Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b8f63940-d674-4d8d-868b-853d00b0d422.roa
File: b8f63940-d674-4d8d-868b-853d00b0d422.roa (raw, json)
Hash identifier: w8cLNtb08tdLyALXppiaWivzkhbDs02Bxz2/2RAGS0E=
Subject key identifier: CA:08:E9:DE:9F:0E:63:1D:8A:77:E9:C7:E3:7C:BD:63:11:94:B0:4F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5E3AADE3FCF5F0B0A1C2B38C169472B726E818B8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b8f63940-d674-4d8d-868b-853d00b0d422.roa
Signing time: Sat 02 May 2026 01:30:37 +0000
ROA not before: Sat 02 May 2026 01:30:37 +0000
ROA not after: Fri 31 Jul 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06a:a000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:3a:ad:e3:fc:f5:f0:b0:a1:c2:b3:8c:16:94:72:b7:26:e8:18:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 2 01:30:37 2026 GMT
Not After : Jul 31 23:59:59 2026 GMT
Subject: serialNumber=c7beef6553fcf0f7d312c891a441bad9a729a8b525afc6dea6af77ae3bafeb02, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:c3:aa:68:6e:4b:b2:47:e7:57:ad:0c:2d:a6:
10:8b:24:22:3f:49:c5:73:1c:d8:aa:aa:a0:1f:7d:
48:cd:c2:a8:d8:0e:cc:e9:0d:21:63:f5:d8:1f:ba:
a8:9a:d6:39:92:f4:88:6b:58:f0:02:ca:f5:82:f6:
25:9d:de:72:da:e8:9e:ed:77:87:96:24:99:04:8a:
c9:e0:9e:ec:eb:e8:41:8b:1f:f7:87:d5:83:0b:29:
14:fa:aa:25:53:05:03:9b:c1:7e:8c:89:ce:15:cd:
24:2d:99:02:91:52:7a:6a:33:6c:ee:3a:32:d8:50:
48:0a:ba:8d:23:49:30:2f:71:59:0f:b2:04:27:de:
93:87:90:ff:08:f3:89:21:74:a5:70:fd:a6:d8:c2:
a8:da:f5:26:59:5f:a1:f5:49:53:d4:c0:57:46:2f:
69:3a:b5:23:de:90:cb:7e:01:a3:b0:68:11:43:12:
88:c1:ad:45:ab:6f:63:41:74:e4:ec:5d:33:7d:96:
3c:3f:83:c2:4e:e3:62:36:89:be:20:2f:f7:27:6c:
d5:f8:31:14:ac:15:75:a5:f3:11:e4:c7:71:81:79:
6b:18:a1:12:f8:0e:13:96:a4:14:e1:cf:ac:96:ba:
78:b2:a1:cc:11:a3:08:8b:18:53:9b:42:b2:f9:22:
53:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:08:E9:DE:9F:0E:63:1D:8A:77:E9:C7:E3:7C:BD:63:11:94:B0:4F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b8f63940-d674-4d8d-868b-853d00b0d422.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06a:a000::/40
Signature Algorithm: sha256WithRSAEncryption
44:cb:55:44:95:a4:9b:9c:a0:13:f2:c6:fb:5f:2b:32:89:9f:
a9:31:50:ec:06:0c:77:34:c0:a0:90:55:f6:c2:78:2a:5c:5b:
b5:cb:65:e2:a9:dd:9d:46:ca:ad:e1:05:3a:37:fc:66:a9:62:
e3:78:89:42:a7:d7:bd:23:dc:d1:65:75:e1:01:65:79:b5:9a:
2d:8b:6f:f4:d0:fe:81:d7:71:28:98:5b:cd:bb:86:6d:16:cc:
58:89:b1:2d:06:ff:21:1b:0e:0b:3b:8f:98:9a:8e:c2:a5:51:
fc:55:7e:f4:6d:c4:32:4a:6d:9f:bd:51:f8:82:cf:1e:a9:8d:
77:f7:8b:d9:70:60:32:90:ec:cf:73:9c:72:38:ad:c1:18:6b:
9d:ed:31:c7:e1:da:c0:21:f9:b2:36:53:e1:5b:a2:ae:04:c3:
a1:15:3e:1b:db:de:38:21:5b:dd:b7:ba:dc:d3:26:3e:f9:9a:
08:8c:1b:43:88:62:66:93:e2:e2:3b:1c:32:b1:fe:b5:57:c7:
b0:f9:cd:ce:de:da:87:e8:30:25:f8:41:d8:1d:fb:cc:eb:d2:
70:90:36:ce:aa:cb:8b:bc:37:95:d9:66:16:88:64:af:e3:31:
20:d5:eb:12:d6:70:84:79:7c:c6:ce:32:82:2d:23:8c:3f:6e:
96:ff:36:f6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXjqt4/z18LChwrOMFpRytyboGLgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDIwMTMwMzdaFw0yNjA3MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGM3YmVlZjY1NTNmY2YwZjdkMzEyYzg5MWE0NDFiYWQ5YTcyOWE4YjUyNWFm
YzZkZWE2YWY3N2FlM2JhZmViMDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKnDqmhuS7JH51etDC2mEIskIj9JxXMc2KqqoB99SM3CqNgOzOkNIWP12B+6
qJrWOZL0iGtY8ALK9YL2JZ3ectronu13h5YkmQSKyeCe7OvoQYsf94fVgwspFPqq
JVMFA5vBfoyJzhXNJC2ZApFSemozbO46MthQSAq6jSNJMC9xWQ+yBCfek4eQ/wjz
iSF0pXD9ptjCqNr1JllfofVJU9TAV0YvaTq1I96Qy34Bo7BoEUMSiMGtRatvY0F0
5OxdM32WPD+Dwk7jYjaJviAv9yds1fgxFKwVdaXzEeTHcYF5axihEvgOE5akFOHP
rJa6eLKhzBGjCIsYU5tCsvkiU78CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTKCOne
nw5jHYp36cfjfL1jEZSwTzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjhmNjM5NDAtZDY3NC00ZDhkLTg2OGItODUzZDAwYjBkNDIyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Gqg
MA0GCSqGSIb3DQEBCwUAA4IBAQBEy1VElaSbnKAT8sb7XysyiZ+pMVDsBgx3NMCg
kFX2wngqXFu1y2Xiqd2dRsqt4QU6N/xmqWLjeIlCp9e9I9zRZXXhAWV5tZoti2/0
0P6B13EomFvNu4ZtFsxYibEtBv8hGw4LO4+Ymo7CpVH8VX70bcQySm2fvVH4gs8e
qY1394vZcGAykOzPc5xyOK3BGGud7THH4drAIfmyNlPhW6KuBMOhFT4b2944IVvd
t7rc0yY++ZoIjBtDiGJmk+LiOxwysf61V8ew+c3O3tqH6DAl+EHYHfvM69JwkDbO
qsuLvDeV2WYWiGSv4zEg1esS1nCEeXzGzjKCLSOMP26W/zb2
-----END CERTIFICATE-----
Generated at Tue May 12 23:17:26 2026 by rpki-client