Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/924a4487-e709-4e7a-9c72-9678b465cef8.roa
File: 924a4487-e709-4e7a-9c72-9678b465cef8.roa (raw, json)
Hash identifier: wyoeu/Ks3bjAaroLzazmvfJ9E8p+phyi3b0nWQAFzXg=
Subject key identifier: D5:5F:B6:98:C6:35:20:8C:3C:1A:2E:90:3F:D3:BB:52:EB:0E:6A:B2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 351965662708FF83557D059436B4DAEAAA432FBB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/924a4487-e709-4e7a-9c72-9678b465cef8.roa
Signing time: Fri 08 May 2026 03:20:33 +0000
ROA not before: Fri 08 May 2026 03:20:33 +0000
ROA not after: Thu 06 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:19:65:66:27:08:ff:83:55:7d:05:94:36:b4:da:ea:aa:43:2f:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 8 03:20:33 2026 GMT
Not After : Aug 6 23:59:59 2026 GMT
Subject: serialNumber=9a3334dbda5869a831d26b493b4d6aa4bf8e62048170dd9e55946d7fcab8ba41, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:66:75:b9:d6:51:b1:9e:85:b7:ee:eb:95:ad:
bf:98:53:75:cf:ea:60:58:39:e9:e7:fc:fb:f7:79:
5c:4b:fc:1f:fe:8d:34:16:c3:24:95:01:34:5a:87:
1e:94:1e:d4:24:75:5a:98:56:19:9b:1e:92:d5:d0:
3d:24:f3:fe:4a:c5:d2:1d:84:8c:72:99:bd:b2:2e:
a6:c5:c5:91:da:28:b4:cc:26:e8:9c:d3:bf:16:d5:
9b:ee:7f:dd:16:60:fa:b4:1b:39:c5:d1:7e:c5:1c:
58:70:8e:af:0e:a2:80:a4:31:67:df:09:c9:c4:72:
cb:e0:13:6b:a8:e8:be:7c:93:78:7f:92:57:e9:4b:
bc:78:b0:de:db:ba:cd:1d:a3:e1:7d:ea:68:18:5a:
dc:bd:ec:69:27:3b:77:a7:d5:61:35:af:96:0e:61:
c2:06:13:11:b1:0c:0c:34:14:7b:c5:e0:04:12:6b:
28:f7:cf:4b:50:45:22:fd:99:8e:b9:3d:21:f5:74:
17:36:0d:fc:56:d1:e9:85:b6:60:a7:f2:a0:eb:4e:
b8:90:16:35:ee:d2:66:65:ed:ba:ab:75:7e:60:72:
7f:13:db:e4:eb:2f:28:f8:f9:3c:d3:b3:d4:db:a2:
1b:f8:2e:d2:18:03:66:f4:14:4d:1c:be:88:00:2d:
d6:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:5F:B6:98:C6:35:20:8C:3C:1A:2E:90:3F:D3:BB:52:EB:0E:6A:B2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/924a4487-e709-4e7a-9c72-9678b465cef8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:6000::/40
Signature Algorithm: sha256WithRSAEncryption
01:69:46:d5:d6:63:42:63:c4:6e:39:de:b5:b8:69:b8:b8:24:
b6:b9:2e:2b:62:ae:8c:aa:21:16:61:30:20:e8:bc:c3:39:ca:
f2:fc:ca:f8:93:62:cb:b4:a8:c3:4a:f2:04:ab:ed:1c:1a:42:
42:ce:ba:ef:5e:5a:90:ae:bc:40:5d:5b:8b:b7:bd:5b:6a:6a:
b2:9c:97:61:24:ef:72:7b:a5:32:8b:7a:1f:6a:5c:f3:6e:60:
05:ec:c6:03:0a:e7:8a:21:16:86:02:8a:3a:b2:c2:fa:d6:49:
49:5c:42:d8:fb:d1:74:e1:f5:fc:40:94:58:e4:b0:2e:f0:1e:
79:74:e6:09:cf:94:34:61:3d:55:ed:b4:78:80:4e:8b:9a:11:
21:cb:d8:f6:2d:5d:63:68:ca:9e:7a:e0:0e:2d:f3:37:36:8f:
06:4c:5f:be:bf:5f:79:bc:ed:a3:84:c6:56:b0:e7:eb:6b:7c:
d9:11:dc:fc:0b:96:5e:9c:10:cc:e8:b4:ce:e4:7b:6c:98:8a:
0a:ec:a6:f7:8e:e4:19:f4:24:71:67:08:26:84:7f:b4:50:7a:
53:94:03:95:b3:f0:64:b0:21:37:73:4d:ad:db:49:bc:b0:2f:
7d:4e:04:4d:ef:8e:1e:41:03:09:3f:1b:d5:ed:20:78:fc:58:
5e:45:28:ff
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNRllZicI/4NVfQWUNrTa6qpDL7swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDgwMzIwMzNaFw0yNjA4MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDlhMzMzNGRiZGE1ODY5YTgzMWQyNmI0OTNiNGQ2YWE0YmY4ZTYyMDQ4MTcw
ZGQ5ZTU1OTQ2ZDdmY2FiOGJhNDExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMxmdbnWUbGehbfu65Wtv5hTdc/qYFg56ef8+/d5XEv8H/6NNBbDJJUBNFqH
HpQe1CR1WphWGZsektXQPSTz/krF0h2EjHKZvbIupsXFkdootMwm6JzTvxbVm+5/
3RZg+rQbOcXRfsUcWHCOrw6igKQxZ98JycRyy+ATa6jovnyTeH+SV+lLvHiw3tu6
zR2j4X3qaBha3L3saSc7d6fVYTWvlg5hwgYTEbEMDDQUe8XgBBJrKPfPS1BFIv2Z
jrk9IfV0FzYN/FbR6YW2YKfyoOtOuJAWNe7SZmXtuqt1fmByfxPb5OsvKPj5PNOz
1NuiG/gu0hgDZvQUTRy+iAAt1rECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTVX7aY
xjUgjDwaLpA/07tS6w5qsjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTI0YTQ0ODctZTcwOS00ZTdhLTljNzItOTY3OGI0NjVjZWY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HRg
MA0GCSqGSIb3DQEBCwUAA4IBAQABaUbV1mNCY8RuOd61uGm4uCS2uS4rYq6MqiEW
YTAg6LzDOcry/Mr4k2LLtKjDSvIEq+0cGkJCzrrvXlqQrrxAXVuLt71bamqynJdh
JO9ye6Uyi3ofalzzbmAF7MYDCueKIRaGAoo6ssL61klJXELY+9F04fX8QJRY5LAu
8B55dOYJz5Q0YT1V7bR4gE6LmhEhy9j2LV1jaMqeeuAOLfM3No8GTF++v195vO2j
hMZWsOfra3zZEdz8C5ZenBDM6LTO5HtsmIoK7Kb3juQZ9CRxZwgmhH+0UHpTlAOV
s/BksCE3c02t20m8sC99TgRN744eQQMJPxvV7SB4/FheRSj/
-----END CERTIFICATE-----
Generated at Tue May 12 23:13:51 2026 by rpki-client