Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d2b7a4eb-e2de-4458-a759-5125161eb686.roa
File: d2b7a4eb-e2de-4458-a759-5125161eb686.roa (raw, json)
Hash identifier: EHS7rl3+8dvlh5nUN0K6wTu8gVYVzfNnQBKoWVPJMJQ=
Subject key identifier: D2:9C:B2:1E:47:7C:F4:8B:73:AB:7B:BE:1D:81:68:C1:53:92:48:C1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 67E2B5775A5C346A438465B2472208BC6F0A71C4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d2b7a4eb-e2de-4458-a759-5125161eb686.roa
Signing time: Fri 08 May 2026 03:20:13 +0000
ROA not before: Fri 08 May 2026 03:20:13 +0000
ROA not after: Thu 06 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d059:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:e2:b5:77:5a:5c:34:6a:43:84:65:b2:47:22:08:bc:6f:0a:71:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 8 03:20:13 2026 GMT
Not After : Aug 6 23:59:59 2026 GMT
Subject: serialNumber=60d41e04499ca7b91c2e6de2a24205a6e31dca9b61ee7d7d37a9cdd3b26a9579, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:51:13:fc:95:a9:33:06:89:34:4d:b0:c2:48:
fe:fa:7d:b2:d0:08:60:94:ec:73:60:5e:8a:78:9e:
25:73:2f:72:25:59:f5:8a:53:02:d4:9b:e9:80:91:
ad:a7:6a:90:bd:4d:77:5e:51:0f:e1:b0:c3:03:4f:
2e:5a:a2:2a:d5:ce:91:e1:f3:88:2e:42:76:79:72:
64:80:7e:ec:1b:d2:9f:d5:9d:7f:80:07:f2:49:fa:
5e:8f:af:ea:16:54:96:8b:c7:36:c4:6d:60:3f:29:
2f:01:d2:3d:01:29:d5:de:3d:8c:b3:19:09:5f:3c:
48:65:82:ea:cf:3d:78:71:f7:cd:62:89:e7:85:0a:
78:d4:35:df:18:af:32:ce:92:bc:e3:7e:9e:ea:9d:
6d:61:f3:6b:c2:5c:bf:fe:17:88:81:39:df:8e:6f:
36:e2:51:6a:b9:6e:70:05:eb:c3:db:39:35:31:9d:
dc:ae:63:5d:fc:8c:13:54:4f:59:35:8f:52:ac:79:
f1:b2:44:3a:81:03:a7:ed:df:fa:b0:59:eb:03:79:
37:f3:68:0f:7e:cb:69:c0:cc:0d:87:c3:e7:48:81:
d4:21:cf:c3:3b:63:b3:d1:b6:be:44:a2:60:dd:36:
3f:71:e8:cd:c3:d6:fb:28:13:d8:b4:b0:a8:85:f9:
a5:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:9C:B2:1E:47:7C:F4:8B:73:AB:7B:BE:1D:81:68:C1:53:92:48:C1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d2b7a4eb-e2de-4458-a759-5125161eb686.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:a000::/40
Signature Algorithm: sha256WithRSAEncryption
a7:c5:dc:a9:31:fd:5c:7c:1e:45:67:77:91:96:51:7c:99:f4:
85:77:ea:20:b6:a9:e0:ab:76:cd:21:7e:6e:bb:fa:49:5e:25:
2e:f1:95:c6:5e:76:42:77:59:6f:3a:a5:aa:ac:ff:2a:e7:5c:
49:54:ef:27:db:e6:e8:4d:bf:82:a8:25:db:d1:b0:7d:5a:41:
61:7b:b7:b5:4e:27:f9:18:95:28:9e:09:53:ff:84:a8:5f:be:
44:54:cc:19:84:92:29:ed:be:3d:cb:12:3e:45:ca:9e:46:f4:
c7:d6:31:c4:89:8d:72:f6:9e:25:ff:1a:12:e1:fe:01:c6:64:
8b:4d:1e:8b:46:35:78:cc:b2:1d:17:30:6e:cc:4f:f5:b0:3c:
92:8b:1e:e5:9a:52:d7:0d:c0:da:1c:a1:04:3c:07:26:7f:d0:
f7:e2:cc:35:f4:9d:32:ad:a2:fc:5e:0e:ae:27:83:43:06:0f:
7b:c1:8f:ed:0f:d8:c8:37:86:25:5e:96:32:39:26:c4:4e:9c:
72:e8:65:94:3f:ea:44:ad:06:10:3a:b5:97:49:2e:8d:08:a9:
fa:d2:1b:17:1c:7e:54:89:ea:c6:02:31:f0:f3:e1:e1:eb:f1:
d5:8f:37:d6:4e:38:21:d1:04:ec:44:7d:94:a2:fe:9a:ee:81:
35:3f:e6:91
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZ+K1d1pcNGpDhGWyRyIIvG8KccQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDgwMzIwMTNaFw0yNjA4MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDYwZDQxZTA0NDk5Y2E3YjkxYzJlNmRlMmEyNDIwNWE2ZTMxZGNhOWI2MWVl
N2Q3ZDM3YTljZGQzYjI2YTk1NzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOhRE/yVqTMGiTRNsMJI/vp9stAIYJTsc2BeinieJXMvciVZ9YpTAtSb6YCR
radqkL1Nd15RD+GwwwNPLlqiKtXOkeHziC5CdnlyZIB+7BvSn9Wdf4AH8kn6Xo+v
6hZUlovHNsRtYD8pLwHSPQEp1d49jLMZCV88SGWC6s89eHH3zWKJ54UKeNQ13xiv
Ms6SvON+nuqdbWHza8Jcv/4XiIE5345vNuJRarlucAXrw9s5NTGd3K5jXfyME1RP
WTWPUqx58bJEOoEDp+3f+rBZ6wN5N/NoD37LacDMDYfD50iB1CHPwztjs9G2vkSi
YN02P3HozcPW+ygT2LSwqIX5pTUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTSnLIe
R3z0i3Ore74dgWjBU5JIwTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDJiN2E0ZWItZTJkZS00NDU4LWE3NTktNTEyNTE2MWViNjg2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fmg
MA0GCSqGSIb3DQEBCwUAA4IBAQCnxdypMf1cfB5FZ3eRllF8mfSFd+ogtqngq3bN
IX5uu/pJXiUu8ZXGXnZCd1lvOqWqrP8q51xJVO8n2+boTb+CqCXb0bB9WkFhe7e1
Tif5GJUonglT/4SoX75EVMwZhJIp7b49yxI+RcqeRvTH1jHEiY1y9p4l/xoS4f4B
xmSLTR6LRjV4zLIdFzBuzE/1sDySix7lmlLXDcDaHKEEPAcmf9D34sw19J0yraL8
Xg6uJ4NDBg97wY/tD9jIN4YlXpYyOSbETpxy6GWUP+pErQYQOrWXSS6NCKn60hsX
HH5UierGAjHw8+Hh6/HVjzfWTjgh0QTsRH2Uov6a7oE1P+aR
-----END CERTIFICATE-----
Generated at Tue May 12 23:36:12 2026 by rpki-client