Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5d322170-f0d4-4cd2-98f4-e2f1db786c6d.roa
File: 5d322170-f0d4-4cd2-98f4-e2f1db786c6d.roa (raw, json)
Hash identifier: gW/TOFaQLPggpiPTw6xWui5lfonwfCyha90d1uRNtzA=
Subject key identifier: B2:85:6C:ED:AA:26:5A:D6:74:3E:9B:70:71:00:0B:02:3C:68:45:A8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4B1AD617529ABF78AEC145FA515B2F0A3EBBEA5D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5d322170-f0d4-4cd2-98f4-e2f1db786c6d.roa
Signing time: Fri 08 May 2026 03:20:31 +0000
ROA not before: Fri 08 May 2026 03:20:31 +0000
ROA not after: Thu 06 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d059:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:1a:d6:17:52:9a:bf:78:ae:c1:45:fa:51:5b:2f:0a:3e:bb:ea:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 8 03:20:31 2026 GMT
Not After : Aug 6 23:59:59 2026 GMT
Subject: serialNumber=a5cb87bb7523afa683a535ff57bfea547400a51989b8fe96e7a40ff59c568360, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:4a:e3:57:ad:41:97:8a:ed:d9:0e:3c:7b:b8:
a8:6a:a7:43:5d:00:4a:fa:d1:8d:ec:d9:c5:23:9b:
42:01:f2:11:5e:11:9a:2e:8e:ce:b5:d2:1b:37:0d:
f6:f2:e7:5a:0b:ef:16:b3:6b:08:23:d2:ca:e9:2d:
b4:01:01:a9:fe:55:3c:97:c5:ce:f7:27:7f:01:af:
82:3d:73:4b:e9:5d:69:94:f2:80:83:72:34:48:3a:
6c:85:f4:3b:85:c5:39:10:a2:dd:6b:98:64:fb:6d:
91:9c:d1:8f:fa:d9:a9:a7:f0:40:9a:b8:7b:7b:0a:
f5:19:a4:ee:74:1b:31:e4:dc:7a:b7:ef:92:9d:bf:
ec:f8:0d:9c:6b:fc:ae:4e:25:82:92:cd:39:1c:b9:
57:d5:3a:4d:ee:86:d2:2d:9d:73:1f:2a:04:99:d2:
94:18:8c:60:0c:74:ec:52:40:06:f0:f3:20:27:00:
fe:36:c8:3c:36:62:22:11:69:46:b2:a5:c9:19:57:
f4:06:41:0e:59:1b:1f:b3:69:d9:72:24:56:f6:92:
91:37:97:44:ac:9f:13:2d:2d:07:57:84:2f:08:b1:
92:0f:0b:d6:21:7f:3b:78:9f:c0:b7:16:7c:2b:76:
60:21:af:da:42:05:d4:1f:81:ea:9d:46:ac:83:ac:
cd:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:85:6C:ED:AA:26:5A:D6:74:3E:9B:70:71:00:0B:02:3C:68:45:A8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5d322170-f0d4-4cd2-98f4-e2f1db786c6d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:1000::/40
Signature Algorithm: sha256WithRSAEncryption
75:5d:8a:cb:66:21:85:9d:46:0f:73:a7:1a:42:85:1d:aa:30:
87:16:f9:9b:21:b9:f2:5a:3e:eb:9b:35:7d:cf:bb:aa:c1:25:
42:31:4a:b4:0b:c5:a0:42:fb:71:04:e4:69:b5:84:21:bd:de:
0e:a0:ac:6a:70:12:70:23:82:1b:13:f1:4b:f9:78:f1:95:c2:
b1:b5:fd:48:5b:ef:ba:22:5b:85:6e:98:65:0f:f0:d1:71:f9:
14:c8:1b:4f:38:51:16:21:a7:e5:bf:6c:01:7c:70:5c:84:62:
65:a3:00:de:15:6a:71:22:b0:0d:7e:9f:51:1b:15:26:1b:48:
9c:3d:79:10:0c:43:95:c7:6a:49:0a:a1:b5:84:d3:7b:1e:1b:
ae:88:bf:87:94:90:89:d0:3b:31:d0:00:52:2c:b9:53:03:01:
8a:0f:79:d5:a1:41:19:d6:3e:ff:0e:1f:59:6d:37:f0:ad:00:
51:40:66:fe:1e:f2:7e:00:37:a6:00:e2:4a:f9:9d:8b:62:62:
3e:ff:2d:f5:c7:51:88:4e:70:8b:0b:19:db:e0:34:27:13:ac:
8f:da:3e:7c:5a:59:93:39:de:68:98:af:d4:76:7d:23:96:ba:
4b:cc:72:72:cc:32:98:2e:84:e8:df:04:d3:14:cb:f5:b1:9d:
38:fc:53:00
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUSxrWF1Kav3iuwUX6UVsvCj676l0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDgwMzIwMzFaFw0yNjA4MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGE1Y2I4N2JiNzUyM2FmYTY4M2E1MzVmZjU3YmZlYTU0NzQwMGE1MTk4OWI4
ZmU5NmU3YTQwZmY1OWM1NjgzNjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKpK41etQZeK7dkOPHu4qGqnQ10ASvrRjezZxSObQgHyEV4Rmi6OzrXSGzcN
9vLnWgvvFrNrCCPSyukttAEBqf5VPJfFzvcnfwGvgj1zS+ldaZTygINyNEg6bIX0
O4XFORCi3WuYZPttkZzRj/rZqafwQJq4e3sK9Rmk7nQbMeTcerfvkp2/7PgNnGv8
rk4lgpLNORy5V9U6Te6G0i2dcx8qBJnSlBiMYAx07FJABvDzICcA/jbIPDZiIhFp
RrKlyRlX9AZBDlkbH7Np2XIkVvaSkTeXRKyfEy0tB1eELwixkg8L1iF/O3ifwLcW
fCt2YCGv2kIF1B+B6p1GrIOszfUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSyhWzt
qiZa1nQ+m3BxAAsCPGhFqDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWQzMjIxNzAtZjBkNC00Y2QyLTk4ZjQtZTJmMWRiNzg2YzZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FkQ
MA0GCSqGSIb3DQEBCwUAA4IBAQB1XYrLZiGFnUYPc6caQoUdqjCHFvmbIbnyWj7r
mzV9z7uqwSVCMUq0C8WgQvtxBORptYQhvd4OoKxqcBJwI4IbE/FL+XjxlcKxtf1I
W++6IluFbphlD/DRcfkUyBtPOFEWIaflv2wBfHBchGJlowDeFWpxIrANfp9RGxUm
G0icPXkQDEOVx2pJCqG1hNN7HhuuiL+HlJCJ0Dsx0ABSLLlTAwGKD3nVoUEZ1j7/
Dh9ZbTfwrQBRQGb+HvJ+ADemAOJK+Z2LYmI+/y31x1GITnCLCxnb4DQnE6yP2j58
WlmTOd5omK/Udn0jlrpLzHJyzDKYLoTo3wTTFMv1sZ04/FMA
-----END CERTIFICATE-----
Generated at Tue May 12 23:14:57 2026 by rpki-client