Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/79b38dbd-37eb-42da-af11-211a30b259a9.roa
File: 79b38dbd-37eb-42da-af11-211a30b259a9.roa (raw, json)
Hash identifier: lF8fcEWGojlb9+wYrOJtlVgy80SY/bc8133ldzIdl48=
Subject key identifier: 2E:3F:87:99:BB:5C:A4:15:17:BD:A7:D6:08:F2:92:2E:C1:12:94:6B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 72BF325B55891AFAAC91AFB7F16656F429212ED8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/79b38dbd-37eb-42da-af11-211a30b259a9.roa
Signing time: Sat 02 May 2026 01:30:23 +0000
ROA not before: Sat 02 May 2026 01:30:23 +0000
ROA not after: Fri 31 Jul 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06a:60c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:bf:32:5b:55:89:1a:fa:ac:91:af:b7:f1:66:56:f4:29:21:2e:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 2 01:30:23 2026 GMT
Not After : Jul 31 23:59:59 2026 GMT
Subject: serialNumber=761f186a239e9a8c6cbd5aab2a4fdd7f466a230f000015654c24486e78cb2a16, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:1c:fe:1f:31:bd:0a:60:ba:a1:de:18:78:a2:
f9:f9:1b:8b:9d:f6:5b:21:39:12:1f:99:80:33:db:
8d:4c:88:63:0a:e1:9b:04:4d:3f:1d:0f:bc:a8:c6:
f8:9d:ba:3c:0a:3e:35:de:bd:ce:e0:93:97:a4:d2:
f8:a1:2b:0d:48:66:d6:6e:7b:bd:7d:8e:34:6d:8a:
3e:32:03:93:45:e4:04:df:b7:27:ea:36:52:70:bc:
cf:3c:6a:95:a0:0a:d4:a4:33:fd:de:3e:72:af:14:
9c:34:ef:80:4a:e1:c6:e5:3a:91:ff:ef:6f:f6:d4:
56:68:3e:73:a7:29:5c:7d:59:5b:41:38:e8:b1:3a:
44:6d:1c:cb:b9:47:70:41:7d:ca:5d:bc:34:2c:0b:
8f:7f:68:89:3d:4a:e1:a2:94:8a:c5:1a:9b:47:42:
ba:e4:57:bf:4e:c6:58:9c:a7:2d:98:64:00:64:fa:
3c:f3:39:81:6e:98:15:c3:13:d2:0a:1f:6d:d8:ff:
fe:2b:c7:cc:d6:ad:55:ed:08:67:9f:a9:be:6c:16:
68:7c:a7:c9:9c:65:d0:54:31:e9:c0:f0:f8:21:85:
bb:b1:65:9c:d4:3d:6a:fc:06:2d:4e:09:51:cc:3d:
89:48:10:74:39:c0:b1:fc:14:39:a0:86:88:e6:a4:
ce:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:3F:87:99:BB:5C:A4:15:17:BD:A7:D6:08:F2:92:2E:C1:12:94:6B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/79b38dbd-37eb-42da-af11-211a30b259a9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06a:60c0::/48
Signature Algorithm: sha256WithRSAEncryption
3f:25:ac:89:26:cc:be:d4:1e:18:e3:b4:e0:42:3c:7b:57:3f:
e8:1d:38:de:f2:89:97:37:42:d2:e5:c8:02:84:c4:49:f5:48:
41:f6:f8:e5:13:d6:23:18:fa:99:0f:23:17:e5:15:4a:94:49:
11:10:3f:2e:76:fa:f4:9b:e5:29:db:dc:e2:76:71:3a:75:eb:
82:07:62:45:82:b3:8b:5a:f7:29:75:76:2e:dc:63:5b:d0:25:
a4:cd:41:fa:4b:41:84:2a:8e:d1:0a:6d:11:21:2c:0b:5f:a1:
5b:42:55:22:a7:d7:d0:f6:dc:e8:10:59:14:c1:d9:b7:81:45:
a6:6f:c1:1d:6a:7a:68:af:61:6d:54:9c:f6:1f:67:b7:6f:7b:
6d:22:e3:61:89:f3:5d:29:a1:71:a0:f1:2a:7a:e8:12:13:e2:
3f:28:33:da:8d:91:97:4c:9f:d0:4c:00:20:e9:11:09:15:11:
4b:12:cf:e0:de:98:f2:e0:6c:e7:fd:a2:96:3d:e2:00:3b:a0:
a5:92:e6:dd:a0:28:51:77:bf:27:b5:93:33:9f:a9:ea:db:58:
3e:ac:2d:d3:70:3e:b8:ee:fd:d2:6b:09:55:2d:47:c8:f4:fc:
28:57:47:be:ca:23:c1:e2:91:42:17:82:76:e3:f8:cb:89:be:
9f:ae:9d:9a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUcr8yW1WJGvqska+38WZW9CkhLtgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDIwMTMwMjNaFw0yNjA3MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDc2MWYxODZhMjM5ZTlhOGM2Y2JkNWFhYjJhNGZkZDdmNDY2YTIzMGYwMDAw
MTU2NTRjMjQ0ODZlNzhjYjJhMTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKEc/h8xvQpguqHeGHii+fkbi532WyE5Eh+ZgDPbjUyIYwrhmwRNPx0PvKjG
+J26PAo+Nd69zuCTl6TS+KErDUhm1m57vX2ONG2KPjIDk0XkBN+3J+o2UnC8zzxq
laAK1KQz/d4+cq8UnDTvgErhxuU6kf/vb/bUVmg+c6cpXH1ZW0E46LE6RG0cy7lH
cEF9yl28NCwLj39oiT1K4aKUisUam0dCuuRXv07GWJynLZhkAGT6PPM5gW6YFcMT
0gofbdj//ivHzNatVe0IZ5+pvmwWaHynyZxl0FQx6cDw+CGFu7FlnNQ9avwGLU4J
Ucw9iUgQdDnAsfwUOaCGiOakzokCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQuP4eZ
u1ykFRe9p9YI8pIuwRKUazAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzliMzhkYmQtMzdlYi00MmRhLWFmMTEtMjExYTMwYjI1OWE5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0Gpg
wDANBgkqhkiG9w0BAQsFAAOCAQEAPyWsiSbMvtQeGOO04EI8e1c/6B043vKJlzdC
0uXIAoTESfVIQfb45RPWIxj6mQ8jF+UVSpRJERA/Lnb69JvlKdvc4nZxOnXrggdi
RYKzi1r3KXV2LtxjW9AlpM1B+ktBhCqO0QptESEsC1+hW0JVIqfX0Pbc6BBZFMHZ
t4FFpm/BHWp6aK9hbVSc9h9nt297bSLjYYnzXSmhcaDxKnroEhPiPygz2o2Rl0yf
0EwAIOkRCRURSxLP4N6Y8uBs5/2ilj3iADugpZLm3aAoUXe/J7WTM5+p6ttYPqwt
03A+uO790msJVS1HyPT8KFdHvsojweKRQheCduP4y4m+n66dmg==
-----END CERTIFICATE-----
Generated at Tue May 12 23:28:12 2026 by rpki-client