Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7cde339d-568f-4b5b-98d4-9eca268d8a43.roa
File: 7cde339d-568f-4b5b-98d4-9eca268d8a43.roa (raw, json)
Hash identifier: okUcvLJMit+1XUaWMIiBq6HKaSmwInNj6tfaPw8ehAY=
Subject key identifier: 37:26:F5:68:66:55:96:3B:A6:90:68:D6:F1:B3:FC:32:E2:7C:08:65
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2C015DA36461587860AA95014A0D2AF9B752FC14
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7cde339d-568f-4b5b-98d4-9eca268d8a43.roa
Signing time: Fri 08 May 2026 03:20:33 +0000
ROA not before: Fri 08 May 2026 03:20:33 +0000
ROA not after: Thu 06 Aug 2026 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d074:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:01:5d:a3:64:61:58:78:60:aa:95:01:4a:0d:2a:f9:b7:52:fc:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 8 03:20:33 2026 GMT
Not After : Aug 6 23:59:59 2026 GMT
Subject: serialNumber=bfa85526c22ceda5872069a4696d8cd397ec46915aa66e22193ca57491ea4161, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:b4:09:7f:b7:93:21:69:8b:4e:0a:42:52:7d:
dc:f9:d9:ac:17:03:b9:8b:21:ca:14:b5:dd:b9:54:
09:6f:c7:5a:12:d5:31:7d:00:ec:fa:b6:6c:5d:92:
5e:76:3c:b4:fe:70:5e:0a:eb:21:c1:07:ea:cd:e0:
a9:16:4f:16:bc:37:22:97:90:48:17:49:cb:38:62:
ca:98:6a:0c:53:46:31:f3:d3:86:46:96:93:d8:a8:
ac:8a:93:67:e9:24:a7:87:70:13:f9:dd:47:f2:53:
63:90:7d:a6:9a:02:75:f6:2c:1a:9e:d3:8f:0a:d9:
7e:e2:28:76:1b:5f:03:84:87:b0:99:e9:d2:9e:cc:
86:ca:01:b4:ef:41:e3:97:48:20:42:46:6f:64:3f:
74:04:ff:5c:1a:ba:fd:56:f0:b8:f3:3b:9a:5a:e7:
27:89:17:f3:6e:fd:7c:73:23:b5:28:27:6d:bf:70:
c3:5c:5c:a1:e3:dc:2b:69:65:34:a3:ec:96:a7:5c:
fa:b9:b0:ca:c3:88:0a:bd:a6:f7:ca:50:f1:8e:f1:
10:67:e2:b3:c6:bd:13:1c:5c:b7:c8:78:58:89:32:
68:ec:27:49:16:b6:a6:7c:4f:1d:a6:f2:28:62:01:
1e:03:68:eb:3e:9e:13:f2:73:a6:da:8e:19:b8:c5:
d4:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:26:F5:68:66:55:96:3B:A6:90:68:D6:F1:B3:FC:32:E2:7C:08:65
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7cde339d-568f-4b5b-98d4-9eca268d8a43.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:5000::/40
Signature Algorithm: sha256WithRSAEncryption
01:4b:b1:cb:b9:0d:13:31:39:2d:60:09:fe:38:cf:1c:79:c8:
ed:fd:5a:67:26:bb:c3:6b:c5:92:7d:f5:bc:dd:65:b1:c6:f6:
ad:09:26:6f:00:d4:29:b8:8e:0a:88:97:8c:c6:91:a5:3d:b7:
fe:b6:00:0a:8f:2d:d3:ca:7b:a4:4e:96:23:98:ba:f4:ac:df:
75:c4:84:97:09:d0:12:f1:28:f5:9c:39:1b:6f:95:7e:56:6d:
13:bf:3d:16:45:35:15:d7:e6:d3:6f:12:79:10:a6:9b:d9:5d:
55:c4:37:1d:f8:77:79:c5:9d:c8:e7:06:da:27:69:eb:64:22:
f1:36:57:0d:fa:dc:6e:d2:94:b1:e2:df:23:9f:93:f0:79:ee:
dd:73:8d:07:04:b8:66:8c:8d:ea:0e:36:1a:a8:10:16:20:4e:
c5:25:a7:fc:8c:84:8e:18:a7:dd:f4:82:74:1d:b7:e4:f5:6d:
69:cb:3c:8d:45:0f:0e:3d:e9:cb:5d:95:64:47:7c:18:a4:a1:
f4:f9:cf:bc:09:fa:86:07:91:5a:11:b1:ee:8e:76:2c:ff:09:
61:3e:5a:f5:32:96:e6:cb:51:54:7c:2e:67:4d:54:77:cc:a7:
aa:9e:04:be:28:fd:12:52:51:2c:fb:34:0b:95:d8:96:1e:40:
f3:6f:c9:47
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULAFdo2RhWHhgqpUBSg0q+bdS/BQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDgwMzIwMzNaFw0yNjA4MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGJmYTg1NTI2YzIyY2VkYTU4NzIwNjlhNDY5NmQ4Y2QzOTdlYzQ2OTE1YWE2
NmUyMjE5M2NhNTc0OTFlYTQxNjExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJe0CX+3kyFpi04KQlJ93PnZrBcDuYshyhS13blUCW/HWhLVMX0A7Pq2bF2S
XnY8tP5wXgrrIcEH6s3gqRZPFrw3IpeQSBdJyzhiyphqDFNGMfPThkaWk9iorIqT
Z+kkp4dwE/ndR/JTY5B9ppoCdfYsGp7TjwrZfuIodhtfA4SHsJnp0p7MhsoBtO9B
45dIIEJGb2Q/dAT/XBq6/VbwuPM7mlrnJ4kX8279fHMjtSgnbb9ww1xcoePcK2ll
NKPslqdc+rmwysOICr2m98pQ8Y7xEGfis8a9Exxct8h4WIkyaOwnSRa2pnxPHaby
KGIBHgNo6z6eE/JzptqOGbjF1AUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ3JvVo
ZlWWO6aQaNbxs/wy4nwIZTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2NkZTMzOWQtNTY4Zi00YjViLTk4ZDQtOWVjYTI2OGQ4YTQzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HRQ
MA0GCSqGSIb3DQEBCwUAA4IBAQABS7HLuQ0TMTktYAn+OM8cecjt/VpnJrvDa8WS
ffW83WWxxvatCSZvANQpuI4KiJeMxpGlPbf+tgAKjy3TynukTpYjmLr0rN91xISX
CdAS8Sj1nDkbb5V+Vm0Tvz0WRTUV1+bTbxJ5EKab2V1VxDcd+Hd5xZ3I5wbaJ2nr
ZCLxNlcN+txu0pSx4t8jn5Pwee7dc40HBLhmjI3qDjYaqBAWIE7FJaf8jISOGKfd
9IJ0Hbfk9W1pyzyNRQ8OPenLXZVkR3wYpKH0+c+8CfqGB5FaEbHujnYs/wlhPlr1
Mpbmy1FUfC5nTVR3zKeqngS+KP0SUlEs+zQLldiWHkDzb8lH
-----END CERTIFICATE-----
Generated at Tue May 12 22:25:02 2026 by rpki-client