Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bd75b960-96a2-4735-8f78-a99099ccb684.roa
File: bd75b960-96a2-4735-8f78-a99099ccb684.roa (raw, json)
Hash identifier: MYnrzo3ai/lUe2JsH6eKKf+Sbi79dID4XP0FmfChhoQ=
Subject key identifier: 2B:CC:65:CA:42:EE:32:BE:5A:17:FA:5F:FA:7C:89:BF:4F:76:BE:59
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 701B10150D25DF395C389F5F5D21F1B7DEC4DD29
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bd75b960-96a2-4735-8f78-a99099ccb684.roa
Signing time: Mon 04 May 2026 15:20:07 +0000
ROA not before: Mon 04 May 2026 15:20:07 +0000
ROA not after: Sun 02 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:1000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 20:10:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:1b:10:15:0d:25:df:39:5c:38:9f:5f:5d:21:f1:b7:de:c4:dd:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 4 15:20:07 2026 GMT
Not After : Aug 2 23:59:59 2026 GMT
Subject: serialNumber=bb2088f5702a86a86b02a86b3f635e6bbc995f9d3eea9422487001ba375623c8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:93:f1:ed:03:d4:ee:0a:20:59:73:9b:48:20:
4f:de:6f:03:50:bc:f1:5f:a7:42:5a:9c:76:42:d9:
0b:cb:56:93:85:66:4a:0b:d8:07:61:6e:55:9a:f6:
94:ee:5e:50:4d:73:f0:58:80:bd:4b:a5:10:9a:91:
4d:94:eb:0c:e8:65:7b:44:80:b1:d4:e3:37:d2:09:
4b:b8:16:e5:96:f9:9f:af:76:4b:73:16:6f:fb:ef:
dd:c1:00:15:3c:f9:6b:bd:d8:02:0f:b8:25:de:8f:
6d:3f:ea:17:0b:ff:1d:43:e0:1a:f1:67:a4:ea:45:
4f:ef:97:dd:d7:1e:4c:be:df:63:86:4e:49:e6:5a:
d3:cb:76:e7:eb:bf:9c:89:5b:55:e1:f3:44:2b:a4:
09:be:da:32:85:5e:ca:bc:32:df:70:92:92:7e:ad:
19:ed:05:43:a8:86:87:4d:c5:02:ff:97:13:b5:8a:
1f:82:36:70:34:18:7c:24:d0:a5:6e:d0:f1:70:68:
99:a1:63:48:0e:8b:e1:84:f8:90:53:28:07:16:2e:
a2:44:64:91:18:60:e3:10:a3:e8:04:7e:06:5c:87:
59:49:5b:c0:a1:ec:4c:0d:6f:da:83:9d:6d:03:af:
00:b8:7b:2d:46:b9:48:db:34:b1:1a:72:ed:6e:f4:
23:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:CC:65:CA:42:EE:32:BE:5A:17:FA:5F:FA:7C:89:BF:4F:76:BE:59
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bd75b960-96a2-4735-8f78-a99099ccb684.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:1000::/40
Signature Algorithm: sha256WithRSAEncryption
b4:03:5a:2d:21:3b:73:7c:bd:99:d2:0d:7a:f3:72:6f:fb:03:
41:eb:a2:7c:58:08:0d:17:a0:ab:7c:a7:bc:04:9f:59:d6:e4:
78:77:06:48:19:4f:e0:84:56:68:6a:19:12:7d:a8:5c:75:71:
73:71:8a:83:da:27:ae:f4:e8:e2:82:76:f9:9f:71:36:d8:0c:
13:97:e9:c4:09:d9:b4:19:91:d5:94:43:c3:21:8c:bb:57:97:
23:73:f1:a4:46:a4:a7:62:1f:ab:ae:c0:97:62:21:01:09:d6:
6a:e7:fe:32:0d:54:5e:c2:cc:7b:87:93:a2:c4:99:14:26:6d:
15:0e:c5:be:cd:d0:97:37:e8:16:95:a6:f6:de:c1:86:28:b2:
d6:0f:d0:37:9e:8c:8c:5c:4d:10:74:fc:2d:22:7b:a4:be:94:
bf:14:ff:73:00:b9:8b:75:61:97:51:1c:14:0a:ac:f8:b5:6a:
87:0d:a7:97:46:8c:c7:24:44:af:6f:dc:d5:84:97:0b:63:90:
f8:e6:bd:15:39:c7:dd:86:aa:b4:e4:a0:94:ea:17:ce:2c:61:
4b:ed:fc:9b:cb:d8:b3:ec:cb:a0:33:22:2a:6d:87:9a:55:55:
87:0c:c0:da:c8:41:bc:3d:86:19:c3:c9:62:3e:f9:42:11:35:
e7:74:29:ea
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUcBsQFQ0l3zlcOJ9fXSHxt97E3SkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDQxNTIwMDdaFw0yNjA4MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQGJiMjA4OGY1NzAyYTg2YTg2YjAyYTg2YjNmNjM1ZTZiYmM5OTVmOWQzZWVh
OTQyMjQ4NzAwMWJhMzc1NjIzYzgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJCT8e0D1O4KIFlzm0ggT95vA1C88V+nQlqcdkLZC8tWk4VmSgvYB2FuVZr2
lO5eUE1z8FiAvUulEJqRTZTrDOhle0SAsdTjN9IJS7gW5Zb5n692S3MWb/vv3cEA
FTz5a73YAg+4Jd6PbT/qFwv/HUPgGvFnpOpFT++X3dceTL7fY4ZOSeZa08t25+u/
nIlbVeHzRCukCb7aMoVeyrwy33CSkn6tGe0FQ6iGh03FAv+XE7WKH4I2cDQYfCTQ
pW7Q8XBomaFjSA6L4YT4kFMoBxYuokRkkRhg4xCj6AR+BlyHWUlbwKHsTA1v2oOd
bQOvALh7LUa5SNs0sRpy7W70I1cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQrzGXK
Qu4yvloX+l/6fIm/T3a+WTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmQ3NWI5NjAtOTZhMi00NzM1LThmNzgtYTk5MDk5Y2NiNjg0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HMQ
MA0GCSqGSIb3DQEBCwUAA4IBAQC0A1otITtzfL2Z0g1683Jv+wNB66J8WAgNF6Cr
fKe8BJ9Z1uR4dwZIGU/ghFZoahkSfahcdXFzcYqD2ieu9Ojignb5n3E22AwTl+nE
Cdm0GZHVlEPDIYy7V5cjc/GkRqSnYh+rrsCXYiEBCdZq5/4yDVRewsx7h5OixJkU
Jm0VDsW+zdCXN+gWlab23sGGKLLWD9A3noyMXE0QdPwtInukvpS/FP9zALmLdWGX
URwUCqz4tWqHDaeXRozHJESvb9zVhJcLY5D45r0VOcfdhqq05KCU6hfOLGFL7fyb
y9iz7MugMyIqbYeaVVWHDMDayEG8PYYZw8liPvlCETXndCnq
-----END CERTIFICATE-----
Generated at Wed May 13 02:42:23 2026 by rpki-client