Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d58dbbef-7392-498d-b094-189de828de57.roa
File: d58dbbef-7392-498d-b094-189de828de57.roa (raw, json)
Hash identifier: nKwE/1O5dI123XjZv0DtqcuKV8QbLTrf1Yp2YWBS7Y8=
Subject key identifier: 4E:83:63:E5:5E:6F:52:C0:06:7D:06:E7:0A:21:7B:EE:E9:F3:3C:BB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1F7B775D40F06FD6D1E651F8BAF505DA7B3ECB16
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d58dbbef-7392-498d-b094-189de828de57.roa
Signing time: Mon 04 May 2026 15:30:10 +0000
ROA not before: Mon 04 May 2026 15:30:10 +0000
ROA not after: Sun 02 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:c020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:7b:77:5d:40:f0:6f:d6:d1:e6:51:f8:ba:f5:05:da:7b:3e:cb:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 4 15:30:10 2026 GMT
Not After : Aug 2 23:59:59 2026 GMT
Subject: serialNumber=8523de2476fc9f30b34f9e16b83f379072578f88fd5a4140121c270fc10e336c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:e4:9b:9d:22:39:66:0a:f4:16:15:7a:9c:0e:
8f:1f:38:40:5e:be:17:98:71:8d:26:f0:b0:9e:86:
45:3e:3f:93:1a:76:a5:47:50:ec:f0:82:7d:68:fe:
45:ee:7d:32:a6:bd:7b:6d:1b:63:8e:85:a7:e4:5d:
9c:8d:76:c2:af:d0:95:3d:52:8f:e5:d7:d0:53:b5:
31:25:02:a2:c1:34:cf:ed:70:1b:5a:b2:e8:1d:ab:
a7:aa:4d:21:25:38:7c:41:52:68:97:40:96:24:0e:
70:92:c4:a0:c3:d4:fd:68:75:ae:c5:8f:a4:c4:92:
f4:3e:c2:67:1a:98:2f:48:f9:69:95:c9:05:97:05:
04:e6:4e:87:80:6c:b9:95:d5:a5:e3:f8:88:03:44:
bb:79:52:b6:c5:0c:cb:0b:42:15:d9:88:79:30:90:
48:bf:2e:d1:8a:62:53:9a:72:e2:fe:de:ee:f5:1a:
a4:fb:44:cd:31:2d:b3:a3:ca:d9:23:34:54:7b:7c:
59:1c:8b:d0:7a:6b:12:bd:30:5e:d8:94:ff:4f:3b:
d5:23:85:a8:93:d1:74:d5:b8:79:82:4d:18:69:ab:
d7:0f:c2:6e:f0:4f:da:9e:25:f4:80:d3:8f:17:b3:
58:d6:96:92:57:4e:65:76:36:40:c3:13:15:05:be:
36:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:83:63:E5:5E:6F:52:C0:06:7D:06:E7:0A:21:7B:EE:E9:F3:3C:BB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d58dbbef-7392-498d-b094-189de828de57.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:c020::/48
Signature Algorithm: sha256WithRSAEncryption
39:97:b6:e4:3f:77:9f:82:a8:14:31:d8:82:8f:95:1a:cc:cd:
f9:d8:ff:2c:86:f8:bb:2c:b0:2e:f6:7e:ff:25:c4:e6:aa:d9:
16:bc:17:4e:97:56:48:dc:aa:b3:e1:d5:f3:21:bc:4e:e6:36:
28:ef:ba:2d:40:92:d6:e4:66:29:ef:e0:0a:cf:0f:73:35:79:
35:20:7c:2c:2c:8b:42:e0:6c:01:f5:cf:bd:99:82:8d:34:2a:
a0:15:2b:bc:76:df:89:62:1d:d5:42:ce:d8:d1:c1:13:09:2c:
30:6c:6a:c9:74:d1:18:53:a9:67:2f:22:db:3d:6d:90:70:f5:
c1:d9:f2:5b:45:bb:37:c7:ab:17:30:e8:ec:29:ad:49:19:ee:
56:c5:4f:65:14:e5:fc:41:05:0c:39:c1:3e:53:7c:f0:e6:cc:
cc:ff:77:c7:fc:8a:dd:46:c4:3f:ee:4b:30:d0:8d:ea:91:6f:
4e:3b:5c:48:72:b0:61:1e:7c:af:4a:84:88:e3:dd:ca:f7:84:
59:45:65:ef:9f:2d:54:be:bd:50:40:a2:3b:38:5c:8c:5d:fa:
54:0c:ff:f2:91:aa:46:74:99:39:36:b5:c6:9d:9d:e1:70:fc:
b1:23:15:b4:bc:0d:e4:78:83:a3:98:81:1f:d0:6a:82:ae:be:
f7:e5:b9:85
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUH3t3XUDwb9bR5lH4uvUF2ns+yxYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDQxNTMwMTBaFw0yNjA4MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDg1MjNkZTI0NzZmYzlmMzBiMzRmOWUxNmI4M2YzNzkwNzI1NzhmODhmZDVh
NDE0MDEyMWMyNzBmYzEwZTMzNmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL3km50iOWYK9BYVepwOjx84QF6+F5hxjSbwsJ6GRT4/kxp2pUdQ7PCCfWj+
Re59Mqa9e20bY46Fp+RdnI12wq/QlT1Sj+XX0FO1MSUCosE0z+1wG1qy6B2rp6pN
ISU4fEFSaJdAliQOcJLEoMPU/Wh1rsWPpMSS9D7CZxqYL0j5aZXJBZcFBOZOh4Bs
uZXVpeP4iANEu3lStsUMywtCFdmIeTCQSL8u0YpiU5py4v7e7vUapPtEzTEts6PK
2SM0VHt8WRyL0HprEr0wXtiU/0871SOFqJPRdNW4eYJNGGmr1w/CbvBP2p4l9IDT
jxezWNaWkldOZXY2QMMTFQW+NhkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBROg2Pl
Xm9SwAZ9BucKIXvu6fM8uzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDU4ZGJiZWYtNzM5Mi00OThkLWIwOTQtMTg5ZGU4MjhkZTU3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DHA
IDANBgkqhkiG9w0BAQsFAAOCAQEAOZe25D93n4KoFDHYgo+VGszN+dj/LIb4uyyw
LvZ+/yXE5qrZFrwXTpdWSNyqs+HV8yG8TuY2KO+6LUCS1uRmKe/gCs8PczV5NSB8
LCyLQuBsAfXPvZmCjTQqoBUrvHbfiWId1ULO2NHBEwksMGxqyXTRGFOpZy8i2z1t
kHD1wdnyW0W7N8erFzDo7CmtSRnuVsVPZRTl/EEFDDnBPlN88ObMzP93x/yK3UbE
P+5LMNCN6pFvTjtcSHKwYR58r0qEiOPdyveEWUVl758tVL69UECiOzhcjF36VAz/
8pGqRnSZOTa1xp2d4XD8sSMVtLwN5HiDo5iBH9Bqgq6+9+W5hQ==
-----END CERTIFICATE-----
Generated at Tue May 12 23:28:38 2026 by rpki-client