Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bc59e421-ba1d-4f6a-aeba-9d5c673a7026.roa
File: bc59e421-ba1d-4f6a-aeba-9d5c673a7026.roa (raw, json)
Hash identifier: HB+S/XFFJrGDYD3zIG3QXW+HMsfbaR2/3MCQfhagwdg=
Subject key identifier: 52:48:F3:7D:01:C1:34:CE:DB:AF:D3:8D:3F:19:0F:77:2D:7A:93:52
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 8D1923DA65F011F56E74FB0233523EF74E97C8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bc59e421-ba1d-4f6a-aeba-9d5c673a7026.roa
Signing time: Mon 11 May 2026 01:51:10 +0000
ROA not before: Mon 11 May 2026 01:51:10 +0000
ROA not after: Sun 09 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
8d:19:23:da:65:f0:11:f5:6e:74:fb:02:33:52:3e:f7:4e:97:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 11 01:51:10 2026 GMT
Not After : Aug 9 23:59:59 2026 GMT
Subject: serialNumber=71f7629e9c626ef9316984c3989d0a0d63b20b95a8df5a7d4f7c440e6377058e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:9c:8e:2f:3e:e4:09:34:ad:9e:ff:87:c4:87:
33:28:be:0c:8a:8d:ee:00:11:29:99:7f:c9:4b:de:
ef:11:52:33:33:bb:06:db:3a:bb:b1:a1:ec:10:c8:
8f:d1:70:dc:61:44:a3:c6:fb:d5:15:28:84:9a:7c:
d7:a9:92:7b:e9:9e:e0:2b:35:e7:c8:19:5a:c7:cf:
89:d7:81:91:be:fa:ca:22:e7:ed:df:6c:78:d5:06:
a1:44:75:03:19:56:21:c2:d5:36:e7:a5:b9:1a:b8:
b9:52:1e:a0:1d:ef:1a:88:c8:0c:a1:5d:c4:1c:e1:
95:6b:a9:48:1f:d3:e0:62:be:33:09:c8:51:1a:12:
4c:8e:41:0f:24:c0:ea:86:21:b4:a2:e6:01:d7:82:
19:25:b6:5c:c2:71:6f:6d:72:f1:9d:e2:14:31:a3:
1e:1d:5b:dc:4f:b2:4c:b0:f6:ec:07:f2:c6:06:4e:
28:03:12:90:ea:63:96:90:6f:53:77:b4:a9:f8:15:
53:7f:f3:f3:95:9d:de:9f:b6:1f:75:36:d2:49:f3:
9f:e1:4c:e2:1e:d1:99:66:9a:ef:92:7c:a5:e9:99:
80:45:d5:49:a6:3c:3b:37:87:49:6a:4f:54:72:fb:
19:73:d2:dd:b2:54:54:f1:5e:5b:39:39:68:3d:61:
02:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:48:F3:7D:01:C1:34:CE:DB:AF:D3:8D:3F:19:0F:77:2D:7A:93:52
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bc59e421-ba1d-4f6a-aeba-9d5c673a7026.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:2000::/40
Signature Algorithm: sha256WithRSAEncryption
07:8e:c2:9e:10:a3:b6:e3:26:ab:49:f2:03:59:67:37:ee:c2:
39:a2:d2:60:15:d7:63:7a:3d:59:83:9b:de:70:d1:7a:c1:88:
cd:1f:1b:c5:ba:93:d8:9d:fa:1b:3c:01:b0:75:0e:3c:07:67:
cb:2e:4e:66:ac:59:6f:64:4e:2a:a7:82:db:b3:a3:c6:11:0b:
03:8d:94:5a:f6:23:31:26:7d:13:c1:da:5a:4b:4d:c0:19:29:
16:12:40:ed:1e:40:06:1c:38:81:30:1d:3b:98:bf:86:11:fb:
c2:41:35:e3:6a:e6:dd:9e:d6:29:70:2d:d0:75:f0:b0:ae:2a:
f5:71:9c:39:69:75:93:5f:4c:b7:2e:76:17:a1:9a:66:31:86:
9a:3c:56:67:5f:c1:29:95:02:e7:b7:1e:47:5c:a4:4f:b3:df:
23:bb:b4:96:ee:b0:96:b7:4c:19:89:75:19:60:5f:42:b6:15:
7c:b1:13:7e:c8:4d:f2:fa:2e:7e:43:7a:54:7f:05:54:7a:df:
0a:af:29:bb:c8:0f:bf:3e:39:a3:f4:c9:85:5e:05:7a:1f:ff:
dc:3c:40:53:6b:45:1b:08:18:57:b3:6e:cd:d4:73:42:17:cb:
ee:8f:b2:a4:fa:5c:5a:4a:6f:85:de:f2:28:50:dd:57:c7:28:
e8:28:be:ab
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUAI0ZI9pl8BH1bnT7AjNSPvdOl8gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTEwMTUxMTBaFw0yNjA4MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDcxZjc2MjllOWM2MjZlZjkzMTY5ODRjMzk4OWQwYTBkNjNiMjBiOTVhOGRm
NWE3ZDRmN2M0NDBlNjM3NzA1OGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKScji8+5Ak0rZ7/h8SHMyi+DIqN7gARKZl/yUve7xFSMzO7Bts6u7Gh7BDI
j9Fw3GFEo8b71RUohJp816mSe+me4Cs158gZWsfPideBkb76yiLn7d9seNUGoUR1
AxlWIcLVNueluRq4uVIeoB3vGojIDKFdxBzhlWupSB/T4GK+MwnIURoSTI5BDyTA
6oYhtKLmAdeCGSW2XMJxb21y8Z3iFDGjHh1b3E+yTLD27AfyxgZOKAMSkOpjlpBv
U3e0qfgVU3/z85Wd3p+2H3U20knzn+FM4h7RmWaa75J8pemZgEXVSaY8OzeHSWpP
VHL7GXPS3bJUVPFeWzk5aD1hAjECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRSSPN9
AcE0ztuv040/GQ93LXqTUjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmM1OWU0MjEtYmExZC00ZjZhLWFlYmEtOWQ1YzY3M2E3MDI2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DAg
MA0GCSqGSIb3DQEBCwUAA4IBAQAHjsKeEKO24yarSfIDWWc37sI5otJgFddjej1Z
g5vecNF6wYjNHxvFupPYnfobPAGwdQ48B2fLLk5mrFlvZE4qp4Lbs6PGEQsDjZRa
9iMxJn0TwdpaS03AGSkWEkDtHkAGHDiBMB07mL+GEfvCQTXjaubdntYpcC3QdfCw
rir1cZw5aXWTX0y3LnYXoZpmMYaaPFZnX8EplQLntx5HXKRPs98ju7SW7rCWt0wZ
iXUZYF9CthV8sRN+yE3y+i5+Q3pUfwVUet8Krym7yA+/Pjmj9MmFXgV6H//cPEBT
a0UbCBhXs27N1HNCF8vuj7Kk+lxaSm+F3vIoUN1XxyjoKL6r
-----END CERTIFICATE-----
Generated at Tue May 12 23:15:18 2026 by rpki-client