Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8b37c46d-5f10-445b-9772-1120143beab3.roa
File: 8b37c46d-5f10-445b-9772-1120143beab3.roa (raw, json)
Hash identifier: CC3lwcU1RN/n0/wVaf9W+PXCyODgoi6+IFOu9iR8/ro=
Subject key identifier: C1:24:98:33:23:5E:79:A9:A6:67:98:C3:AC:55:57:E6:74:1D:3C:AA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 716A2368E7238FEB22B018B881F3F65F42CBD2EB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8b37c46d-5f10-445b-9772-1120143beab3.roa
Signing time: Sat 02 May 2026 01:30:23 +0000
ROA not before: Sat 02 May 2026 01:30:23 +0000
ROA not after: Fri 31 Jul 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06a:9080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:6a:23:68:e7:23:8f:eb:22:b0:18:b8:81:f3:f6:5f:42:cb:d2:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 2 01:30:23 2026 GMT
Not After : Jul 31 23:59:59 2026 GMT
Subject: serialNumber=f23821afc2c6a0cd05a521ec3c57c05bf5e5d691b1a71d64bdce0ea62b273678, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:a6:05:0d:a2:7c:32:f3:8d:c4:9e:62:51:88:
a1:d4:b8:d7:d9:99:9e:d2:73:98:9d:d7:00:46:c5:
48:d8:a5:5f:fb:b6:ee:c1:56:e5:37:2b:81:bc:0b:
98:c9:05:bc:14:dc:04:f1:b1:9b:4d:c4:98:b0:aa:
f0:7b:49:e3:7d:0b:d0:32:da:dc:1d:e1:3a:5d:e5:
25:f0:34:4d:36:32:ed:b5:38:fc:21:b6:a0:28:1b:
be:e2:06:35:ab:0d:13:40:a9:ba:bf:87:d1:c2:a9:
8a:d7:95:16:19:5d:68:98:53:71:aa:aa:8c:be:6b:
86:f0:77:ee:c7:a4:ac:9a:b2:bb:9c:28:d5:46:f5:
53:e5:71:0b:9a:fd:de:03:c6:25:6a:60:d1:d3:a5:
b7:44:a2:a6:41:5d:d3:e0:b9:5d:72:54:77:d1:66:
0b:8a:54:21:fa:46:ff:31:44:cb:08:a2:26:68:a5:
bc:59:1f:b2:01:f2:f5:d8:cd:f5:a6:f1:e5:e4:f5:
bb:e7:1d:d5:c1:6f:db:9a:e0:39:79:1e:59:5c:0c:
5d:b5:32:39:6f:7d:5e:51:d5:95:33:b4:c0:16:7b:
46:59:7b:c7:e9:88:69:9d:91:0f:2f:75:8a:46:da:
b4:37:a1:a0:3d:b0:c6:68:77:19:39:75:78:f7:72:
87:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:24:98:33:23:5E:79:A9:A6:67:98:C3:AC:55:57:E6:74:1D:3C:AA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8b37c46d-5f10-445b-9772-1120143beab3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06a:9080::/48
Signature Algorithm: sha256WithRSAEncryption
11:0c:ec:d1:f9:f5:1b:42:f8:f0:29:62:48:7f:08:8e:11:3e:
d7:98:93:45:32:3b:66:89:fc:98:ee:0d:2d:dd:b3:e9:ac:e1:
be:29:42:dc:81:a6:47:46:fb:90:45:ab:d5:6a:3b:cd:97:b4:
aa:87:99:8a:9d:5d:1e:85:50:c8:c7:ba:93:bf:c4:2f:1e:57:
07:97:f5:be:67:1f:2c:2c:b9:e1:b4:60:46:ac:2f:ec:77:03:
e4:ff:57:33:6f:c9:58:45:e3:14:8c:67:4e:96:92:4a:15:24:
e5:b0:f2:79:62:ae:fd:a7:21:37:42:99:a7:a2:ce:23:66:3a:
34:e9:89:aa:b4:d3:11:03:ef:f5:a8:3f:76:ae:30:05:0b:4f:
cc:96:b7:4c:82:04:4c:f2:35:e2:54:5d:7e:d7:14:fd:7a:e2:
0a:93:0f:82:d8:bf:d6:fe:d0:53:30:cc:0d:a7:03:b2:ec:38:
05:9b:77:63:96:8e:42:f7:be:34:8f:54:fd:40:45:a4:07:44:
e5:b5:ff:2d:b6:96:d7:47:29:16:88:77:09:35:0e:c9:f4:86:
35:3b:7b:8c:43:c9:ce:ab:7f:68:49:51:a6:fd:9a:25:f9:fa:
5a:7c:94:ca:bc:8e:ba:a1:58:b7:b9:17:3c:a4:c1:e9:14:64:
e7:53:ca:17
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUcWojaOcjj+sisBi4gfP2X0LL0uswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDIwMTMwMjNaFw0yNjA3MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGYyMzgyMWFmYzJjNmEwY2QwNWE1MjFlYzNjNTdjMDViZjVlNWQ2OTFiMWE3
MWQ2NGJkY2UwZWE2MmIyNzM2NzgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMamBQ2ifDLzjcSeYlGIodS419mZntJzmJ3XAEbFSNilX/u27sFW5TcrgbwL
mMkFvBTcBPGxm03EmLCq8HtJ430L0DLa3B3hOl3lJfA0TTYy7bU4/CG2oCgbvuIG
NasNE0Cpur+H0cKpiteVFhldaJhTcaqqjL5rhvB37sekrJqyu5wo1Ub1U+VxC5r9
3gPGJWpg0dOlt0SipkFd0+C5XXJUd9FmC4pUIfpG/zFEywiiJmilvFkfsgHy9djN
9abx5eT1u+cd1cFv25rgOXkeWVwMXbUyOW99XlHVlTO0wBZ7Rll7x+mIaZ2RDy91
ikbatDehoD2wxmh3GTl1ePdyh50CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTBJJgz
I155qaZnmMOsVVfmdB08qjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGIzN2M0NmQtNWYxMC00NDViLTk3NzItMTEyMDE0M2JlYWIzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0GqQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAEQzs0fn1G0L48CliSH8IjhE+15iTRTI7Zon8
mO4NLd2z6azhvilC3IGmR0b7kEWr1Wo7zZe0qoeZip1dHoVQyMe6k7/ELx5XB5f1
vmcfLCy54bRgRqwv7HcD5P9XM2/JWEXjFIxnTpaSShUk5bDyeWKu/achN0KZp6LO
I2Y6NOmJqrTTEQPv9ag/dq4wBQtPzJa3TIIETPI14lRdftcU/XriCpMPgti/1v7Q
UzDMDacDsuw4BZt3Y5aOQve+NI9U/UBFpAdE5bX/LbaW10cpFoh3CTUOyfSGNTt7
jEPJzqt/aElRpv2aJfn6WnyUyryOuqFYt7kXPKTB6RRk51PKFw==
-----END CERTIFICATE-----
Generated at Wed May 13 00:24:59 2026 by rpki-client