Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9ea9340f-dd25-4e30-a952-27ce8d9906df.roa
File: 9ea9340f-dd25-4e30-a952-27ce8d9906df.roa (raw, json)
Hash identifier: y6PagoACsrc7R2AHyuv0ClNLYbtv1Qk09clQpKimQw4=
Subject key identifier: 2C:F4:0C:A2:14:95:56:16:5F:A0:EC:11:11:89:A2:93:38:03:C6:F1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1D8FD63209F1BA39BEC745EAD84D45A149EA801B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9ea9340f-dd25-4e30-a952-27ce8d9906df.roa
Signing time: Mon 11 May 2026 01:51:08 +0000
ROA not before: Mon 11 May 2026 01:51:08 +0000
ROA not after: Sun 09 Aug 2026 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d030:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:8f:d6:32:09:f1:ba:39:be:c7:45:ea:d8:4d:45:a1:49:ea:80:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 11 01:51:08 2026 GMT
Not After : Aug 9 23:59:59 2026 GMT
Subject: serialNumber=66a43fe599228e5c875e6df73c70094f52b78173ff642169b94a90d98f55a25a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:08:5a:52:08:ac:6c:f6:1d:3f:92:cc:f8:93:
c4:ab:5f:94:fc:98:0f:57:c0:0d:21:b3:d2:5f:d9:
b7:53:d5:65:6c:ca:ff:69:f6:9d:04:6f:ff:b8:1d:
02:5a:c6:01:62:06:7e:bb:5b:66:55:42:a8:d9:18:
fb:71:36:3c:d9:80:b4:da:97:a3:1c:d5:e9:20:8a:
ba:66:6e:75:ce:10:b4:99:db:1e:05:b8:a3:8e:46:
31:cb:df:0b:fa:4d:46:05:78:36:cd:e7:e0:ec:c2:
51:86:d4:20:dd:62:bc:f4:78:a7:2c:40:b5:6b:33:
86:04:66:82:38:23:cb:68:47:71:8a:f2:b8:a5:25:
ee:cc:7c:bc:7b:af:d3:83:df:54:f2:85:35:7c:53:
3a:a0:be:2b:8f:06:39:61:60:3f:a0:0e:25:df:0e:
5e:85:1e:84:cb:1d:8c:71:0f:ff:0f:ed:74:18:2e:
53:23:d2:97:e1:ef:f0:54:27:25:6d:e0:fd:01:eb:
aa:a5:7a:dd:57:32:af:76:b0:f0:fc:9b:23:04:ad:
f1:f5:8e:a6:c0:7d:22:0b:d8:0e:d7:fd:50:87:9f:
57:c8:68:27:c2:b8:7f:48:39:c7:2c:cc:94:14:48:
92:af:a4:95:6a:2a:ef:eb:f6:64:9c:a0:80:0c:e1:
dd:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:F4:0C:A2:14:95:56:16:5F:A0:EC:11:11:89:A2:93:38:03:C6:F1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9ea9340f-dd25-4e30-a952-27ce8d9906df.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:4000::/40
Signature Algorithm: sha256WithRSAEncryption
95:69:32:bd:45:ec:a9:6a:fc:6d:b7:c5:a5:ad:05:49:c3:4a:
48:28:e5:c4:eb:d8:3b:cb:19:55:48:50:18:ac:34:a0:d0:04:
0b:2d:10:45:be:56:c8:5b:39:8b:47:28:69:66:de:e2:bd:4f:
13:63:a9:87:c3:a4:7f:3a:57:28:75:90:b6:05:b9:0a:eb:02:
1e:05:72:29:4c:4e:27:70:61:1e:4d:7b:a7:04:1c:4b:e7:e2:
2a:5b:ab:4a:5d:20:61:fe:d7:7e:6e:1f:ad:bf:9e:f6:88:9c:
8c:8a:71:36:c8:8c:5e:f4:0f:88:8b:e7:35:91:6b:6b:27:10:
ae:68:b9:15:86:51:e3:92:5a:2e:b5:e8:db:94:45:c1:3b:ce:
c3:ec:be:2b:f6:bd:69:5c:f2:a2:52:40:67:81:83:b7:ef:ec:
2d:99:78:11:8f:88:60:99:df:ca:c7:2c:7b:09:7d:0a:45:08:
9f:25:35:d0:bd:4f:40:8b:a1:d0:fe:dd:eb:ac:0f:b5:87:44:
54:72:86:1e:9b:ed:6a:d7:77:38:41:9f:c9:a9:e0:20:aa:30:
c6:44:20:a1:8e:9f:b1:25:34:ae:4b:a8:a7:a3:05:82:b3:10:
e7:52:25:1e:f5:d9:53:90:b5:64:77:d5:5f:34:6a:90:50:d5:
5f:32:67:db
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHY/WMgnxujm+x0Xq2E1FoUnqgBswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTEwMTUxMDhaFw0yNjA4MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDY2YTQzZmU1OTkyMjhlNWM4NzVlNmRmNzNjNzAwOTRmNTJiNzgxNzNmZjY0
MjE2OWI5NGE5MGQ5OGY1NWEyNWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM0IWlIIrGz2HT+SzPiTxKtflPyYD1fADSGz0l/Zt1PVZWzK/2n2nQRv/7gd
AlrGAWIGfrtbZlVCqNkY+3E2PNmAtNqXoxzV6SCKumZudc4QtJnbHgW4o45GMcvf
C/pNRgV4Ns3n4OzCUYbUIN1ivPR4pyxAtWszhgRmgjgjy2hHcYryuKUl7sx8vHuv
04PfVPKFNXxTOqC+K48GOWFgP6AOJd8OXoUehMsdjHEP/w/tdBguUyPSl+Hv8FQn
JW3g/QHrqqV63Vcyr3aw8PybIwSt8fWOpsB9IgvYDtf9UIefV8hoJ8K4f0g5xyzM
lBRIkq+klWoq7+v2ZJyggAzh3QMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQs9Ayi
FJVWFl+g7BERiaKTOAPG8TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWVhOTM0MGYtZGQyNS00ZTMwLWE5NTItMjdjZThkOTkwNmRmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DBA
MA0GCSqGSIb3DQEBCwUAA4IBAQCVaTK9Reypavxtt8WlrQVJw0pIKOXE69g7yxlV
SFAYrDSg0AQLLRBFvlbIWzmLRyhpZt7ivU8TY6mHw6R/OlcodZC2BbkK6wIeBXIp
TE4ncGEeTXunBBxL5+IqW6tKXSBh/td+bh+tv572iJyMinE2yIxe9A+Ii+c1kWtr
JxCuaLkVhlHjkloutejblEXBO87D7L4r9r1pXPKiUkBngYO37+wtmXgRj4hgmd/K
xyx7CX0KRQifJTXQvU9Ai6HQ/t3rrA+1h0RUcoYem+1q13c4QZ/JqeAgqjDGRCCh
jp+xJTSuS6inowWCsxDnUiUe9dlTkLVkd9VfNGqQUNVfMmfb
-----END CERTIFICATE-----
Generated at Tue May 12 22:50:09 2026 by rpki-client