Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ac7d1653-2fa3-4817-8e00-87e6c3f2a9c2.roa
File: ac7d1653-2fa3-4817-8e00-87e6c3f2a9c2.roa (raw, json)
Hash identifier: YMbvhw5mD1iPjLyp/ZzGJLOLQDU9y0lhXoc7HgI+3so=
Subject key identifier: 9B:57:60:19:2B:40:1E:85:B5:01:24:3E:C3:15:9A:71:37:FC:D5:01
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1F11C99AD3B7D63E9DDAB5DCADCABBFB70E1FE3C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ac7d1653-2fa3-4817-8e00-87e6c3f2a9c2.roa
Signing time: Mon 11 May 2026 01:40:10 +0000
ROA not before: Mon 11 May 2026 01:40:10 +0000
ROA not after: Sun 09 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:11:c9:9a:d3:b7:d6:3e:9d:da:b5:dc:ad:ca:bb:fb:70:e1:fe:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 11 01:40:10 2026 GMT
Not After : Aug 9 23:59:59 2026 GMT
Subject: serialNumber=0c8e420deb3c47adfbfb12b51fd895c61f50322cf954c16a4d0fb33e6ec2ad9c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:b9:1d:3f:f5:84:5a:99:cb:dd:ab:6a:2e:c6:
28:24:ec:04:37:7a:c4:5c:e1:3f:e7:1b:16:59:26:
b5:84:2b:6f:ef:95:aa:a4:73:89:fc:b7:fe:bb:81:
dc:27:f2:9a:d7:fc:cf:fc:65:03:56:5b:26:f5:44:
95:0f:2d:87:36:1d:6d:11:2e:5e:b8:12:08:4d:e0:
f2:78:a5:db:70:de:9e:6a:eb:67:67:c3:d2:85:54:
c7:43:f0:24:73:a5:94:55:7e:4a:ae:03:6f:e2:4d:
c0:e1:de:20:54:d9:9e:17:ee:2c:68:a5:1b:b6:33:
e7:45:77:7e:95:2c:fd:1d:ab:9f:a3:5c:7f:25:9d:
23:e0:68:db:f7:e8:eb:bb:57:61:85:4a:d5:f3:f2:
4f:60:02:8f:61:0d:3c:c0:d5:98:40:c2:2d:16:72:
d1:97:f5:55:bb:10:a0:37:ea:d5:1d:b1:4d:15:c0:
4a:e0:e5:e8:1e:9b:16:de:d1:d2:60:8f:99:0b:2e:
ff:5d:74:93:cd:39:03:39:9d:ee:b7:07:a3:a9:51:
11:c2:ef:23:40:37:f8:0c:db:15:90:e8:1c:b4:2e:
8f:f2:66:73:93:1b:60:62:72:cb:96:8d:e4:cb:3a:
3c:b8:83:a4:11:d0:6a:5b:f5:35:38:34:54:f4:83:
68:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:57:60:19:2B:40:1E:85:B5:01:24:3E:C3:15:9A:71:37:FC:D5:01
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ac7d1653-2fa3-4817-8e00-87e6c3f2a9c2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:8000::/40
Signature Algorithm: sha256WithRSAEncryption
a9:77:2d:8a:fe:e7:fb:31:8a:71:e4:9f:db:38:8a:8c:e8:79:
eb:02:ee:90:71:f4:0c:1f:44:5e:e6:d7:9a:b1:5b:28:df:d6:
7f:80:40:48:69:ff:18:94:44:30:35:a5:6c:6b:c1:16:e7:ad:
f0:e1:04:8b:93:5e:02:e0:14:c2:40:79:b2:93:47:65:5f:59:
e6:a9:b1:65:8b:8b:6c:57:bb:ca:6b:16:df:41:e9:4b:65:f8:
8e:3b:f3:f1:fc:13:61:67:88:e6:b3:75:a4:3d:7f:de:67:92:
d4:c6:0f:e5:9b:94:85:6a:bd:2c:5d:d6:9a:2b:67:5b:63:0d:
e6:ac:df:b4:d6:3d:f7:77:c4:65:d4:41:2b:c9:2d:93:46:85:
71:5f:76:81:82:b9:d8:1d:b1:a4:2e:a5:e4:a9:53:2b:71:c1:
ec:b1:58:61:28:37:86:26:6f:55:89:f6:2d:df:35:68:34:52:
e9:b8:51:f5:23:b1:49:5b:f1:9c:15:92:cd:29:7b:28:17:01:
a1:da:a7:76:4a:d8:d7:38:53:42:b2:37:ff:f9:81:bf:d0:f2:
7b:e2:42:d4:cf:81:71:2a:16:df:c5:d0:21:9c:32:b7:b9:d8:
89:ad:5a:4b:89:7f:de:3e:39:7e:23:97:ff:ff:f8:68:64:db:
cd:dd:ef:5c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHxHJmtO31j6d2rXcrcq7+3Dh/jwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTEwMTQwMTBaFw0yNjA4MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDBjOGU0MjBkZWIzYzQ3YWRmYmZiMTJiNTFmZDg5NWM2MWY1MDMyMmNmOTU0
YzE2YTRkMGZiMzNlNmVjMmFkOWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL+5HT/1hFqZy92rai7GKCTsBDd6xFzhP+cbFlkmtYQrb++VqqRzify3/ruB
3Cfymtf8z/xlA1ZbJvVElQ8thzYdbREuXrgSCE3g8nil23DenmrrZ2fD0oVUx0Pw
JHOllFV+Sq4Db+JNwOHeIFTZnhfuLGilG7Yz50V3fpUs/R2rn6NcfyWdI+Bo2/fo
67tXYYVK1fPyT2ACj2ENPMDVmEDCLRZy0Zf1VbsQoDfq1R2xTRXASuDl6B6bFt7R
0mCPmQsu/110k805Azmd7rcHo6lREcLvI0A3+AzbFZDoHLQuj/Jmc5MbYGJyy5aN
5Ms6PLiDpBHQalv1NTg0VPSDaAECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSbV2AZ
K0AehbUBJD7DFZpxN/zVATAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWM3ZDE2NTMtMmZhMy00ODE3LThlMDAtODdlNmMzZjJhOWMyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HSA
MA0GCSqGSIb3DQEBCwUAA4IBAQCpdy2K/uf7MYpx5J/bOIqM6HnrAu6QcfQMH0Re
5teasVso39Z/gEBIaf8YlEQwNaVsa8EW563w4QSLk14C4BTCQHmyk0dlX1nmqbFl
i4tsV7vKaxbfQelLZfiOO/Px/BNhZ4jms3WkPX/eZ5LUxg/lm5SFar0sXdaaK2db
Yw3mrN+01j33d8Rl1EEryS2TRoVxX3aBgrnYHbGkLqXkqVMrccHssVhhKDeGJm9V
ifYt3zVoNFLpuFH1I7FJW/GcFZLNKXsoFwGh2qd2StjXOFNCsjf/+YG/0PJ74kLU
z4FxKhbfxdAhnDK3udiJrVpLiX/ePjl+I5f///hoZNvN3e9c
-----END CERTIFICATE-----
Generated at Tue May 12 23:15:28 2026 by rpki-client