Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b8047dd7-4c66-4d8c-87e5-70ed6859cef4.roa
File: b8047dd7-4c66-4d8c-87e5-70ed6859cef4.roa (raw, json)
Hash identifier: AehIlPGLkgqYYc+sny3TI0igZYbcXJs7YAM0pbGbG8s=
Subject key identifier: BF:C0:2C:87:4C:8E:29:6F:BA:B8:DE:12:BD:8D:9D:A3:53:74:37:A0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4E1886767F2A87F38FDEDC912DF9E278AFBC2F1C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b8047dd7-4c66-4d8c-87e5-70ed6859cef4.roa
Signing time: Sat 02 May 2026 01:20:09 +0000
ROA not before: Sat 02 May 2026 01:20:09 +0000
ROA not after: Fri 31 Jul 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06a:840::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:18:86:76:7f:2a:87:f3:8f:de:dc:91:2d:f9:e2:78:af:bc:2f:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 2 01:20:09 2026 GMT
Not After : Jul 31 23:59:59 2026 GMT
Subject: serialNumber=ff6ae5bde88fa59b736022853603ff8d97e94889d2957e7100d18099beaeaa95, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:21:3d:09:6c:38:98:be:7e:fe:9a:04:9e:7f:
40:be:60:7f:75:8b:d8:35:bb:56:ea:c3:1c:0c:e8:
fa:d2:c1:ee:a3:5f:2b:1a:bc:fb:0d:b8:df:57:4f:
0f:f7:50:95:78:eb:95:3c:fd:c4:23:13:57:79:73:
69:f6:d0:c7:be:9a:c2:59:17:db:f3:7d:ff:e5:df:
df:aa:d5:44:69:df:31:42:af:69:9a:25:3a:a7:2f:
66:8e:73:8c:1a:3c:76:b7:67:3f:5b:ab:8e:c9:c6:
c9:05:d7:e0:b9:a6:08:ff:03:79:2f:b7:17:d2:d3:
87:12:89:d9:2b:fa:51:56:a3:a2:f8:ae:f6:41:e6:
48:6c:cb:df:25:6f:a2:cb:58:a8:9e:13:56:66:58:
d0:37:7c:9e:00:4b:0d:ff:64:f8:74:de:78:e6:c5:
23:de:b5:cc:70:9a:e0:1f:32:e6:ff:54:94:16:01:
e4:10:e8:84:58:14:e1:86:86:90:b8:b5:58:bd:30:
2d:e9:dc:4e:7e:6b:ec:0f:4c:46:60:34:92:e8:31:
68:f1:e7:b3:b0:e2:95:f9:98:b6:64:c8:cb:e8:30:
99:fc:e1:a0:04:c0:da:8a:7e:40:8b:ec:c6:d8:e0:
ba:d8:89:c5:41:db:34:ac:2c:69:bd:b2:92:1e:33:
d3:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:C0:2C:87:4C:8E:29:6F:BA:B8:DE:12:BD:8D:9D:A3:53:74:37:A0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b8047dd7-4c66-4d8c-87e5-70ed6859cef4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06a:840::/48
Signature Algorithm: sha256WithRSAEncryption
b5:a1:30:b1:89:74:4b:9a:bd:fd:98:63:1f:df:c7:cf:97:c6:
7f:67:b3:4b:da:be:5a:ea:f6:38:d5:3b:33:42:bb:dc:ca:95:
2a:c1:a3:f9:34:19:59:ad:80:ad:94:93:26:37:5b:fd:c6:23:
b8:fc:a1:7c:4f:19:94:ea:8f:80:8e:ce:62:5e:ac:53:8d:9f:
67:84:40:1d:d9:a2:8d:c3:03:74:1c:4b:f2:65:f5:5c:93:45:
ef:09:cd:ff:43:64:58:74:ea:c9:f6:e2:ba:1b:ac:d2:04:27:
c0:4c:81:7d:8c:09:97:cf:fe:57:04:07:f9:61:e6:3d:78:be:
87:f7:52:b5:4f:ed:aa:df:c1:11:6b:aa:c4:c8:4e:bf:63:f3:
df:e5:16:3f:93:15:08:1b:33:1c:2f:36:e8:f4:e2:e3:cf:26:
d1:d7:b0:0f:74:33:5b:81:c2:33:b7:9b:cb:45:12:2e:da:75:
cc:c9:6f:be:ed:6b:c5:b9:2f:c9:b7:02:04:e1:f2:17:c0:5c:
e0:c2:73:73:92:0e:55:02:49:5f:c7:5a:c8:a5:52:46:61:23:
35:13:e1:be:90:cd:e6:6c:64:5e:dc:fe:3a:64:7a:e1:ad:f0:
a5:91:1a:af:b1:0e:d9:b3:c3:56:d8:c9:a2:dc:64:90:89:18:
0e:86:d7:15
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUThiGdn8qh/OP3tyRLfnieK+8LxwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDIwMTIwMDlaFw0yNjA3MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGZmNmFlNWJkZTg4ZmE1OWI3MzYwMjI4NTM2MDNmZjhkOTdlOTQ4ODlkMjk1
N2U3MTAwZDE4MDk5YmVhZWFhOTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL0hPQlsOJi+fv6aBJ5/QL5gf3WL2DW7VurDHAzo+tLB7qNfKxq8+w2431dP
D/dQlXjrlTz9xCMTV3lzafbQx76awlkX2/N9/+Xf36rVRGnfMUKvaZolOqcvZo5z
jBo8drdnP1urjsnGyQXX4LmmCP8DeS+3F9LThxKJ2Sv6UVajoviu9kHmSGzL3yVv
ostYqJ4TVmZY0Dd8ngBLDf9k+HTeeObFI961zHCa4B8y5v9UlBYB5BDohFgU4YaG
kLi1WL0wLencTn5r7A9MRmA0kugxaPHns7DilfmYtmTIy+gwmfzhoATA2op+QIvs
xtjgutiJxUHbNKwsab2ykh4z010CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS/wCyH
TI4pb7q43hK9jZ2jU3Q3oDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjgwNDdkZDctNGM2Ni00ZDhjLTg3ZTUtNzBlZDY4NTljZWY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0GoI
QDANBgkqhkiG9w0BAQsFAAOCAQEAtaEwsYl0S5q9/ZhjH9/Hz5fGf2ezS9q+Wur2
ONU7M0K73MqVKsGj+TQZWa2ArZSTJjdb/cYjuPyhfE8ZlOqPgI7OYl6sU42fZ4RA
HdmijcMDdBxL8mX1XJNF7wnN/0NkWHTqyfbiuhus0gQnwEyBfYwJl8/+VwQH+WHm
PXi+h/dStU/tqt/BEWuqxMhOv2Pz3+UWP5MVCBszHC826PTi488m0dewD3QzW4HC
M7eby0USLtp1zMlvvu1rxbkvybcCBOHyF8Bc4MJzc5IOVQJJX8dayKVSRmEjNRPh
vpDN5mxkXtz+OmR64a3wpZEar7EO2bPDVtjJotxkkIkYDobXFQ==
-----END CERTIFICATE-----
Generated at Wed May 13 01:05:47 2026 by rpki-client