Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6a082d12-70e1-4005-8dd1-52b78c0c75af.roa
File: 6a082d12-70e1-4005-8dd1-52b78c0c75af.roa (raw, json)
Hash identifier: TwSsn4xn05+w9NXwRQygr1L+ibUMAeHkd9Ih8tJXaas=
Subject key identifier: E8:46:57:E3:95:89:B0:7C:6B:4A:64:9E:08:0B:78:BB:A8:15:70:C4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4E01EF07DC4703EE5FE9A03992BE4C3817494743
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6a082d12-70e1-4005-8dd1-52b78c0c75af.roa
Signing time: Mon 04 May 2026 15:20:41 +0000
ROA not before: Mon 04 May 2026 15:20:41 +0000
ROA not after: Sun 02 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:a080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:01:ef:07:dc:47:03:ee:5f:e9:a0:39:92:be:4c:38:17:49:47:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 4 15:20:41 2026 GMT
Not After : Aug 2 23:59:59 2026 GMT
Subject: serialNumber=0452c9fd66fbe705c7fd72285c9ead9c2702af3d952666b62224f79777d0d13e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:23:7d:c9:8d:6c:e4:ef:c5:9a:c1:dc:47:1f:
ee:19:5f:71:d8:f2:5d:9a:3a:85:33:73:fe:33:7d:
a1:66:f1:2d:53:d9:56:37:22:14:cf:5d:a8:7c:7b:
6c:73:01:46:9f:fb:d2:f3:de:7c:c6:5e:3c:df:43:
51:4b:84:69:ac:a0:04:c4:fd:35:5f:dc:19:9b:f2:
78:19:4d:f2:14:ab:d5:8b:c2:63:ba:a6:7e:34:a0:
dc:4a:1d:e0:ff:fd:50:c2:07:b3:1a:dd:9c:e7:32:
61:1a:a9:58:5c:74:2e:38:9f:0b:f0:5d:8a:d4:49:
d2:2f:96:7d:b9:b9:75:19:7d:01:f2:31:63:79:8b:
22:80:71:65:39:8e:e5:e4:42:4c:5a:14:22:df:73:
c0:a2:78:e0:f3:86:43:fd:60:73:00:49:c3:a9:75:
a4:6c:35:07:41:96:b3:db:10:99:9c:e1:b5:f5:6f:
c4:7d:0b:fc:08:2b:be:c4:a8:4d:e8:d9:b8:29:a2:
fa:f3:ab:c7:4b:2f:28:28:a8:4d:2d:18:f1:12:6d:
94:d4:22:bc:0f:7e:c1:c7:62:71:5c:9c:84:a8:7d:
60:9a:02:14:a9:c7:c2:a5:06:c9:21:b1:1b:97:58:
73:38:c6:d2:50:9d:c6:32:7a:d3:e5:37:aa:a5:55:
a9:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:46:57:E3:95:89:B0:7C:6B:4A:64:9E:08:0B:78:BB:A8:15:70:C4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6a082d12-70e1-4005-8dd1-52b78c0c75af.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:a080::/46
Signature Algorithm: sha256WithRSAEncryption
3c:62:fe:96:37:2c:63:94:77:76:ad:72:5d:f8:20:89:aa:0a:
23:5d:58:98:0e:6d:7c:d2:1c:bd:f1:f0:ac:15:33:38:81:48:
86:31:86:cd:55:58:6d:26:bc:46:e4:56:83:0c:4b:a4:3c:c7:
98:f2:10:36:71:fc:fe:a3:35:2e:d2:27:f0:1a:43:d2:55:22:
2c:66:03:5a:82:75:f5:a1:fc:ac:48:55:18:aa:02:39:83:42:
38:3f:5a:1e:c6:fb:5b:4c:16:e6:36:63:8e:7e:7e:54:00:dd:
9d:62:30:6a:7d:70:b4:63:10:37:48:83:a5:7b:4c:8d:e0:81:
2a:9e:dc:c2:35:10:10:e2:c3:7e:50:23:15:43:19:d7:0b:fa:
75:d2:66:9b:86:ef:45:bc:ec:3d:12:0f:fe:fa:0e:9b:2b:99:
38:31:b2:de:e5:ad:58:bb:85:d9:a7:4e:df:c4:d6:ac:27:35:
63:a7:03:3d:6b:04:06:c1:64:f2:80:93:e8:51:ec:c4:1f:13:
81:a2:86:99:c1:dd:80:89:67:b2:eb:eb:1c:e8:0b:f2:d9:f8:
20:eb:ae:c5:72:ff:eb:c9:70:7d:b9:44:29:27:7a:f1:63:59:
de:17:84:62:90:e3:38:c6:da:6c:c1:ad:8b:1d:a4:55:2a:68:
c9:32:58:f8
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUTgHvB9xHA+5f6aA5kr5MOBdJR0MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDQxNTIwNDFaFw0yNjA4MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDA0NTJjOWZkNjZmYmU3MDVjN2ZkNzIyODVjOWVhZDljMjcwMmFmM2Q5NTI2
NjZiNjIyMjRmNzk3NzdkMGQxM2UxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOwjfcmNbOTvxZrB3Ecf7hlfcdjyXZo6hTNz/jN9oWbxLVPZVjciFM9dqHx7
bHMBRp/70vPefMZePN9DUUuEaaygBMT9NV/cGZvyeBlN8hSr1YvCY7qmfjSg3Eod
4P/9UMIHsxrdnOcyYRqpWFx0LjifC/BditRJ0i+Wfbm5dRl9AfIxY3mLIoBxZTmO
5eRCTFoUIt9zwKJ44POGQ/1gcwBJw6l1pGw1B0GWs9sQmZzhtfVvxH0L/AgrvsSo
TejZuCmi+vOrx0svKCioTS0Y8RJtlNQivA9+wcdicVychKh9YJoCFKnHwqUGySGx
G5dYczjG0lCdxjJ60+U3qqVVqSMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBToRlfj
lYmwfGtKZJ4IC3i7qBVwxDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmEwODJkMTItNzBlMS00MDA1LThkZDEtNTJiNzhjMGM3NWFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HOg
gDANBgkqhkiG9w0BAQsFAAOCAQEAPGL+ljcsY5R3dq1yXfggiaoKI11YmA5tfNIc
vfHwrBUzOIFIhjGGzVVYbSa8RuRWgwxLpDzHmPIQNnH8/qM1LtIn8BpD0lUiLGYD
WoJ19aH8rEhVGKoCOYNCOD9aHsb7W0wW5jZjjn5+VADdnWIwan1wtGMQN0iDpXtM
jeCBKp7cwjUQEOLDflAjFUMZ1wv6ddJmm4bvRbzsPRIP/voOmyuZODGy3uWtWLuF
2adO38TWrCc1Y6cDPWsEBsFk8oCT6FHsxB8TgaKGmcHdgIlnsuvrHOgL8tn4IOuu
xXL/68lwfblEKSd68WNZ3heEYpDjOMbabMGtix2kVSpoyTJY+A==
-----END CERTIFICATE-----
Generated at Wed May 13 01:25:41 2026 by rpki-client