Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b83c6ff3-492f-409c-86bf-cb90ca64f452.roa
File: b83c6ff3-492f-409c-86bf-cb90ca64f452.roa (raw, json)
Hash identifier: mq8XjX6wghRWE9pHAJbf3Fz0MVlzXCCeKgNdeAJQWTs=
Subject key identifier: 04:E0:FD:3A:27:88:6C:E1:DA:F1:37:C9:48:24:13:B3:25:87:EC:F0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 13600ED07DDD313A39E4E2C3760CD07BA020CEB7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b83c6ff3-492f-409c-86bf-cb90ca64f452.roa
Signing time: Fri 08 May 2026 03:30:11 +0000
ROA not before: Fri 08 May 2026 03:30:11 +0000
ROA not after: Thu 06 Aug 2026 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d059:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:60:0e:d0:7d:dd:31:3a:39:e4:e2:c3:76:0c:d0:7b:a0:20:ce:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 8 03:30:11 2026 GMT
Not After : Aug 6 23:59:59 2026 GMT
Subject: serialNumber=404e0b998e65ae9af064b9f2cbfca9d4bff515479647f741b7b982cbea587499, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:51:a6:b3:de:af:35:72:a9:0c:97:ad:7a:30:
a6:73:d3:9b:4c:8f:6f:7f:ac:11:c0:15:f4:17:90:
f3:78:f1:e9:5e:1b:02:65:63:f8:25:82:e6:0d:a3:
74:ab:0c:be:b6:03:17:fb:e9:ca:96:50:5f:ad:e7:
36:4e:92:6e:97:76:11:a8:1c:bb:24:b4:f5:28:d7:
e5:db:38:99:b0:c2:0a:4a:e3:bf:ae:92:7b:af:d0:
94:d3:ff:dd:9e:8d:d2:c8:5c:73:dd:93:cb:5a:7c:
d8:e6:e3:f4:97:24:2b:ca:87:f2:76:4b:4c:14:99:
76:7f:57:f0:b9:a5:a3:54:9a:56:05:74:e5:d9:73:
4d:1c:8c:ae:db:17:af:01:c4:92:38:d2:5a:db:58:
6a:69:62:64:39:ff:b6:1f:b6:ed:56:2b:90:8e:79:
64:d8:b8:ea:85:21:af:04:5c:42:50:5c:6e:f9:9d:
8e:70:74:f6:e7:dc:d1:a5:91:2d:3e:ea:dc:df:d1:
f2:09:99:3d:67:a4:ee:a4:d3:8d:71:0d:55:8a:98:
e4:08:eb:a9:d4:c8:f6:7f:15:33:5c:22:e4:80:ff:
08:45:a4:b4:90:18:64:dd:f6:03:58:c4:7f:b8:7c:
a0:3f:2c:7d:21:b3:bb:87:e0:24:e3:dc:3c:67:a9:
5e:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:E0:FD:3A:27:88:6C:E1:DA:F1:37:C9:48:24:13:B3:25:87:EC:F0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b83c6ff3-492f-409c-86bf-cb90ca64f452.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:e000::/40
Signature Algorithm: sha256WithRSAEncryption
5f:85:9e:fb:e2:ba:0a:75:1c:48:61:14:2e:01:a0:20:d7:37:
cd:14:f4:48:19:47:9a:43:32:4c:35:80:f3:17:70:df:8e:68:
f5:c5:f0:e5:54:93:8f:f9:fe:4a:db:85:18:22:b2:6f:79:7a:
f8:90:3c:36:c2:7e:5b:84:f2:42:94:27:62:41:18:39:d7:9c:
73:7a:00:c2:dc:b7:2f:d3:47:f8:50:ba:32:69:94:06:4b:96:
c2:be:aa:85:f1:2c:d1:04:e5:18:60:21:36:03:f2:f3:49:60:
9e:8e:f1:cc:bd:a7:84:e3:b3:66:57:e1:52:fe:32:7a:ea:7b:
73:ac:97:0b:bd:ae:2b:ef:f7:04:ef:0c:20:cd:ca:b1:76:ff:
ef:5d:95:a4:bc:57:8d:f8:97:53:ca:6e:58:b0:8b:7a:46:da:
ba:ac:b5:5a:ab:ac:ba:8d:52:59:2f:ff:1c:69:b7:25:db:81:
d4:87:c7:e0:22:fe:2f:7d:20:85:60:25:81:60:58:31:cc:5a:
3d:83:39:e0:21:26:36:63:c9:d5:8a:46:e8:38:6d:63:8c:8a:
b1:d9:ad:37:13:cc:dd:fd:5c:a8:10:32:e8:11:83:e8:cb:f0:
96:e0:be:7e:c1:9e:d0:d0:c3:fd:8b:10:3a:e8:74:0b:f3:fe:
99:d0:f8:f9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUE2AO0H3dMTo55OLDdgzQe6AgzrcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDgwMzMwMTFaFw0yNjA4MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDQwNGUwYjk5OGU2NWFlOWFmMDY0YjlmMmNiZmNhOWQ0YmZmNTE1NDc5NjQ3
Zjc0MWI3Yjk4MmNiZWE1ODc0OTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALdRprPerzVyqQyXrXowpnPTm0yPb3+sEcAV9BeQ83jx6V4bAmVj+CWC5g2j
dKsMvrYDF/vpypZQX63nNk6Sbpd2EagcuyS09SjX5ds4mbDCCkrjv66Se6/QlNP/
3Z6N0shcc92Ty1p82Obj9JckK8qH8nZLTBSZdn9X8Lmlo1SaVgV05dlzTRyMrtsX
rwHEkjjSWttYamliZDn/th+27VYrkI55ZNi46oUhrwRcQlBcbvmdjnB09ufc0aWR
LT7q3N/R8gmZPWek7qTTjXENVYqY5AjrqdTI9n8VM1wi5ID/CEWktJAYZN32A1jE
f7h8oD8sfSGzu4fgJOPcPGepXsMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQE4P06
J4hs4drxN8lIJBOzJYfs8DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjgzYzZmZjMtNDkyZi00MDljLTg2YmYtY2I5MGNhNjRmNDUyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fng
MA0GCSqGSIb3DQEBCwUAA4IBAQBfhZ774roKdRxIYRQuAaAg1zfNFPRIGUeaQzJM
NYDzF3Dfjmj1xfDlVJOP+f5K24UYIrJveXr4kDw2wn5bhPJClCdiQRg515xzegDC
3Lcv00f4ULoyaZQGS5bCvqqF8SzRBOUYYCE2A/LzSWCejvHMvaeE47NmV+FS/jJ6
6ntzrJcLva4r7/cE7wwgzcqxdv/vXZWkvFeN+JdTym5YsIt6Rtq6rLVaq6y6jVJZ
L/8cabcl24HUh8fgIv4vfSCFYCWBYFgxzFo9gzngISY2Y8nVikboOG1jjIqx2a03
E8zd/VyoEDLoEYPoy/CW4L5+wZ7Q0MP9ixA66HQL8/6Z0Pj5
-----END CERTIFICATE-----
Generated at Tue May 12 22:36:01 2026 by rpki-client