Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8e6878ab-55a6-4771-8954-3306e598be04.roa
File: 8e6878ab-55a6-4771-8954-3306e598be04.roa (raw, json)
Hash identifier: uFOTiQNkTnGYKgJ6KV+MGbyZvL/GSbbgtB47Iugd3rg=
Subject key identifier: 4D:AA:92:89:E9:95:D0:D0:12:96:89:E8:A7:17:60:05:31:63:EA:A0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 75C8CF09185FA0ADDCDCC84835C9F14DE933E4A2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8e6878ab-55a6-4771-8954-3306e598be04.roa
Signing time: Sat 02 May 2026 01:30:25 +0000
ROA not before: Sat 02 May 2026 01:30:25 +0000
ROA not after: Fri 31 Jul 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06a:800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:c8:cf:09:18:5f:a0:ad:dc:dc:c8:48:35:c9:f1:4d:e9:33:e4:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 2 01:30:25 2026 GMT
Not After : Jul 31 23:59:59 2026 GMT
Subject: serialNumber=e0713ed62927cd3a0ead6fc4c49f3a9cc64348efe936a58608b136a0b50b82c0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:be:ab:64:26:0b:a9:63:d8:2e:8d:0c:91:84:
b6:6e:22:75:08:1c:db:b0:21:e9:b5:f1:4e:bc:f6:
c5:2b:4f:19:bf:59:1d:1c:7a:d8:79:4e:15:5c:e4:
1f:fa:2c:40:24:70:56:4f:95:30:f5:78:fa:6f:53:
71:8f:76:1f:ba:da:5e:ef:87:1b:6d:73:05:0b:c8:
93:b3:0b:d1:49:3a:38:2c:df:89:50:b7:f0:c5:64:
d5:bd:65:c6:76:21:34:da:c3:ca:65:f3:0e:5d:63:
ab:e1:a4:de:e2:cb:5e:95:ee:32:26:c6:c8:91:0b:
ba:7c:ac:e1:97:f8:a3:7f:6e:ce:95:2e:3e:b3:aa:
90:36:eb:66:0e:a3:68:09:49:08:a7:3e:74:ee:5b:
91:65:9c:55:48:c7:6b:53:aa:a1:49:f0:a4:7c:44:
68:52:21:f6:03:4d:11:aa:b2:7d:ca:4e:2b:5c:27:
33:36:78:a4:91:39:d2:73:a8:a4:22:4d:e9:61:bc:
b2:71:d9:b4:77:de:19:7d:53:33:a2:c0:29:5a:25:
a4:8e:d2:46:06:72:8c:27:33:25:45:af:e9:c1:df:
b5:af:16:1f:8b:d0:2c:e7:8b:4d:0a:79:bd:6f:aa:
1e:13:20:b3:dc:c7:26:b4:4a:96:76:1d:b3:47:f3:
3c:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:AA:92:89:E9:95:D0:D0:12:96:89:E8:A7:17:60:05:31:63:EA:A0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8e6878ab-55a6-4771-8954-3306e598be04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06a:800::/40
Signature Algorithm: sha256WithRSAEncryption
2e:bc:54:d4:a3:15:cc:a4:68:e4:29:60:6b:09:7e:97:d6:58:
4c:5a:55:8a:42:fa:e2:89:ce:22:98:2d:68:36:06:c8:ea:fb:
b6:d7:49:fe:17:7e:5a:cd:84:23:6d:3a:30:01:64:15:ea:a5:
1d:8e:fd:e8:27:51:28:18:0a:62:ce:85:37:3f:63:56:54:fe:
12:e0:36:c1:54:2f:c4:b9:68:42:d3:8b:8f:6b:69:5b:68:96:
cc:03:8e:7f:2c:2f:cd:1f:aa:7f:40:78:13:ff:eb:a9:97:fb:
64:69:4b:6e:e9:f4:76:1a:c8:e1:75:31:6d:e5:d0:f6:b1:b3:
0a:3b:ee:15:e4:83:00:8c:90:75:37:79:09:14:35:2f:21:5e:
e8:5f:b2:75:c8:8e:59:2b:f6:79:0d:77:7b:e0:30:7c:6e:64:
75:8c:01:4d:9e:f5:9f:4f:5b:63:d6:71:cf:cc:07:71:b8:06:
21:3e:f5:25:1e:8c:b3:27:ad:81:41:5d:82:db:99:77:dc:c3:
c0:85:84:1f:be:4b:24:e5:90:17:73:61:9f:84:de:f1:bf:e0:
50:1a:ee:2c:21:5d:32:c9:5f:d4:86:61:f0:7a:01:f6:d2:59:
f7:70:66:1a:71:c3:16:80:9e:06:9e:c5:62:2d:6d:89:e9:84:
67:e0:e6:9b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdcjPCRhfoK3c3MhINcnxTekz5KIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDIwMTMwMjVaFw0yNjA3MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGUwNzEzZWQ2MjkyN2NkM2EwZWFkNmZjNGM0OWYzYTljYzY0MzQ4ZWZlOTM2
YTU4NjA4YjEzNmEwYjUwYjgyYzAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALa+q2QmC6lj2C6NDJGEtm4idQgc27Ah6bXxTrz2xStPGb9ZHRx62HlOFVzk
H/osQCRwVk+VMPV4+m9TcY92H7raXu+HG21zBQvIk7ML0Uk6OCzfiVC38MVk1b1l
xnYhNNrDymXzDl1jq+Gk3uLLXpXuMibGyJELunys4Zf4o39uzpUuPrOqkDbrZg6j
aAlJCKc+dO5bkWWcVUjHa1OqoUnwpHxEaFIh9gNNEaqyfcpOK1wnMzZ4pJE50nOo
pCJN6WG8snHZtHfeGX1TM6LAKVolpI7SRgZyjCczJUWv6cHfta8WH4vQLOeLTQp5
vW+qHhMgs9zHJrRKlnYds0fzPNECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRNqpKJ
6ZXQ0BKWieinF2AFMWPqoDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGU2ODc4YWItNTVhNi00NzcxLTg5NTQtMzMwNmU1OThiZTA0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0GoI
MA0GCSqGSIb3DQEBCwUAA4IBAQAuvFTUoxXMpGjkKWBrCX6X1lhMWlWKQvriic4i
mC1oNgbI6vu210n+F35azYQjbTowAWQV6qUdjv3oJ1EoGApizoU3P2NWVP4S4DbB
VC/EuWhC04uPa2lbaJbMA45/LC/NH6p/QHgT/+upl/tkaUtu6fR2GsjhdTFt5dD2
sbMKO+4V5IMAjJB1N3kJFDUvIV7oX7J1yI5ZK/Z5DXd74DB8bmR1jAFNnvWfT1tj
1nHPzAdxuAYhPvUlHoyzJ62BQV2C25l33MPAhYQfvksk5ZAXc2GfhN7xv+BQGu4s
IV0yyV/UhmHwegH20ln3cGYaccMWgJ4GnsViLW2J6YRn4Oab
-----END CERTIFICATE-----
Generated at Tue May 12 22:58:55 2026 by rpki-client