Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7d1726e5-e9c4-4d05-af09-dd32f2219cc8.roa
File: 7d1726e5-e9c4-4d05-af09-dd32f2219cc8.roa (raw, json)
Hash identifier: 72VV72LxPT9M3/mDlh9uIkWl+FGhWaOP/xSs9HV0uDQ=
Subject key identifier: 2F:0A:07:5E:DD:E0:A7:3C:67:8F:70:BF:09:C0:B3:3B:0A:DC:F5:59
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 59BDFA814C852EF873C8AEAFA2E438BE77D40D2E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7d1726e5-e9c4-4d05-af09-dd32f2219cc8.roa
Signing time: Sat 02 May 2026 01:30:36 +0000
ROA not before: Sat 02 May 2026 01:30:36 +0000
ROA not after: Fri 31 Jul 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06a:e080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:bd:fa:81:4c:85:2e:f8:73:c8:ae:af:a2:e4:38:be:77:d4:0d:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 2 01:30:36 2026 GMT
Not After : Jul 31 23:59:59 2026 GMT
Subject: serialNumber=b9617bb9ca3451a0a8eb578f14b0366d55530ab7023b0d7e8df8614735b3c4b5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:84:b1:ab:cc:db:f5:46:67:56:3b:ea:6b:84:
c6:9e:7a:e4:af:c4:95:2e:48:35:da:17:be:47:d6:
e7:9c:7a:bf:c7:54:54:7d:e3:06:58:25:3b:38:66:
b1:00:e9:25:46:b1:7a:61:d8:35:7e:22:21:ca:bd:
a3:6c:8b:9a:25:ae:72:b9:c6:5b:19:1d:21:1b:fc:
d0:fe:62:03:87:a6:56:ca:0d:ed:08:2a:d4:b0:bb:
9b:8f:6a:5b:fd:6f:ce:15:0b:df:61:eb:84:47:e2:
b4:70:44:9f:8b:2f:e4:ec:ad:75:de:bd:9d:8c:18:
38:db:28:5e:1b:a7:be:2f:96:2f:02:e1:97:23:a1:
bf:9b:f3:4d:d1:ff:56:8a:11:01:97:03:3c:42:8b:
5a:d2:8f:e7:89:ee:4d:81:d3:26:99:46:ea:33:b0:
55:a4:f2:d1:52:82:d1:0c:77:ee:7d:e7:a4:1a:8b:
b7:91:9f:bf:2c:af:d4:fd:00:94:f6:a7:d7:b7:64:
bf:6f:5e:44:ae:de:31:f3:a9:de:e0:86:1a:23:22:
64:c8:52:0c:7f:ba:01:45:4f:f2:a9:70:0e:54:6f:
d5:18:3c:37:24:ba:7a:a5:3d:98:ca:4b:e9:a2:f1:
5a:63:37:ff:d7:0a:8e:ea:aa:bc:1c:3e:6b:40:3b:
e0:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:0A:07:5E:DD:E0:A7:3C:67:8F:70:BF:09:C0:B3:3B:0A:DC:F5:59
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7d1726e5-e9c4-4d05-af09-dd32f2219cc8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06a:e080::/48
Signature Algorithm: sha256WithRSAEncryption
72:c0:1b:6a:d2:9f:fc:a0:d4:4c:6d:a5:3e:68:0b:48:31:97:
7b:41:52:a1:25:56:d2:6a:3c:89:29:89:c6:97:ad:2d:e0:77:
74:01:39:80:29:36:43:4f:69:17:29:58:cb:c4:e2:7f:0f:cd:
a9:d9:0d:f2:48:08:8d:eb:93:5e:8c:fb:5c:d6:f2:9f:75:f4:
43:11:4a:f9:4b:b3:c3:bf:6a:d5:e5:40:01:29:f2:f2:a6:9c:
e9:34:2a:5f:e9:c3:1b:b1:10:38:89:43:66:e8:61:29:a4:0b:
72:52:19:bf:0a:4e:69:ae:3e:7a:16:4e:1c:a4:de:56:2d:75:
3d:03:b9:9c:18:1f:c6:4f:ea:94:c2:52:a1:7a:64:56:51:16:
a2:4a:49:f5:9d:16:8a:6c:bf:48:cd:2f:fd:8e:a4:1e:4b:db:
71:13:28:53:e7:eb:a4:3b:9c:7d:4d:0f:f1:8f:4b:ab:01:b6:
4d:e7:35:32:3f:08:a3:15:df:25:98:39:1d:ee:17:f1:d9:0d:
8b:d3:05:a7:23:a9:4b:ca:ee:05:3b:21:b9:32:1b:68:32:44:
66:af:c0:58:49:8d:b8:20:58:78:a2:18:05:ca:70:da:35:7e:
07:a2:ad:d2:14:6f:91:2a:7f:7b:98:db:71:86:21:d1:4e:12:
9b:4c:4f:bc
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUWb36gUyFLvhzyK6vouQ4vnfUDS4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDIwMTMwMzZaFw0yNjA3MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGI5NjE3YmI5Y2EzNDUxYTBhOGViNTc4ZjE0YjAzNjZkNTU1MzBhYjcwMjNi
MGQ3ZThkZjg2MTQ3MzViM2M0YjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOaEsavM2/VGZ1Y76muExp565K/ElS5INdoXvkfW55x6v8dUVH3jBlglOzhm
sQDpJUaxemHYNX4iIcq9o2yLmiWucrnGWxkdIRv80P5iA4emVsoN7Qgq1LC7m49q
W/1vzhUL32HrhEfitHBEn4sv5Oytdd69nYwYONsoXhunvi+WLwLhlyOhv5vzTdH/
VooRAZcDPEKLWtKP54nuTYHTJplG6jOwVaTy0VKC0Qx37n3npBqLt5Gfvyyv1P0A
lPan17dkv29eRK7eMfOp3uCGGiMiZMhSDH+6AUVP8qlwDlRv1Rg8NyS6eqU9mMpL
6aLxWmM3/9cKjuqqvBw+a0A74M8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQvCgde
3eCnPGePcL8JwLM7Ctz1WTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2QxNzI2ZTUtZTljNC00ZDA1LWFmMDktZGQzMmYyMjE5Y2M4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0Grg
gDANBgkqhkiG9w0BAQsFAAOCAQEAcsAbatKf/KDUTG2lPmgLSDGXe0FSoSVW0mo8
iSmJxpetLeB3dAE5gCk2Q09pFylYy8Tifw/NqdkN8kgIjeuTXoz7XNbyn3X0QxFK
+Uuzw79q1eVAASny8qac6TQqX+nDG7EQOIlDZuhhKaQLclIZvwpOaa4+ehZOHKTe
Vi11PQO5nBgfxk/qlMJSoXpkVlEWokpJ9Z0Wimy/SM0v/Y6kHkvbcRMoU+frpDuc
fU0P8Y9LqwG2Tec1Mj8IoxXfJZg5He4X8dkNi9MFpyOpS8ruBTshuTIbaDJEZq/A
WEmNuCBYeKIYBcpw2jV+B6Kt0hRvkSp/e5jbcYYh0U4Sm0xPvA==
-----END CERTIFICATE-----
Generated at Tue May 12 23:13:21 2026 by rpki-client