Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/914a6acc-cb88-4da2-8443-fbaf927c9652.roa
File: 914a6acc-cb88-4da2-8443-fbaf927c9652.roa (raw, json)
Hash identifier: qrApt37Az4pACiOCJl9ubGiyy/g0c6+H67rdCOTi2MM=
Subject key identifier: DD:70:5A:07:96:76:E9:95:36:87:6D:C2:95:7B:5D:2F:02:24:47:14
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 216C52E5FC997F1BCBE3DC045DC33A4B748522B1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/914a6acc-cb88-4da2-8443-fbaf927c9652.roa
Signing time: Mon 04 May 2026 15:30:36 +0000
ROA not before: Mon 04 May 2026 15:30:36 +0000
ROA not after: Sun 02 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:9000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:6c:52:e5:fc:99:7f:1b:cb:e3:dc:04:5d:c3:3a:4b:74:85:22:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 4 15:30:36 2026 GMT
Not After : Aug 2 23:59:59 2026 GMT
Subject: serialNumber=1511067408b565e0341933c451fcdcfc36626fe058e7947e65c1566f60b8840d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:5b:a5:27:c1:30:56:99:e6:32:07:d7:b6:5a:
7d:7a:ce:41:89:94:79:0f:ae:8b:e9:28:58:db:17:
68:99:b4:01:df:b0:bd:5d:75:d8:77:29:f8:3b:6a:
48:55:d9:f4:39:04:b0:de:3c:54:19:99:f9:ac:e6:
c7:d4:6f:60:07:82:07:53:e7:ff:6b:a4:79:24:0c:
c5:0e:a6:83:37:9a:b6:8f:43:66:e1:05:01:d8:49:
9e:db:e4:24:9b:bd:4a:58:26:28:de:6e:d0:1c:dc:
1e:aa:ee:4f:05:ef:54:8e:74:59:35:83:08:24:28:
40:c2:52:57:a8:65:55:82:33:52:f8:56:0d:71:80:
fd:d2:5b:d6:02:c7:76:59:e0:b8:ed:76:2f:c2:a3:
2f:80:86:8d:84:7f:fe:e6:9d:61:c3:79:6b:ed:0b:
1a:a5:6d:97:7e:34:ef:6a:d3:bd:f7:35:0e:81:e3:
40:79:c6:16:ed:79:c6:81:32:b7:27:84:fa:27:23:
fa:e0:5e:68:e0:6b:8b:63:70:25:6e:6d:3f:ca:31:
46:b5:56:7a:fe:8a:a6:e6:b2:de:86:a9:9b:8a:27:
d3:2a:f1:ba:81:60:61:5b:c4:4f:65:59:da:dd:ac:
1e:b2:2b:19:a6:d9:aa:28:b3:37:01:eb:e3:16:22:
cd:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:70:5A:07:96:76:E9:95:36:87:6D:C2:95:7B:5D:2F:02:24:47:14
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/914a6acc-cb88-4da2-8443-fbaf927c9652.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:9000::/40
Signature Algorithm: sha256WithRSAEncryption
8a:95:41:66:44:88:d8:c6:b6:14:ee:99:92:ac:88:8d:c2:73:
f9:8d:f6:59:ab:fe:09:d0:60:04:3b:a9:4b:eb:b5:2c:9f:30:
35:51:96:3b:e2:49:54:74:b9:76:87:11:12:d4:04:a4:7a:7e:
e9:38:dd:6e:ea:6e:b5:ba:95:5b:d8:76:14:31:c9:b2:5e:de:
d0:d8:84:26:88:15:46:f0:fe:93:70:66:a8:9f:f4:dd:52:e2:
c7:c9:e8:4b:e4:04:8f:85:11:23:c7:cd:eb:a0:51:f3:b0:54:
d9:02:dc:6d:69:dc:c2:80:20:1d:cb:3a:de:9d:3e:d0:43:a5:
64:2d:66:63:6a:46:7f:61:e1:4a:b4:53:43:ed:d4:66:3e:45:
00:48:80:c8:fd:b3:8d:27:64:3c:47:12:6a:97:cc:64:42:c6:
e4:32:e6:fc:28:bf:76:07:2c:41:4a:9b:17:17:bd:f6:39:96:
43:8b:b5:7c:80:be:60:5b:31:10:0a:91:68:d9:3d:4d:60:86:
c6:5b:3c:40:13:64:68:f3:25:b9:42:2c:a7:4f:09:63:10:17:
0a:72:b1:a6:d2:32:50:f1:fe:7b:7d:de:d4:40:90:4a:ea:1a:
50:21:07:fc:a7:03:9a:47:e4:23:5a:0f:53:f5:5a:36:28:cd:
40:40:d6:5e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIWxS5fyZfxvL49wEXcM6S3SFIrEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDQxNTMwMzZaFw0yNjA4MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDE1MTEwNjc0MDhiNTY1ZTAzNDE5MzNjNDUxZmNkY2ZjMzY2MjZmZTA1OGU3
OTQ3ZTY1YzE1NjZmNjBiODg0MGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOlbpSfBMFaZ5jIH17ZafXrOQYmUeQ+ui+koWNsXaJm0Ad+wvV112Hcp+Dtq
SFXZ9DkEsN48VBmZ+azmx9RvYAeCB1Pn/2ukeSQMxQ6mgzeato9DZuEFAdhJntvk
JJu9SlgmKN5u0BzcHqruTwXvVI50WTWDCCQoQMJSV6hlVYIzUvhWDXGA/dJb1gLH
dlnguO12L8KjL4CGjYR//uadYcN5a+0LGqVtl34072rTvfc1DoHjQHnGFu15xoEy
tyeE+icj+uBeaOBri2NwJW5tP8oxRrVWev6Kpuay3oapm4on0yrxuoFgYVvET2VZ
2t2sHrIrGabZqiizNwHr4xYizQUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTdcFoH
lnbplTaHbcKVe10vAiRHFDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTE0YTZhY2MtY2I4OC00ZGEyLTg0NDMtZmJhZjkyN2M5NjUyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HOQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCKlUFmRIjYxrYU7pmSrIiNwnP5jfZZq/4J0GAE
O6lL67UsnzA1UZY74klUdLl2hxES1ASken7pON1u6m61upVb2HYUMcmyXt7Q2IQm
iBVG8P6TcGaon/TdUuLHyehL5ASPhREjx83roFHzsFTZAtxtadzCgCAdyzrenT7Q
Q6VkLWZjakZ/YeFKtFND7dRmPkUASIDI/bONJ2Q8RxJql8xkQsbkMub8KL92ByxB
SpsXF732OZZDi7V8gL5gWzEQCpFo2T1NYIbGWzxAE2Ro8yW5QiynTwljEBcKcrGm
0jJQ8f57fd7UQJBK6hpQIQf8pwOaR+QjWg9T9Vo2KM1AQNZe
-----END CERTIFICATE-----
Generated at Tue May 12 23:32:52 2026 by rpki-client