6000::/40
Signature Algorithm: sha256WithRSAEncryption
c9:75:3c:c1:2f:b7:fa:f2:a5:13:bf:9d:62:9c:23:e8:2f:a5:
92:7b:61:7d:28:fb:73:b0:31:3b:7b:51:90:e8:ad:73:76:0a:
41:be:54:24:df:98:53:cc:7d:45:d7:9f:14:5a:8c:b5:80:51:
aa:9e:ad:db:eb:48:5c:b9:28:68:bf:dc:01:2f:04:3d:ef:36:
58:97:84:d7:b1:98:a3:8b:7a:f0:5c:95:a6:7d:49:1c:90:d7:
f3:c6:1b:a8:16:db:d2:b9:b9:e0:48:3f:4c:70:24:11:57:e9:
eb:d8:4b:30:5c:8e:48:7a:f1:f4:6d:12:a4:44:af:1c:c1:f2:
78:b8:31:a3:fb:d4:32:c3:fe:5e:fd:13:64:3e:91:88:cf:f9:
cf:34:90:04:fc:a8:0d:2e:24:99:62:2e:ea:38:8c:02:b6:be:
67:a8:86:95:9b:09:03:03:45:26:42:9a:48:de:a3:9f:a8:25:
0e:16:d4:3f:bb:67:fd:7b:4e:b6:49:ff:da:be:4d:c3:7a:90:
c0:aa:f0:fc:57:7a:4d:dd:17:82:6e:be:66:c3:ac:d9:52:9d:
67:56:bb:9f:f5:3a:e3:6a:48:1e:a0:82:de:d2:63:28:4c:0c:
ce:6d:8d:4c:4a:57:26:46:8d:d7:a8:f4:70:90:b9:8e:b7:cc:
57:a6:bf:00
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUE+oTaF6V5xerpj1QvwYyhbaBunIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTEwMTUxMDlaFw0yNjA4MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDE0MGYxYmQ1ZjI3OGJlZWE3ZjFiZTVlZjIwMGI3NWRiN2NkY2NkOTU3ZDFi
YjdkZTk1OTU0Njk5N2Q3YjAwOTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANxmmjozuG7u8R4m0YhK5E5nZtkDDnVSxZfvELKZ5c4okynslj2B0/j93pV/
NPFbTsnHtQMwQsWV0tTyG2DSkX8uHOuZZ8mf/sgrcf+FgZkLSdYpUj1j+FKEKDbM
Up4yMHbj3gvu791V2mitKDcuBL7CKyb6Kn5yp6AvrsgzpkHrp/OZM3RHR55tbV0Q
6U89vtQ4mVwzEGTeClmC0VpqbfQdsSkkm43D/EOt/vbT9+RgDDNqG/Q1VNC4D995
ggFCVJ4yogV05vxi+wFNSRRj47j2X8aTlzpje3D+Zb1xiYYJIWA1g8A/o2Kd7F2H
q3cek/24J4uQm3diavH+S1vc0z8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTr++Xm
xfhQz13LjDtZpd/clWR/AzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWI2NWI0MTUtYTM5Ny00MWQzLTk5ZGMtMjA3Yzg2ODlkMGVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HZg
MA0GCSqGSIb3DQEBCwUAA4IBAQDJdTzBL7f68qUTv51inCPoL6WSe2F9KPtzsDE7
e1GQ6K1zdgpBvlQk35hTzH1F158UWoy1gFGqnq3b60hcuShov9wBLwQ97zZYl4TX
sZiji3rwXJWmfUkckNfzxhuoFtvSubngSD9McCQRV+nr2EswXI5IevH0bRKkRK8c
wfJ4uDGj+9Qyw/5e/RNkPpGIz/nPNJAE/KgNLiSZYi7qOIwCtr5nqIaVmwkDA0Um
QppI3qOfqCUOFtQ/u2f9e062Sf/avk3DepDAqvD8V3pN3ReCbr5mw6zZUp1nVruf
9TrjakgeoILe0mMoTAzObY1MSlcmRo3XqPRwkLmOt8xXpr8A
-----END CERTIFICATE-----
Generated at Tue May 12 23:13:55 2026 by rpki-client