Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a025e69-9e3e-460c-9734-42e9bd14485c.roa
File: 7a025e69-9e3e-460c-9734-42e9bd14485c.roa (raw, json)
Hash identifier: tAgyVkiBuokCTV6ddTsr2iRPeStQjmPaID059GIkFgU=
Subject key identifier: 78:10:8D:F9:4D:55:EE:0F:2B:4E:0B:5B:10:04:D0:78:67:D2:54:7A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 421C1DB5143F5E50B08050FA6BCAFFF15D75272C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a025e69-9e3e-460c-9734-42e9bd14485c.roa
Signing time: Mon 11 May 2026 01:51:04 +0000
ROA not before: Mon 11 May 2026 01:51:04 +0000
ROA not after: Sun 09 Aug 2026 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d030:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:1c:1d:b5:14:3f:5e:50:b0:80:50:fa:6b:ca:ff:f1:5d:75:27:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 11 01:51:04 2026 GMT
Not After : Aug 9 23:59:59 2026 GMT
Subject: serialNumber=5ac1b8312c9c2fe0c911459f3d26279ab891b1584cb2bbe79c643a14bb88e847, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:ae:39:36:ec:f9:a3:7c:2e:4d:97:7a:e1:b4:
18:ab:bc:6c:4b:97:13:f5:a5:65:18:6e:38:df:54:
a6:76:8f:3f:7a:c7:6d:ab:64:46:65:10:14:f2:3c:
0b:4d:7d:7e:68:8a:fc:38:22:f9:10:2c:af:6e:bc:
3b:37:e6:0d:96:d1:49:0a:0a:db:a1:6b:1c:50:e1:
78:33:b0:92:89:16:53:2d:81:14:13:0a:76:76:57:
16:89:0a:ba:f8:67:1b:f8:53:bd:7b:a5:79:90:5e:
4a:c7:cf:f3:e9:aa:9f:a1:02:be:42:00:17:3a:cd:
da:a2:5f:97:ca:c2:33:61:64:1d:68:13:c2:d5:c3:
6d:31:a1:77:d8:67:85:d4:2e:69:42:82:d3:b9:09:
99:ef:36:45:8c:8c:6b:f5:ce:a8:2b:ad:90:03:78:
32:d2:25:c6:4b:f8:e2:2b:d7:3e:b3:f5:70:23:96:
8f:12:b5:a2:e0:a3:1b:af:7a:d8:b9:88:84:cc:04:
a3:a4:97:d4:cc:d6:a0:a0:3d:a4:8d:21:43:d9:2a:
2c:a8:a5:1b:3f:93:13:9c:85:2b:86:bc:34:67:29:
04:ae:73:12:6d:1c:5f:50:cc:37:6a:96:76:8e:89:
4b:8a:a2:cb:2c:d3:23:c9:aa:53:00:3c:b6:c3:29:
99:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:10:8D:F9:4D:55:EE:0F:2B:4E:0B:5B:10:04:D0:78:67:D2:54:7A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a025e69-9e3e-460c-9734-42e9bd14485c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:6000::/40
Signature Algorithm: sha256WithRSAEncryption
92:71:d2:3c:52:c8:bc:5f:55:c6:a1:14:fd:79:a8:3e:2e:34:
0b:fa:91:11:4a:06:aa:6a:7b:1c:73:02:95:d9:fa:cb:94:58:
40:22:92:4c:63:57:1a:af:ef:3b:53:f7:8c:11:f0:0d:9a:2d:
57:09:73:75:b0:a6:5c:ce:49:40:51:a8:8f:5c:96:53:b1:e8:
bc:af:1d:17:1a:9d:c5:a1:44:4f:b0:31:5e:19:1c:38:e6:96:
d3:06:42:b8:74:80:9a:8e:2e:3e:9b:63:36:d6:f0:b8:b5:00:
25:11:f9:3c:11:c5:2b:51:5d:bb:ea:e7:94:89:2c:10:41:dd:
50:ad:8c:bf:c7:81:48:ca:42:52:dc:5f:b8:0f:49:7a:9d:f8:
1b:89:3b:67:86:3b:12:c3:e2:44:bd:c4:a2:b2:02:af:2d:a5:
f7:56:98:b6:8d:cd:0e:e9:b6:92:51:be:11:e4:82:9e:b3:a2:
a3:6d:79:ec:b8:ae:41:f7:fd:87:ef:29:18:49:38:a3:e0:d4:
09:c0:79:61:27:02:47:0e:f0:9c:93:bf:dc:ee:0a:00:6a:64:
67:dd:63:f6:64:6e:99:63:63:20:4f:e6:5e:72:20:e1:91:d3:
98:26:31:65:79:64:71:15:8d:85:e0:db:7a:95:a8:81:fb:de:
2d:b9:ee:6c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQhwdtRQ/XlCwgFD6a8r/8V11JywwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTEwMTUxMDRaFw0yNjA4MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDVhYzFiODMxMmM5YzJmZTBjOTExNDU5ZjNkMjYyNzlhYjg5MWIxNTg0Y2Iy
YmJlNzljNjQzYTE0YmI4OGU4NDcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIiuOTbs+aN8Lk2XeuG0GKu8bEuXE/WlZRhuON9UpnaPP3rHbatkRmUQFPI8
C019fmiK/Dgi+RAsr268OzfmDZbRSQoK26FrHFDheDOwkokWUy2BFBMKdnZXFokK
uvhnG/hTvXuleZBeSsfP8+mqn6ECvkIAFzrN2qJfl8rCM2FkHWgTwtXDbTGhd9hn
hdQuaUKC07kJme82RYyMa/XOqCutkAN4MtIlxkv44ivXPrP1cCOWjxK1ouCjG696
2LmIhMwEo6SX1MzWoKA9pI0hQ9kqLKilGz+TE5yFK4a8NGcpBK5zEm0cX1DMN2qW
do6JS4qiyyzTI8mqUwA8tsMpmbcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR4EI35
TVXuDytOC1sQBNB4Z9JUejAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2EwMjVlNjktOWUzZS00NjBjLTk3MzQtNDJlOWJkMTQ0ODVjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DBg
MA0GCSqGSIb3DQEBCwUAA4IBAQCScdI8Usi8X1XGoRT9eag+LjQL+pERSgaqansc
cwKV2frLlFhAIpJMY1car+87U/eMEfANmi1XCXN1sKZczklAUaiPXJZTsei8rx0X
Gp3FoURPsDFeGRw45pbTBkK4dICaji4+m2M21vC4tQAlEfk8EcUrUV276ueUiSwQ
Qd1QrYy/x4FIykJS3F+4D0l6nfgbiTtnhjsSw+JEvcSisgKvLaX3Vpi2jc0O6baS
Ub4R5IKes6KjbXnsuK5B9/2H7ykYSTij4NQJwHlhJwJHDvCck7/c7goAamRn3WP2
ZG6ZY2MgT+ZeciDhkdOYJjFleWRxFY2F4Nt6laiB+94tue5s
-----END CERTIFICATE-----
Generated at Tue May 12 22:24:18 2026 by rpki-client