Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a0c32c3b-d8db-4386-9538-641f27723456.roa
File: a0c32c3b-d8db-4386-9538-641f27723456.roa (raw, json)
Hash identifier: ubud9Ek5Mo7ViILZs/g1OPr3soqMMCGhxcw5E7OQ9WI=
Subject key identifier: ED:0E:86:E8:FB:71:38:F9:5C:BC:B5:58:62:BF:45:F1:EA:ED:8E:60
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 04197662AF5A0C5D3A5577CE738DC68C77CF0CA4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a0c32c3b-d8db-4386-9538-641f27723456.roa
Signing time: Fri 08 May 2026 03:20:57 +0000
ROA not before: Fri 08 May 2026 03:20:57 +0000
ROA not after: Thu 06 Aug 2026 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d059:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:19:76:62:af:5a:0c:5d:3a:55:77:ce:73:8d:c6:8c:77:cf:0c:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 8 03:20:57 2026 GMT
Not After : Aug 6 23:59:59 2026 GMT
Subject: serialNumber=c51878ac380d7a4635f6be773090795e715aa5e2bddf8613d9e433c1677dc3bc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:31:0e:b3:d8:74:72:85:b5:84:0e:7f:a0:10:
e0:4e:1f:48:00:0f:3a:53:d2:7e:d1:d3:31:3f:83:
14:20:6c:16:97:4b:09:4f:06:c9:20:bf:18:10:c0:
2d:18:46:99:d2:c9:61:90:89:9a:ec:b1:70:2f:30:
37:bd:73:ea:fc:a9:0b:b3:b5:24:6f:32:e6:af:ee:
57:ca:d0:e2:15:df:a5:25:cd:45:47:8b:a1:e4:c0:
e4:d1:f6:8c:c4:1d:cb:41:58:ce:03:2f:58:5b:08:
34:66:ac:76:f3:b2:0b:01:8c:f1:aa:92:34:71:be:
b8:7a:e4:4e:1f:0b:56:a6:56:39:b7:10:1e:65:54:
09:be:b3:ce:28:5b:ed:6b:66:d9:db:b9:28:ac:3c:
fd:ca:0d:40:a6:cd:d2:42:f3:43:95:af:a1:2c:75:
fb:73:f0:a4:52:3c:4d:0c:a2:23:ee:71:08:c8:35:
da:92:8e:25:e1:62:5d:01:9e:0e:ac:f8:3d:02:08:
a2:86:a3:8c:72:52:70:f9:8e:81:76:e6:ea:47:1f:
7d:a3:9d:21:47:0d:27:ba:41:f5:69:b0:99:d7:0c:
0e:13:45:8f:05:e1:1c:3c:60:cd:dc:59:0d:9f:db:
5d:bc:b6:d6:84:2a:e6:8d:0e:78:8c:7b:7a:7a:e0:
9a:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:0E:86:E8:FB:71:38:F9:5C:BC:B5:58:62:BF:45:F1:EA:ED:8E:60
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a0c32c3b-d8db-4386-9538-641f27723456.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:5000::/40
Signature Algorithm: sha256WithRSAEncryption
3e:ee:ee:23:4a:d4:d0:59:0f:5d:ca:6c:66:5a:aa:95:86:b5:
a5:4d:1f:16:ba:94:dd:d3:29:b8:36:91:5b:5c:6f:aa:7a:35:
b3:5f:98:07:cc:02:97:74:cf:d9:13:c3:29:2c:0f:88:69:8a:
c8:0a:1e:fc:ce:59:4f:f8:1e:c1:70:0e:7b:13:69:0c:3f:de:
91:48:d0:15:b9:d3:13:f4:a0:9b:3f:e3:cd:a8:5c:af:d0:14:
3f:57:bc:dd:df:6a:ae:92:58:25:a5:20:f3:5d:c1:44:ec:bd:
cb:38:1b:e7:fe:ba:05:50:85:33:9c:4d:c6:63:b2:36:50:76:
50:1e:74:eb:c7:f1:7a:d9:dc:1f:40:df:6e:3b:99:a4:52:72:
90:c5:fa:6d:60:c5:b2:4f:fa:09:3c:e5:c8:36:7a:46:76:f0:
92:70:81:c9:c4:f9:06:67:35:78:ff:ed:86:46:ce:ae:ce:d8:
d8:57:15:e2:38:85:a0:a4:54:d9:0d:fb:04:c4:12:8e:bb:fd:
69:39:3a:05:bf:ec:04:16:3d:c7:5e:d2:8d:cd:c3:a1:c3:38:
79:a5:24:30:b3:33:36:f0:8f:bb:ec:71:7b:b3:45:46:e0:5a:
b8:c1:1c:f3:09:89:d8:1e:dd:6b:a3:b6:07:bc:0a:f8:19:91:
6f:39:8c:83
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUBBl2Yq9aDF06VXfOc43GjHfPDKQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDgwMzIwNTdaFw0yNjA4MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGM1MTg3OGFjMzgwZDdhNDYzNWY2YmU3NzMwOTA3OTVlNzE1YWE1ZTJiZGRm
ODYxM2Q5ZTQzM2MxNjc3ZGMzYmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOAxDrPYdHKFtYQOf6AQ4E4fSAAPOlPSftHTMT+DFCBsFpdLCU8GySC/GBDA
LRhGmdLJYZCJmuyxcC8wN71z6vypC7O1JG8y5q/uV8rQ4hXfpSXNRUeLoeTA5NH2
jMQdy0FYzgMvWFsINGasdvOyCwGM8aqSNHG+uHrkTh8LVqZWObcQHmVUCb6zzihb
7Wtm2du5KKw8/coNQKbN0kLzQ5WvoSx1+3PwpFI8TQyiI+5xCMg12pKOJeFiXQGe
Dqz4PQIIooajjHJScPmOgXbm6kcffaOdIUcNJ7pB9WmwmdcMDhNFjwXhHDxgzdxZ
DZ/bXby21oQq5o0OeIx7enrgml8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTtDobo
+3E4+Vy8tVhiv0Xx6u2OYDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTBjMzJjM2ItZDhkYi00Mzg2LTk1MzgtNjQxZjI3NzIzNDU2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FlQ
MA0GCSqGSIb3DQEBCwUAA4IBAQA+7u4jStTQWQ9dymxmWqqVhrWlTR8WupTd0ym4
NpFbXG+qejWzX5gHzAKXdM/ZE8MpLA+IaYrICh78zllP+B7BcA57E2kMP96RSNAV
udMT9KCbP+PNqFyv0BQ/V7zd32quklglpSDzXcFE7L3LOBvn/roFUIUznE3GY7I2
UHZQHnTrx/F62dwfQN9uO5mkUnKQxfptYMWyT/oJPOXINnpGdvCScIHJxPkGZzV4
/+2GRs6uztjYVxXiOIWgpFTZDfsExBKOu/1pOToFv+wEFj3HXtKNzcOhwzh5pSQw
szM28I+77HF7s0VG4Fq4wRzzCYnYHt1ro7YHvAr4GZFvOYyD
-----END CERTIFICATE-----
Generated at Tue May 12 23:16:06 2026 by rpki-client