Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a0196e5-a789-4daf-912c-37aa6951f379.roa
File: 9a0196e5-a789-4daf-912c-37aa6951f379.roa (raw, json)
Hash identifier: nGPZDHCgeiBm2NdjEpNDeDhTusact95h25GHVKHl+jg=
Subject key identifier: 7B:AA:44:31:0F:3E:E1:91:C0:A3:AE:E2:C9:BE:48:D1:83:53:C6:6F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4C5FAF38131ABBFCD133B940ADC875A930FD1662
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a0196e5-a789-4daf-912c-37aa6951f379.roa
Signing time: Mon 11 May 2026 01:50:41 +0000
ROA not before: Mon 11 May 2026 01:50:41 +0000
ROA not after: Sun 09 Aug 2026 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d030:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:5f:af:38:13:1a:bb:fc:d1:33:b9:40:ad:c8:75:a9:30:fd:16:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 11 01:50:41 2026 GMT
Not After : Aug 9 23:59:59 2026 GMT
Subject: serialNumber=1a8fa248feadd1f7ebe2836f2a59ad131c4bc3530a02cc46ac5c6e489d165588, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:f3:1d:01:0a:4e:54:26:b3:b5:4f:27:43:d5:
a8:43:58:59:21:f5:94:6c:6c:e5:a7:7f:13:0f:0f:
e6:87:74:b7:c2:35:70:da:56:81:b0:ca:2a:02:af:
bb:0b:18:97:b2:a4:96:67:78:2f:06:71:3b:ed:23:
e3:8c:0a:e1:20:78:68:d0:c4:32:62:7d:f9:b8:b0:
80:1f:6c:e9:b5:3e:74:09:db:0c:48:c1:70:d6:8f:
fc:2e:95:7b:86:c1:ad:ae:2b:ac:21:a0:b5:4c:1f:
41:c0:db:bf:d7:b7:58:b1:0b:7e:bf:fa:c5:67:31:
0b:1e:12:f4:c2:11:f0:af:92:64:ec:d4:12:46:e2:
55:a4:42:ab:f5:a7:7f:b5:e8:68:c5:de:7b:1c:78:
b1:38:08:8b:d7:98:79:b8:06:61:62:c1:95:38:43:
9c:79:ba:a8:00:42:0c:92:29:aa:62:c8:53:c1:fc:
78:ff:6a:ba:a3:53:da:de:6e:47:39:fd:92:5b:94:
6d:82:43:f8:ea:aa:c3:12:38:54:9e:e9:f0:84:c2:
60:fa:4f:23:a6:1e:e4:88:22:eb:1b:8d:b8:8d:ea:
3c:90:2d:77:fd:8f:f1:29:a7:e1:e5:f0:64:c5:ca:
12:a7:ee:6b:45:cd:8f:48:b7:95:96:29:15:fb:7c:
50:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:AA:44:31:0F:3E:E1:91:C0:A3:AE:E2:C9:BE:48:D1:83:53:C6:6F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a0196e5-a789-4daf-912c-37aa6951f379.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:a000::/40
Signature Algorithm: sha256WithRSAEncryption
91:22:08:17:95:68:da:eb:3f:76:a8:4d:30:6f:f8:b4:49:7d:
32:17:5a:e2:76:4a:c0:7b:25:7c:d7:49:35:c9:a2:05:df:2f:
04:15:ee:6a:96:52:3d:a6:36:b4:09:f7:93:7d:55:68:65:03:
30:dc:6a:6e:a6:6a:05:2e:a4:de:8e:62:51:71:ba:3e:c4:08:
8c:40:b3:4a:3f:69:c9:58:d3:68:e2:e1:d2:64:9f:e3:b0:3f:
91:9c:96:f9:b8:48:44:59:ec:27:83:3a:75:86:fc:0b:09:35:
75:3b:c8:3c:f3:82:97:b2:41:b7:17:3b:a8:ba:d1:90:c0:4d:
e3:06:06:a0:93:65:57:f0:5e:4d:96:b2:b2:34:ae:18:45:45:
e0:08:20:2a:d8:1f:df:dd:7a:7f:9e:9b:49:69:26:d7:c0:28:
16:4b:15:09:82:0f:6d:f7:1e:25:be:d1:be:ca:56:e3:0d:12:
d3:0b:2f:20:68:df:73:5b:69:28:6d:94:52:f5:fe:28:bb:0f:
7c:92:61:51:42:df:52:75:4d:17:11:cc:ff:65:f8:20:1e:90:
6b:df:45:4b:33:b3:59:37:bd:b5:f4:dc:2a:78:1d:0a:46:60:
d8:b2:f7:75:fd:50:3f:f0:05:8c:f6:f8:ce:e5:23:78:29:35:
85:84:d1:43
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUTF+vOBMau/zRM7lArch1qTD9FmIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTEwMTUwNDFaFw0yNjA4MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDFhOGZhMjQ4ZmVhZGQxZjdlYmUyODM2ZjJhNTlhZDEzMWM0YmMzNTMwYTAy
Y2M0NmFjNWM2ZTQ4OWQxNjU1ODgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMvzHQEKTlQms7VPJ0PVqENYWSH1lGxs5ad/Ew8P5od0t8I1cNpWgbDKKgKv
uwsYl7Kklmd4LwZxO+0j44wK4SB4aNDEMmJ9+biwgB9s6bU+dAnbDEjBcNaP/C6V
e4bBra4rrCGgtUwfQcDbv9e3WLELfr/6xWcxCx4S9MIR8K+SZOzUEkbiVaRCq/Wn
f7XoaMXeexx4sTgIi9eYebgGYWLBlThDnHm6qABCDJIpqmLIU8H8eP9quqNT2t5u
Rzn9kluUbYJD+OqqwxI4VJ7p8ITCYPpPI6Ye5Igi6xuNuI3qPJAtd/2P8Smn4eXw
ZMXKEqfua0XNj0i3lZYpFft8UKkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR7qkQx
Dz7hkcCjruLJvkjRg1PGbzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWEwMTk2ZTUtYTc4OS00ZGFmLTkxMmMtMzdhYTY5NTFmMzc5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DCg
MA0GCSqGSIb3DQEBCwUAA4IBAQCRIggXlWja6z92qE0wb/i0SX0yF1ridkrAeyV8
10k1yaIF3y8EFe5qllI9pja0CfeTfVVoZQMw3GpupmoFLqTejmJRcbo+xAiMQLNK
P2nJWNNo4uHSZJ/jsD+RnJb5uEhEWewngzp1hvwLCTV1O8g884KXskG3FzuoutGQ
wE3jBgagk2VX8F5NlrKyNK4YRUXgCCAq2B/f3Xp/nptJaSbXwCgWSxUJgg9t9x4l
vtG+ylbjDRLTCy8gaN9zW2kobZRS9f4ouw98kmFRQt9SdU0XEcz/ZfggHpBr30VL
M7NZN7219NwqeB0KRmDYsvd1/VA/8AWM9vjO5SN4KTWFhNFD
-----END CERTIFICATE-----
Generated at Tue May 12 23:48:04 2026 by rpki-client