Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/78085d0a-f1ac-43b7-ac6b-a8afcf9782f5.roa
File: 78085d0a-f1ac-43b7-ac6b-a8afcf9782f5.roa (raw, json)
Hash identifier: t+UHXZZmutBoE/F9Ihhaw1fTzktIeUOTJdrUYeCl9YM=
Subject key identifier: 81:FA:AC:B7:1F:FB:2B:27:E7:0D:8E:51:50:47:B6:58:18:3A:0B:6F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4F2F0302EDAF3D516E66BD87F383A10744A7E84B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/78085d0a-f1ac-43b7-ac6b-a8afcf9782f5.roa
Signing time: Mon 11 May 2026 01:50:04 +0000
ROA not before: Mon 11 May 2026 01:50:04 +0000
ROA not after: Sun 09 Aug 2026 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d030:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:2f:03:02:ed:af:3d:51:6e:66:bd:87:f3:83:a1:07:44:a7:e8:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 11 01:50:04 2026 GMT
Not After : Aug 9 23:59:59 2026 GMT
Subject: serialNumber=6e8106bf64f4227d78e106fe9673f921531b5d39273f9c1dafc6a3a560b8c26b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:3f:22:ff:32:c5:ce:d3:c4:15:8f:20:08:62:
2c:97:3f:1d:80:d6:d3:d2:ef:41:c2:83:62:86:db:
5b:81:03:5d:28:21:33:1f:2d:4d:19:1c:c5:70:0b:
f2:ad:8d:1b:ef:74:c2:c9:b7:29:89:15:82:15:49:
17:a6:c1:07:50:14:20:01:12:59:55:03:65:79:c4:
d4:b6:74:71:ee:b6:c0:45:35:47:d3:6c:aa:21:6a:
9d:78:e6:32:f7:e3:0a:93:e2:ca:c8:0e:b9:a1:31:
4f:7b:64:33:b5:c8:b6:c4:24:f9:c4:cd:d9:36:3c:
d3:0d:9d:d9:cf:4e:0f:d9:a6:e0:4e:3f:a9:0a:c2:
37:89:83:0a:9d:5f:63:a8:67:57:94:9d:da:da:50:
9e:45:c9:5e:82:38:76:78:52:51:ef:eb:fc:c2:d2:
ea:62:3a:2c:38:5c:4d:de:93:13:37:3a:3b:58:e4:
c8:d7:d3:48:16:0b:1a:3e:d8:fe:82:24:c0:dd:b3:
36:a2:f3:5b:4d:bc:a8:5d:47:d0:d5:7a:0a:1e:76:
77:86:54:53:ef:c8:fa:d3:0b:42:3d:9a:47:ad:41:
e2:20:ef:98:b6:bf:05:41:86:9e:c3:60:01:a1:a4:
fb:6e:68:b6:ba:26:44:92:ba:c9:24:a2:9d:42:b9:
52:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:FA:AC:B7:1F:FB:2B:27:E7:0D:8E:51:50:47:B6:58:18:3A:0B:6F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/78085d0a-f1ac-43b7-ac6b-a8afcf9782f5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:c000::/40
Signature Algorithm: sha256WithRSAEncryption
7f:46:fb:2d:3d:ec:56:ad:83:8d:7d:08:39:43:6a:e5:91:d0:
6a:10:fb:a7:9a:02:b1:8d:22:ba:b4:4e:39:94:67:5b:6d:2d:
d4:02:38:b0:07:14:02:91:05:b0:ee:67:86:1a:fd:da:95:79:
c1:b8:95:ae:3d:38:07:1f:2f:09:15:15:88:a1:dc:4f:37:4f:
ce:e2:2d:86:ff:08:32:a0:12:79:bb:1e:df:4f:1a:3f:76:6e:
35:37:a4:38:3f:11:36:20:c2:b7:76:eb:c0:88:11:51:09:7b:
70:6c:d4:57:78:d4:75:46:a3:2f:18:ba:0d:6b:53:a0:86:53:
91:20:57:90:a5:fc:19:30:a0:e8:28:45:8a:d2:e1:39:ab:d4:
83:90:96:d7:a2:09:83:a9:12:f2:e9:8f:99:b8:7c:9a:00:58:
71:a8:04:d3:e2:e9:97:b4:08:d4:42:b4:86:d0:54:1a:cb:7f:
d8:0c:3d:f8:f6:e2:ff:95:1a:44:76:b9:60:32:17:82:80:56:
5f:95:4e:ae:5e:e9:06:13:56:cb:3d:e9:43:4c:b8:c7:97:04:
5e:bc:d8:ca:6d:46:42:c6:b4:0d:23:44:ed:b1:e2:a9:3b:16:
dc:b8:80:21:d9:b1:39:a6:40:55:21:bb:bd:ab:b8:0e:2a:7a:
c1:a8:36:dd
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUTy8DAu2vPVFuZr2H84OhB0Sn6EswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTEwMTUwMDRaFw0yNjA4MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDZlODEwNmJmNjRmNDIyN2Q3OGUxMDZmZTk2NzNmOTIxNTMxYjVkMzkyNzNm
OWMxZGFmYzZhM2E1NjBiOGMyNmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK0/Iv8yxc7TxBWPIAhiLJc/HYDW09LvQcKDYobbW4EDXSghMx8tTRkcxXAL
8q2NG+90wsm3KYkVghVJF6bBB1AUIAESWVUDZXnE1LZ0ce62wEU1R9NsqiFqnXjm
MvfjCpPiysgOuaExT3tkM7XItsQk+cTN2TY80w2d2c9OD9mm4E4/qQrCN4mDCp1f
Y6hnV5Sd2tpQnkXJXoI4dnhSUe/r/MLS6mI6LDhcTd6TEzc6O1jkyNfTSBYLGj7Y
/oIkwN2zNqLzW028qF1H0NV6Ch52d4ZUU+/I+tMLQj2aR61B4iDvmLa/BUGGnsNg
AaGk+25otromRJK6ySSinUK5UtsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSB+qy3
H/srJ+cNjlFQR7ZYGDoLbzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzgwODVkMGEtZjFhYy00M2I3LWFjNmItYThhZmNmOTc4MmY1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DDA
MA0GCSqGSIb3DQEBCwUAA4IBAQB/RvstPexWrYONfQg5Q2rlkdBqEPunmgKxjSK6
tE45lGdbbS3UAjiwBxQCkQWw7meGGv3alXnBuJWuPTgHHy8JFRWIodxPN0/O4i2G
/wgyoBJ5ux7fTxo/dm41N6Q4PxE2IMK3duvAiBFRCXtwbNRXeNR1RqMvGLoNa1Og
hlORIFeQpfwZMKDoKEWK0uE5q9SDkJbXogmDqRLy6Y+ZuHyaAFhxqATT4umXtAjU
QrSG0FQay3/YDD349uL/lRpEdrlgMheCgFZflU6uXukGE1bLPelDTLjHlwRevNjK
bUZCxrQNI0TtseKpOxbcuIAh2bE5pkBVIbu9q7gOKnrBqDbd
-----END CERTIFICATE-----
Generated at Wed May 13 00:10:09 2026 by rpki-client