Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7e690adc-099c-4d58-ad1b-856f693d90b3.roa
File: 7e690adc-099c-4d58-ad1b-856f693d90b3.roa (raw, json)
Hash identifier: s2lbuurAgoJZmwJa1CB00+hkCh7Mi75oUIfMHvrlA3A=
Subject key identifier: A3:96:D9:F3:B2:6B:4D:68:E0:BB:06:A5:0E:03:0A:2C:84:63:5C:A3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5197F3047670864DE8C3207176AC17AA50DB27CB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7e690adc-099c-4d58-ad1b-856f693d90b3.roa
Signing time: Mon 11 May 2026 01:50:04 +0000
ROA not before: Mon 11 May 2026 01:50:04 +0000
ROA not after: Sun 09 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:97:f3:04:76:70:86:4d:e8:c3:20:71:76:ac:17:aa:50:db:27:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 11 01:50:04 2026 GMT
Not After : Aug 9 23:59:59 2026 GMT
Subject: serialNumber=13f8d2b22df9ba782fa6adf94e15ba730842b9c999e5a0f6485ea23e8423c3f7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:e8:4a:71:12:3d:ca:63:e0:c3:ae:56:f1:50:
cc:89:f8:f7:04:6b:76:9e:bc:44:cf:b1:4e:e1:94:
f7:ff:e6:8f:35:83:ff:e8:32:e5:38:0a:1a:d4:ad:
89:f3:18:c5:1a:d3:93:9a:4d:f9:c1:6c:53:70:9a:
16:99:3f:d1:a6:22:65:0e:0f:0f:fb:07:13:98:5f:
75:51:c0:d5:b6:36:a7:f9:5d:8d:24:9d:f4:10:8c:
98:2c:58:4c:c4:0c:f3:8c:36:d7:5a:e7:7d:48:21:
1f:f3:7a:59:4d:8e:4c:5f:37:43:45:88:37:d3:59:
a9:02:2b:62:8c:61:3b:6b:41:29:65:f3:a4:8b:88:
48:85:d1:e5:df:51:ac:92:1f:4c:88:a3:a3:05:9a:
06:ef:a6:e8:9e:2f:12:65:bb:bf:5d:f2:fc:f4:db:
5a:cd:a6:d3:4d:4e:ec:f2:af:1b:c1:e2:f5:f0:5b:
9d:b6:b4:a2:48:84:c9:90:a8:33:38:ad:38:31:1e:
3f:23:4d:34:4d:3c:a9:80:e8:bb:4d:2a:a8:ee:10:
11:4e:19:ff:ce:1d:b5:93:db:df:f7:a9:a1:f2:24:
99:8c:1b:b4:33:0b:56:89:41:99:4b:87:14:63:d8:
db:24:63:68:a3:b2:b3:79:9a:e1:9b:97:b0:11:a1:
9d:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:96:D9:F3:B2:6B:4D:68:E0:BB:06:A5:0E:03:0A:2C:84:63:5C:A3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7e690adc-099c-4d58-ad1b-856f693d90b3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:c000::/40
Signature Algorithm: sha256WithRSAEncryption
c9:d9:e0:90:23:76:86:b0:9e:5e:83:88:52:89:2b:82:e4:5b:
8e:5e:a7:a3:60:d5:e0:72:46:db:cf:3f:5f:c4:ff:da:ba:75:
da:4b:e2:e8:49:8b:cd:13:05:a1:56:3f:d3:56:7a:4d:15:b2:
f8:50:7d:c8:12:4f:40:95:75:13:9b:6e:84:d2:48:3b:3f:f1:
6c:e0:9c:76:d6:86:3e:0b:d9:21:fd:1a:44:1f:e0:75:96:cd:
77:fe:d7:8d:a1:29:b5:c5:6b:1d:4f:e4:97:61:84:9a:3b:d7:
37:a4:ea:98:dd:60:fe:06:32:2a:5f:f6:b5:16:7b:dd:7a:40:
b4:f5:e1:96:d8:af:38:e3:4d:44:97:58:62:86:d0:8b:e3:dd:
09:e0:f7:1a:52:3c:d0:7b:f9:91:79:fc:98:6c:11:54:1c:1e:
e0:a3:b6:ed:bc:2c:5b:7f:35:c7:ef:ac:59:1d:15:61:73:51:
44:9b:5a:84:f2:cc:20:5d:94:19:a7:e9:64:09:b8:a8:25:db:
06:85:a2:7c:78:d6:9b:d8:e9:04:7b:de:12:15:40:65:2e:95:
bb:0d:ef:fd:1b:ad:fc:ca:9c:bc:84:96:54:de:6d:e0:55:c0:
38:b4:8f:1a:42:d9:33:ab:7c:95:e2:a7:16:13:d5:ea:a2:22:
1d:f6:0d:cb
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUZfzBHZwhk3owyBxdqwXqlDbJ8swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTEwMTUwMDRaFw0yNjA4MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDEzZjhkMmIyMmRmOWJhNzgyZmE2YWRmOTRlMTViYTczMDg0MmI5Yzk5OWU1
YTBmNjQ4NWVhMjNlODQyM2MzZjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKToSnESPcpj4MOuVvFQzIn49wRrdp68RM+xTuGU9//mjzWD/+gy5TgKGtSt
ifMYxRrTk5pN+cFsU3CaFpk/0aYiZQ4PD/sHE5hfdVHA1bY2p/ldjSSd9BCMmCxY
TMQM84w211rnfUghH/N6WU2OTF83Q0WIN9NZqQIrYoxhO2tBKWXzpIuISIXR5d9R
rJIfTIijowWaBu+m6J4vEmW7v13y/PTbWs2m001O7PKvG8Hi9fBbnba0okiEyZCo
MzitODEePyNNNE08qYDou00qqO4QEU4Z/84dtZPb3/epofIkmYwbtDMLVolBmUuH
FGPY2yRjaKOys3ma4ZuXsBGhnYkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSjltnz
smtNaOC7BqUOAwoshGNcozAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2U2OTBhZGMtMDk5Yy00ZDU4LWFkMWItODU2ZjY5M2Q5MGIzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DDA
MA0GCSqGSIb3DQEBCwUAA4IBAQDJ2eCQI3aGsJ5eg4hSiSuC5FuOXqejYNXgckbb
zz9fxP/aunXaS+LoSYvNEwWhVj/TVnpNFbL4UH3IEk9AlXUTm26E0kg7P/Fs4Jx2
1oY+C9kh/RpEH+B1ls13/teNoSm1xWsdT+SXYYSaO9c3pOqY3WD+BjIqX/a1Fnvd
ekC09eGW2K84401El1hihtCL490J4PcaUjzQe/mRefyYbBFUHB7go7btvCxbfzXH
76xZHRVhc1FEm1qE8swgXZQZp+lkCbioJdsGhaJ8eNab2OkEe94SFUBlLpW7De/9
G638ypy8hJZU3m3gVcA4tI8aQtkzq3yV4qcWE9XqoiId9g3L
-----END CERTIFICATE-----
Generated at Tue May 12 23:28:37 2026 by rpki-client