Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d31e4b1b-0fa9-4549-a6fa-3a6eb94eef2c.roa
File: d31e4b1b-0fa9-4549-a6fa-3a6eb94eef2c.roa (raw, json)
Hash identifier: 7lJCt4JtACzYEUwg4QtcSc2cdSpD8AtrVURlALwUBsQ=
Subject key identifier: 2F:A9:E5:91:BE:7B:BE:7F:F4:5B:73:0F:E7:CD:B3:E6:99:96:09:87
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3A4EF84E31103C284715B46F61214A18D4FF10F4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d31e4b1b-0fa9-4549-a6fa-3a6eb94eef2c.roa
Signing time: Mon 04 May 2026 15:20:06 +0000
ROA not before: Mon 04 May 2026 15:20:06 +0000
ROA not after: Sun 02 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:840::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:4e:f8:4e:31:10:3c:28:47:15:b4:6f:61:21:4a:18:d4:ff:10:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 4 15:20:06 2026 GMT
Not After : Aug 2 23:59:59 2026 GMT
Subject: serialNumber=a9530384f19877855192a2dcf765527d5015d6ca6cad65617a01c431e5ef231e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:50:bf:7c:85:28:ea:f8:c6:4b:b3:a9:65:33:
95:38:54:f4:0c:39:a5:7d:34:c8:4f:7c:b6:8e:b5:
bd:e8:33:be:da:bd:00:bd:e3:62:3b:22:f5:88:68:
cc:99:e6:f7:50:ab:9d:a5:24:ee:30:26:24:b2:92:
3a:81:b4:46:d3:de:1b:90:ae:34:1e:9e:39:fe:da:
75:36:db:09:e6:c9:74:c7:78:bd:72:c6:c4:23:94:
1c:4a:37:ad:0b:01:e7:bb:56:50:a2:5b:c5:4d:58:
61:24:13:94:65:86:da:b2:80:42:22:66:86:a2:73:
38:88:50:c4:fb:a7:31:91:cb:8f:d1:25:af:29:80:
78:7c:9a:10:11:d2:65:27:80:17:bc:b8:32:5b:68:
87:9f:0d:70:47:61:b1:47:20:b2:4e:c9:27:91:1b:
2e:c8:8e:a2:16:cb:4c:d5:9c:52:d5:a1:c3:79:cc:
b8:b4:29:bb:d2:9d:3c:80:f1:89:f0:4e:e4:89:4f:
29:d3:0c:fc:08:34:68:d4:d1:ed:16:2a:41:51:40:
d8:96:b3:24:55:6b:d3:13:c6:30:2a:e3:c2:14:5d:
03:0d:57:17:d1:b7:96:16:6b:0d:1d:2e:16:7f:e5:
97:19:5c:48:a0:29:55:31:5f:a9:1e:e5:1f:29:86:
34:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:A9:E5:91:BE:7B:BE:7F:F4:5B:73:0F:E7:CD:B3:E6:99:96:09:87
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d31e4b1b-0fa9-4549-a6fa-3a6eb94eef2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:840::/46
Signature Algorithm: sha256WithRSAEncryption
ab:dd:1d:4b:0d:84:92:38:de:1c:dd:39:f5:15:41:89:e5:eb:
13:24:2b:a6:71:03:8b:a3:d2:d4:65:67:0d:53:46:b6:c1:77:
a8:c6:34:98:63:12:bd:d1:bd:43:60:49:de:30:8d:60:c5:32:
2a:22:b9:7a:16:b0:66:fd:9e:6a:0a:de:cf:f5:62:53:88:59:
1a:6d:c0:6f:6e:ef:5f:f8:5a:d6:cc:00:51:11:a6:c0:8c:a5:
61:37:5d:25:c9:d4:f0:8b:b6:47:e0:aa:30:af:fa:d7:b4:a3:
96:be:b3:e0:9a:6f:f5:e5:a0:4d:82:06:6f:2f:15:01:88:af:
be:7b:e2:65:44:7b:22:6f:48:c0:e1:5f:78:f4:16:7b:70:62:
b8:69:0e:1e:64:e0:a8:47:6c:b7:80:83:bd:8f:bf:1e:77:6e:
d4:dd:79:5f:81:2a:83:9b:da:b4:9d:af:d5:68:5d:8b:4e:67:
13:f6:37:00:9f:a1:18:23:3f:74:d5:80:39:a3:1a:31:17:1d:
88:1b:40:d7:61:79:87:bb:32:d2:e9:09:63:ce:8e:01:e1:72:
fd:7d:18:47:97:13:b7:d5:2c:26:a4:f3:6e:67:4c:57:a9:4f:
21:38:51:9a:38:b6:2e:5a:a7:82:36:97:04:dd:e4:f0:ed:28:
c3:d7:4c:97
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUOk74TjEQPChHFbRvYSFKGNT/EPQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDQxNTIwMDZaFw0yNjA4MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQGE5NTMwMzg0ZjE5ODc3ODU1MTkyYTJkY2Y3NjU1MjdkNTAxNWQ2Y2E2Y2Fk
NjU2MTdhMDFjNDMxZTVlZjIzMWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKRQv3yFKOr4xkuzqWUzlThU9Aw5pX00yE98to61vegzvtq9AL3jYjsi9Yho
zJnm91CrnaUk7jAmJLKSOoG0RtPeG5CuNB6eOf7adTbbCebJdMd4vXLGxCOUHEo3
rQsB57tWUKJbxU1YYSQTlGWG2rKAQiJmhqJzOIhQxPunMZHLj9ElrymAeHyaEBHS
ZSeAF7y4Mltoh58NcEdhsUcgsk7JJ5EbLsiOohbLTNWcUtWhw3nMuLQpu9KdPIDx
ifBO5IlPKdMM/Ag0aNTR7RYqQVFA2JazJFVr0xPGMCrjwhRdAw1XF9G3lhZrDR0u
Fn/llxlcSKApVTFfqR7lHymGNDMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQvqeWR
vnu+f/Rbcw/nzbPmmZYJhzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDMxZTRiMWItMGZhOS00NTQ5LWE2ZmEtM2E2ZWI5NGVlZjJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HMI
QDANBgkqhkiG9w0BAQsFAAOCAQEAq90dSw2EkjjeHN059RVBieXrEyQrpnEDi6PS
1GVnDVNGtsF3qMY0mGMSvdG9Q2BJ3jCNYMUyKiK5ehawZv2eagrez/ViU4hZGm3A
b27vX/ha1swAURGmwIylYTddJcnU8Iu2R+CqMK/617Sjlr6z4Jpv9eWgTYIGby8V
AYivvnviZUR7Im9IwOFfePQWe3BiuGkOHmTgqEdst4CDvY+/Hndu1N15X4Eqg5va
tJ2v1Whdi05nE/Y3AJ+hGCM/dNWAOaMaMRcdiBtA12F5h7sy0ukJY86OAeFy/X0Y
R5cTt9UsJqTzbmdMV6lPIThRmji2LlqngjaXBN3k8O0ow9dMlw==
-----END CERTIFICATE-----
Generated at Tue May 12 23:13:53 2026 by rpki-client