Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b41919f2-4e07-4adf-8fc6-43f8940080d4.roa
File: b41919f2-4e07-4adf-8fc6-43f8940080d4.roa (raw, json)
Hash identifier: 4bgauMBIkUXZfvtmasKIEkpcyMp95pIXYJCt+PvMq68=
Subject key identifier: 0C:57:F2:7A:B6:94:DE:11:4A:D1:0F:01:D9:40:4C:0C:92:76:3B:00
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7835C7CFD0B21CF7830FD6AD0795F71773C38DC7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b41919f2-4e07-4adf-8fc6-43f8940080d4.roa
Signing time: Mon 11 May 2026 01:40:06 +0000
ROA not before: Mon 11 May 2026 01:40:06 +0000
ROA not after: Sun 09 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:35:c7:cf:d0:b2:1c:f7:83:0f:d6:ad:07:95:f7:17:73:c3:8d:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 11 01:40:06 2026 GMT
Not After : Aug 9 23:59:59 2026 GMT
Subject: serialNumber=58f1ac8ca03e294b55a116fe91d3b50132678c083b787bdad2e28a5278260223, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:49:e7:e4:93:6d:82:b8:58:5d:ec:fc:6c:90:
6d:c4:a1:1b:2a:e5:9b:89:6b:f0:19:72:9d:64:82:
af:9c:ff:81:d2:cf:c4:3d:fa:9e:4a:b5:b3:1b:22:
b2:d8:a7:d8:aa:71:d4:60:d3:b7:fc:8b:94:08:84:
94:4e:ed:e2:dd:9d:57:0a:8d:cb:38:b5:92:c9:d2:
5c:b0:e5:c7:01:68:e1:c8:89:bd:81:b7:1c:dc:b7:
5c:2a:12:e0:86:8c:8c:d5:ba:32:28:72:5f:b4:ad:
a7:65:bc:06:f1:cb:71:ce:b0:af:29:29:77:95:d4:
b8:4c:1b:c7:7a:fd:fe:91:59:61:28:0e:4b:9f:ac:
53:5a:a8:17:c6:11:05:65:18:ea:f9:fb:07:30:57:
c4:d4:0b:e7:94:37:e2:fe:82:56:b5:51:5b:52:8b:
fc:25:40:b3:30:32:9b:30:91:a4:e0:52:0a:bf:91:
b3:cc:a8:7e:22:6b:bc:ba:e4:61:04:6b:17:59:0b:
63:d2:5d:f5:62:f2:c7:a0:fb:1c:7c:27:b6:66:15:
95:31:ab:9d:4b:86:f0:32:af:eb:fc:85:b5:29:5a:
1e:a7:b4:a2:79:92:7f:fd:75:b2:e8:e3:55:b1:fb:
8a:e9:4c:21:43:3d:ff:02:2b:aa:f2:02:a3:ff:a1:
e8:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:57:F2:7A:B6:94:DE:11:4A:D1:0F:01:D9:40:4C:0C:92:76:3B:00
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b41919f2-4e07-4adf-8fc6-43f8940080d4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:9000::/40
Signature Algorithm: sha256WithRSAEncryption
93:cb:02:28:7c:67:22:be:48:dc:88:7a:02:74:b6:36:57:1c:
f4:6f:02:a6:41:f1:f2:3d:e3:ae:9c:a2:30:83:74:e9:9a:8d:
22:54:fd:5c:35:40:c4:ca:73:d3:0f:0a:2a:64:c9:a9:ec:58:
f9:a1:a5:6b:33:df:c8:01:6d:77:bb:1b:f5:e9:f8:14:ca:30:
f2:f3:d9:d2:ac:19:e7:a3:06:52:9f:6a:db:98:0e:e9:81:70:
c4:18:07:4f:be:e9:ed:d6:33:a2:f5:64:54:bd:ad:07:17:20:
b0:b2:e8:7d:46:4a:da:a1:b5:66:12:47:5c:18:a4:5c:af:ff:
14:58:bf:b1:a4:ff:7b:c2:77:25:11:96:ac:d1:ee:eb:8d:aa:
a5:df:7c:36:71:77:66:46:fd:dc:72:7d:af:49:04:c7:e7:28:
ca:f1:eb:27:e1:fc:35:a2:de:b1:51:3f:26:a6:d8:75:25:76:
16:5c:0e:ff:8d:8d:44:9e:bc:ca:7e:7c:6c:5b:0b:79:b1:23:
e1:40:d3:63:28:07:e8:37:5c:29:23:00:df:11:c6:e4:80:bb:
4f:1f:87:6c:81:ca:90:4f:be:e9:3a:27:16:ba:4d:56:c3:79:
b7:e1:74:46:39:51:82:18:0b:74:da:de:cd:f1:a7:1c:f1:f3:
a7:ba:5f:ea
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUeDXHz9CyHPeDD9atB5X3F3PDjccwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTEwMTQwMDZaFw0yNjA4MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDU4ZjFhYzhjYTAzZTI5NGI1NWExMTZmZTkxZDNiNTAxMzI2NzhjMDgzYjc4
N2JkYWQyZTI4YTUyNzgyNjAyMjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKlJ5+STbYK4WF3s/GyQbcShGyrlm4lr8BlynWSCr5z/gdLPxD36nkq1sxsi
stin2Kpx1GDTt/yLlAiElE7t4t2dVwqNyzi1ksnSXLDlxwFo4ciJvYG3HNy3XCoS
4IaMjNW6MihyX7Stp2W8BvHLcc6wrykpd5XUuEwbx3r9/pFZYSgOS5+sU1qoF8YR
BWUY6vn7BzBXxNQL55Q34v6CVrVRW1KL/CVAszAymzCRpOBSCr+Rs8yofiJrvLrk
YQRrF1kLY9Jd9WLyx6D7HHwntmYVlTGrnUuG8DKv6/yFtSlaHqe0onmSf/11sujj
VbH7iulMIUM9/wIrqvICo/+h6OMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQMV/J6
tpTeEUrRDwHZQEwMknY7ADAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjQxOTE5ZjItNGUwNy00YWRmLThmYzYtNDNmODk0MDA4MGQ0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DCQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCTywIofGcivkjciHoCdLY2Vxz0bwKmQfHyPeOu
nKIwg3Tpmo0iVP1cNUDEynPTDwoqZMmp7Fj5oaVrM9/IAW13uxv16fgUyjDy89nS
rBnnowZSn2rbmA7pgXDEGAdPvunt1jOi9WRUva0HFyCwsuh9RkraobVmEkdcGKRc
r/8UWL+xpP97wnclEZas0e7rjaql33w2cXdmRv3ccn2vSQTH5yjK8esn4fw1ot6x
UT8mpth1JXYWXA7/jY1EnrzKfnxsWwt5sSPhQNNjKAfoN1wpIwDfEcbkgLtPH4ds
gcqQT77pOicWuk1Ww3m34XRGOVGCGAt02t7N8acc8fOnul/q
-----END CERTIFICATE-----
Generated at Tue May 12 23:12:21 2026 by rpki-client