Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/67a91910-a57c-4a04-8d7b-404bcd5fecf2.roa
File: 67a91910-a57c-4a04-8d7b-404bcd5fecf2.roa (raw, json)
Hash identifier: hvutG2cJlrjTX8VmDID3Ig+exXV9Iz55v7zoXxOOiqU=
Subject key identifier: F3:94:53:30:7D:65:BB:02:A1:B6:C3:4C:EC:56:A6:21:39:68:CA:FC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 65E44F73CF5321CF72E454EEC7FC02B4174D4699
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/67a91910-a57c-4a04-8d7b-404bcd5fecf2.roa
Signing time: Mon 11 May 2026 01:51:04 +0000
ROA not before: Mon 11 May 2026 01:51:04 +0000
ROA not after: Sun 09 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:e4:4f:73:cf:53:21:cf:72:e4:54:ee:c7:fc:02:b4:17:4d:46:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 11 01:51:04 2026 GMT
Not After : Aug 9 23:59:59 2026 GMT
Subject: serialNumber=439b673aaa889737ac1a925dd313b77b6ed2d6512f1598d246222941acb65137, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:25:e3:2f:a1:44:30:85:a4:fe:af:ef:74:43:
78:9b:ae:33:e3:03:64:16:72:9f:0c:a6:9c:16:fe:
5e:fb:f1:8c:19:c3:6f:53:b4:eb:f8:26:10:c3:31:
5b:e2:1f:ef:50:32:a2:f2:25:55:8c:ab:31:0a:18:
3a:a1:5f:ee:3b:2f:64:56:a4:42:57:69:d2:89:e3:
0e:7a:e3:02:14:e6:15:46:81:41:b4:d4:44:6a:ef:
bf:95:c5:59:55:80:f8:f7:e1:a9:29:2d:d3:1b:a2:
9b:6a:5c:66:b2:1f:e5:df:11:cc:01:f4:4b:f4:d7:
e4:7d:da:88:19:e8:8d:18:66:71:70:57:af:88:08:
ea:ce:e7:4a:35:b8:96:d1:ad:32:ec:88:bb:da:d3:
b5:39:1f:23:37:72:1d:d8:47:e5:e4:00:df:74:44:
0e:05:4c:0a:6f:a3:92:01:b3:7d:6e:d9:de:03:89:
71:7d:74:b3:e8:ff:02:bb:c8:fe:cb:f9:55:f6:9f:
d6:e9:7c:29:2d:46:72:2a:9c:38:ab:1f:d2:04:02:
08:2e:af:50:e1:42:a6:43:75:51:0d:a0:96:da:95:
c1:5c:e7:9c:4f:87:ca:da:e5:eb:0e:0e:65:6f:1d:
59:02:80:a2:d8:3e:1f:22:28:3f:45:93:30:f2:3e:
2f:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:94:53:30:7D:65:BB:02:A1:B6:C3:4C:EC:56:A6:21:39:68:CA:FC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/67a91910-a57c-4a04-8d7b-404bcd5fecf2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:6000::/40
Signature Algorithm: sha256WithRSAEncryption
1f:f6:ad:29:2e:94:7f:29:e0:7f:13:e5:52:9c:91:a1:d0:36:
f3:c9:d1:58:c2:7b:9e:ff:92:e7:d6:2d:2f:88:d6:1f:54:8c:
0f:da:07:89:41:35:f3:0f:ac:af:33:db:16:b6:af:08:e2:46:
0d:e0:67:bc:06:ae:15:2f:9d:5e:93:14:e2:61:f4:c0:71:9e:
77:29:6a:a2:6b:cd:0c:5b:fc:86:5e:6a:1a:14:1e:6d:17:04:
56:d4:b6:ec:04:1a:12:29:46:45:65:e2:17:b2:f1:9d:9d:40:
8d:27:6f:a6:ed:c2:35:9b:28:d4:69:d5:a2:46:1d:13:02:74:
41:14:21:e8:bc:95:80:1c:aa:d6:ca:af:b5:11:04:b4:bb:ed:
81:f6:b0:20:f0:73:cd:72:5a:b6:1b:95:2e:fc:45:dd:8a:d4:
3a:08:29:4c:43:ab:70:a7:43:d5:45:70:8f:55:7a:13:d1:80:
13:53:c6:e1:2e:97:d9:ab:f1:44:f2:1e:e6:79:9b:77:b4:1a:
0f:ab:8c:72:6d:0d:5d:e0:6e:6f:68:80:37:6e:c4:39:cc:e1:
41:0a:5c:dc:f9:8b:58:36:24:6f:e3:3b:d5:fc:9e:c4:4c:33:
ec:2b:4f:a8:06:ab:36:9c:4b:57:3f:48:9f:3d:49:ea:f0:43:
10:7b:9c:bf
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZeRPc89TIc9y5FTux/wCtBdNRpkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTEwMTUxMDRaFw0yNjA4MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDQzOWI2NzNhYWE4ODk3MzdhYzFhOTI1ZGQzMTNiNzdiNmVkMmQ2NTEyZjE1
OThkMjQ2MjIyOTQxYWNiNjUxMzcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOUl4y+hRDCFpP6v73RDeJuuM+MDZBZynwymnBb+XvvxjBnDb1O06/gmEMMx
W+If71AyovIlVYyrMQoYOqFf7jsvZFakQldp0onjDnrjAhTmFUaBQbTURGrvv5XF
WVWA+PfhqSkt0xuim2pcZrIf5d8RzAH0S/TX5H3aiBnojRhmcXBXr4gI6s7nSjW4
ltGtMuyIu9rTtTkfIzdyHdhH5eQA33REDgVMCm+jkgGzfW7Z3gOJcX10s+j/ArvI
/sv5Vfaf1ul8KS1GciqcOKsf0gQCCC6vUOFCpkN1UQ2gltqVwVznnE+Hytrl6w4O
ZW8dWQKAotg+HyIoP0WTMPI+L4ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTzlFMw
fWW7AqG2w0zsVqYhOWjK/DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjdhOTE5MTAtYTU3Yy00YTA0LThkN2ItNDA0YmNkNWZlY2YyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DBg
MA0GCSqGSIb3DQEBCwUAA4IBAQAf9q0pLpR/KeB/E+VSnJGh0DbzydFYwnue/5Ln
1i0viNYfVIwP2geJQTXzD6yvM9sWtq8I4kYN4Ge8Bq4VL51ekxTiYfTAcZ53KWqi
a80MW/yGXmoaFB5tFwRW1LbsBBoSKUZFZeIXsvGdnUCNJ2+m7cI1myjUadWiRh0T
AnRBFCHovJWAHKrWyq+1EQS0u+2B9rAg8HPNclq2G5Uu/EXditQ6CClMQ6twp0PV
RXCPVXoT0YATU8bhLpfZq/FE8h7meZt3tBoPq4xybQ1d4G5vaIA3bsQ5zOFBClzc
+YtYNiRv4zvV/J7ETDPsK0+oBqs2nEtXP0ifPUnq8EMQe5y/
-----END CERTIFICATE-----
Generated at Tue May 12 23:12:31 2026 by rpki-client