Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7109e934-b803-4bd3-8dfc-cfe0c2222824.roa
File: 7109e934-b803-4bd3-8dfc-cfe0c2222824.roa (raw, json)
Hash identifier: doQnFg5sJ/NwUUEto4NRdHi4YyTlnulxOGRb/kv8vJM=
Subject key identifier: E3:BA:A8:99:62:9F:A3:E9:E3:C7:BF:AD:E9:43:41:A8:1D:9D:1F:22
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 67B1B26173E0908373EA173ED74BBFBC3B496A22
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7109e934-b803-4bd3-8dfc-cfe0c2222824.roa
Signing time: Mon 04 May 2026 15:30:11 +0000
ROA not before: Mon 04 May 2026 15:30:11 +0000
ROA not after: Sun 02 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:5040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:b1:b2:61:73:e0:90:83:73:ea:17:3e:d7:4b:bf:bc:3b:49:6a:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 4 15:30:11 2026 GMT
Not After : Aug 2 23:59:59 2026 GMT
Subject: serialNumber=da962f41847c9c5dddec1401ed4054a05796281094bcc1576b07ba0cab5253d7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:c6:88:7c:f9:6b:14:89:b0:44:e8:1a:34:9b:
04:7b:a1:cc:16:2f:46:3a:82:c5:ab:d8:31:8a:e6:
44:24:e8:28:c2:db:f3:51:9a:ef:6f:0b:93:c7:09:
36:e9:59:d5:be:34:1a:81:fb:22:82:ad:ee:bc:de:
37:55:83:63:bb:94:56:cd:23:ec:d1:62:2e:82:d8:
da:5b:9d:66:9a:4d:c2:2e:03:12:52:70:69:f2:52:
53:46:04:8a:76:9e:ea:8a:52:e4:b5:d1:9c:94:b5:
d6:bf:30:90:fc:87:d7:4b:0d:db:95:be:e5:d5:b7:
dc:be:7b:00:e0:52:b6:69:70:64:33:88:be:e1:d2:
3c:06:90:e2:f8:df:37:d4:9d:c7:41:4b:04:4c:8c:
ee:a5:4f:f5:d9:0f:37:87:8e:42:90:07:51:7a:1a:
61:1e:7e:9b:9a:05:3f:41:e3:9c:32:50:fa:c3:a4:
e6:39:a9:1f:61:60:dc:61:8c:44:75:fe:4a:e7:06:
84:7b:22:61:46:56:45:74:81:30:c2:6c:8d:28:46:
c3:17:ad:25:a5:86:85:c7:a4:12:86:25:c7:2a:21:
17:5b:54:a5:0b:7f:ca:37:7b:ba:ca:73:00:90:85:
9d:4d:2a:62:f1:e4:e6:e3:04:b9:3e:9f:ce:36:3d:
cb:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:BA:A8:99:62:9F:A3:E9:E3:C7:BF:AD:E9:43:41:A8:1D:9D:1F:22
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7109e934-b803-4bd3-8dfc-cfe0c2222824.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:5040::/46
Signature Algorithm: sha256WithRSAEncryption
7c:c7:71:d0:d0:22:95:4e:e6:fa:94:c3:1b:2f:f9:53:94:60:
f0:a5:cb:16:85:7d:b1:cd:07:98:01:50:ed:5c:e7:a7:c0:5c:
fa:e9:ac:24:cd:01:de:6e:86:85:c1:1a:0f:1b:05:d1:0c:ff:
e5:3b:d9:9f:5b:0e:77:27:03:b0:be:7d:bf:f2:6e:9f:aa:86:
22:16:da:b6:f6:00:3a:c7:52:04:3f:0b:ea:51:0c:f1:58:99:
2e:09:26:9f:6c:ab:df:40:9d:33:88:af:9d:78:7b:64:3c:d2:
33:53:3c:d3:d6:1c:54:ff:9f:a5:33:b3:a1:88:04:cc:99:20:
74:e2:a1:09:85:4d:46:94:92:ec:18:5b:23:3c:a2:a5:d2:7e:
6e:7a:c2:58:fb:1a:32:cb:65:9e:7c:1c:8a:01:d8:2d:ea:16:
12:90:71:24:11:04:d0:8d:10:2b:4a:97:29:0b:b9:ac:e1:a1:
b1:fa:15:01:c9:e5:ee:c1:c5:10:3d:34:0c:7d:fa:00:df:b3:
96:56:f2:1d:d8:af:8b:2a:e2:04:ec:77:1e:1f:4e:d4:0c:78:
89:25:3e:72:02:d5:d3:32:94:41:20:35:71:b4:eb:95:f6:ed:
55:69:52:81:ee:c4:a6:5e:3b:df:1f:00:91:af:e1:98:52:d4:
2a:39:43:11
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUZ7GyYXPgkINz6hc+10u/vDtJaiIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDQxNTMwMTFaFw0yNjA4MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQGRhOTYyZjQxODQ3YzljNWRkZGVjMTQwMWVkNDA1NGEwNTc5NjI4MTA5NGJj
YzE1NzZiMDdiYTBjYWI1MjUzZDcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK3GiHz5axSJsEToGjSbBHuhzBYvRjqCxavYMYrmRCToKMLb81Ga728Lk8cJ
NulZ1b40GoH7IoKt7rzeN1WDY7uUVs0j7NFiLoLY2ludZppNwi4DElJwafJSU0YE
inae6opS5LXRnJS11r8wkPyH10sN25W+5dW33L57AOBStmlwZDOIvuHSPAaQ4vjf
N9Sdx0FLBEyM7qVP9dkPN4eOQpAHUXoaYR5+m5oFP0HjnDJQ+sOk5jmpH2Fg3GGM
RHX+SucGhHsiYUZWRXSBMMJsjShGwxetJaWGhcekEoYlxyohF1tUpQt/yjd7uspz
AJCFnU0qYvHk5uMEuT6fzjY9y8MCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTjuqiZ
Yp+j6ePHv63pQ0GoHZ0fIjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzEwOWU5MzQtYjgwMy00YmQzLThkZmMtY2ZlMGMyMjIyODI0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HNQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAfMdx0NAilU7m+pTDGy/5U5Rg8KXLFoV9sc0H
mAFQ7Vznp8Bc+umsJM0B3m6GhcEaDxsF0Qz/5TvZn1sOdycDsL59v/Jun6qGIhba
tvYAOsdSBD8L6lEM8ViZLgkmn2yr30CdM4ivnXh7ZDzSM1M809YcVP+fpTOzoYgE
zJkgdOKhCYVNRpSS7BhbIzyipdJ+bnrCWPsaMstlnnwcigHYLeoWEpBxJBEE0I0Q
K0qXKQu5rOGhsfoVAcnl7sHFED00DH36AN+zllbyHdiviyriBOx3Hh9O1Ax4iSU+
cgLV0zKUQSA1cbTrlfbtVWlSge7Epl473x8Aka/hmFLUKjlDEQ==
-----END CERTIFICATE-----
Generated at Tue May 12 23:31:49 2026 by rpki-client