Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9d791d74-cfd7-4000-a1e5-34325a5e1541.roa
File: 9d791d74-cfd7-4000-a1e5-34325a5e1541.roa (raw, json)
Hash identifier: sksfF+9XdVS6KLMBimZEwRTE6+JDGf7j5fzsVg+IgsM=
Subject key identifier: AC:58:01:3B:87:82:57:9C:B0:13:93:EA:D3:C4:30:F0:3D:02:75:75
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 678513366965CD6884FA3BB75761B8C75505265A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9d791d74-cfd7-4000-a1e5-34325a5e1541.roa
Signing time: Fri 08 May 2026 03:20:32 +0000
ROA not before: Fri 08 May 2026 03:20:32 +0000
ROA not after: Thu 06 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:85:13:36:69:65:cd:68:84:fa:3b:b7:57:61:b8:c7:55:05:26:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 8 03:20:32 2026 GMT
Not After : Aug 6 23:59:59 2026 GMT
Subject: serialNumber=31c8bcdcbf02084ccf5fa8409682740277c8efe7cc58f51adca3c272543fa346, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:19:42:2d:ff:2c:84:e4:4e:87:3a:c8:e8:d3:
61:65:64:50:e2:21:93:aa:18:50:f5:7d:34:cc:bf:
89:02:70:32:1e:7c:b3:24:8e:9c:26:ae:ad:b9:a3:
62:fe:ba:8d:c5:b3:aa:42:5e:c7:b1:6f:0f:ae:c1:
40:0c:00:52:94:d5:a1:35:e5:52:b3:fa:cc:f7:23:
b5:23:d0:6c:b0:d3:aa:ec:44:4a:c6:bc:f0:d9:a1:
88:1b:1c:67:3f:8e:68:17:73:ed:17:91:3c:ef:9c:
b9:30:8e:89:b2:37:01:e4:79:52:0d:92:1b:e7:de:
84:13:04:4f:75:34:ce:75:7d:0b:d2:21:b4:f7:d9:
87:ee:66:19:a2:50:03:c9:93:29:1c:7e:13:4e:9a:
a8:1a:11:1b:3f:37:c7:d8:07:e9:61:20:8c:33:00:
49:2d:98:97:fe:8c:af:0e:f7:29:97:5c:15:e3:b6:
bd:87:29:74:6a:d8:82:d2:1f:70:18:8e:62:c4:99:
78:2b:e3:16:34:79:89:3a:d8:ae:52:ed:20:0d:82:
53:9d:ee:f9:8f:51:09:fb:f2:f8:fb:66:6d:21:e3:
d4:5a:26:d4:64:a4:25:51:8f:21:17:e8:51:e4:98:
f2:ad:24:e0:9d:75:82:1c:f5:dd:30:b8:8a:b8:02:
f5:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:58:01:3B:87:82:57:9C:B0:13:93:EA:D3:C4:30:F0:3D:02:75:75
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9d791d74-cfd7-4000-a1e5-34325a5e1541.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:5000::/40
Signature Algorithm: sha256WithRSAEncryption
59:ae:a5:cd:89:c7:44:97:db:98:5a:1c:8c:9d:c7:33:fb:4d:
8b:6f:c8:e1:f9:42:fc:86:23:db:a8:52:18:ff:66:18:7a:cc:
0f:06:1a:87:e8:bc:39:29:f8:ca:3f:bf:63:a1:8a:cc:ec:e0:
3d:5e:5f:6a:1e:2b:7c:41:12:a8:4b:f8:c3:08:80:98:8a:cd:
7d:47:a6:22:2a:d2:7a:c5:19:39:42:81:ef:52:a1:c4:53:fa:
ac:d5:8d:d1:fd:93:eb:20:f3:32:ac:53:e3:9e:a0:d3:f3:26:
d1:17:a0:f6:ca:2f:9b:0f:7a:a3:8f:5e:02:f4:19:02:a9:9d:
4e:01:bf:ea:d4:d8:23:61:08:e7:3b:53:ca:6b:bf:8e:cd:bb:
54:87:11:a8:91:76:bd:6a:ee:47:ee:79:78:c5:2f:9b:cc:cf:
69:39:7b:2b:27:6b:7a:93:57:8b:9f:b4:ca:ed:0c:9b:a0:44:
bd:fa:41:53:ec:c6:46:29:f0:fe:a1:9b:06:49:96:58:01:25:
62:4b:e3:d7:68:c1:8a:19:c9:31:7e:24:ee:a1:4c:26:c1:f7:
e1:5c:0b:2a:1e:7e:4f:14:4c:ef:52:21:e5:0a:b4:6c:d5:ef:
39:59:be:30:c6:cc:9d:60:68:52:ec:fa:d8:59:29:69:c2:cc:
af:6d:6c:39
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZ4UTNmllzWiE+ju3V2G4x1UFJlowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDgwMzIwMzJaFw0yNjA4MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDMxYzhiY2RjYmYwMjA4NGNjZjVmYTg0MDk2ODI3NDAyNzdjOGVmZTdjYzU4
ZjUxYWRjYTNjMjcyNTQzZmEzNDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALgZQi3/LITkToc6yOjTYWVkUOIhk6oYUPV9NMy/iQJwMh58sySOnCaurbmj
Yv66jcWzqkJex7FvD67BQAwAUpTVoTXlUrP6zPcjtSPQbLDTquxESsa88NmhiBsc
Zz+OaBdz7ReRPO+cuTCOibI3AeR5Ug2SG+fehBMET3U0znV9C9IhtPfZh+5mGaJQ
A8mTKRx+E06aqBoRGz83x9gH6WEgjDMASS2Yl/6Mrw73KZdcFeO2vYcpdGrYgtIf
cBiOYsSZeCvjFjR5iTrYrlLtIA2CU53u+Y9RCfvy+PtmbSHj1Fom1GSkJVGPIRfo
UeSY8q0k4J11ghz13TC4irgC9cUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSsWAE7
h4JXnLATk+rTxDDwPQJ1dTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWQ3OTFkNzQtY2ZkNy00MDAwLWExZTUtMzQzMjVhNWUxNTQxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HRQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBZrqXNicdEl9uYWhyMnccz+02Lb8jh+UL8hiPb
qFIY/2YYeswPBhqH6Lw5KfjKP79joYrM7OA9Xl9qHit8QRKoS/jDCICYis19R6Yi
KtJ6xRk5QoHvUqHEU/qs1Y3R/ZPrIPMyrFPjnqDT8ybRF6D2yi+bD3qjj14C9BkC
qZ1OAb/q1NgjYQjnO1PKa7+OzbtUhxGokXa9au5H7nl4xS+bzM9pOXsrJ2t6k1eL
n7TK7QyboES9+kFT7MZGKfD+oZsGSZZYASViS+PXaMGKGckxfiTuoUwmwffhXAsq
Hn5PFEzvUiHlCrRs1e85Wb4wxsydYGhS7PrYWSlpwsyvbWw5
-----END CERTIFICATE-----
Generated at Tue May 12 23:31:55 2026 by rpki-client