Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d6265269-370a-4e3b-983b-9bec3a5c535a.roa
File: d6265269-370a-4e3b-983b-9bec3a5c535a.roa (raw, json)
Hash identifier: yX+0YRxISvQa8wNsIEshtWoz6Cv3rIVI1yvT1HTDg5E=
Subject key identifier: A7:D9:94:C7:8F:2C:31:29:F4:7A:9B:00:3A:91:FA:38:F3:03:26:57
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 46C9CAE7760B71218DD32F31863CFA25535A3A29
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d6265269-370a-4e3b-983b-9bec3a5c535a.roa
Signing time: Mon 04 May 2026 15:20:05 +0000
ROA not before: Mon 04 May 2026 15:20:05 +0000
ROA not after: Sun 02 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:e000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:c9:ca:e7:76:0b:71:21:8d:d3:2f:31:86:3c:fa:25:53:5a:3a:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 4 15:20:05 2026 GMT
Not After : Aug 2 23:59:59 2026 GMT
Subject: serialNumber=dd033c459cb1a563bba15f1630cb3862b7d43bc28cdba70b39f7089cb7657125, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:b1:d8:ab:f2:f7:a8:8f:c0:df:5c:1b:c1:17:
bb:a1:64:93:04:f9:88:19:cc:fd:a2:e3:af:81:b9:
03:24:fe:66:66:d5:c9:ba:82:b1:ff:11:ff:a3:4d:
c0:80:05:3f:b2:db:32:31:ab:83:ee:c9:3e:06:e2:
fb:f9:9c:5d:d5:83:32:05:c2:3f:03:2e:9f:d0:5d:
cf:19:76:ec:79:f8:e3:64:33:62:28:72:7b:54:0c:
31:a0:3e:57:99:bf:ba:e9:0d:49:42:a1:55:09:0b:
8b:01:0b:12:d6:7d:cb:25:12:86:49:cc:61:d5:31:
c4:0e:ad:29:81:d4:be:0b:76:55:ef:fc:42:3a:2c:
73:bf:d3:00:ed:61:ba:e2:91:27:c9:dc:cb:cb:f7:
94:e0:fc:2d:18:8a:1d:39:69:c4:ae:73:6b:f0:9e:
b7:4d:7a:c6:88:0e:f4:3d:86:36:52:dc:e6:00:d3:
65:0d:eb:a4:78:4c:d2:5a:38:49:cd:1c:b6:db:21:
36:93:7d:56:22:92:16:db:f2:86:7b:ec:53:c8:9f:
ff:fa:6c:f6:fb:0d:69:35:79:9a:87:f4:f2:5e:bc:
e2:c4:18:5b:33:fa:21:99:0f:2d:17:43:47:45:e3:
f1:bc:e0:03:0a:4e:ff:c9:e2:f3:c1:71:9a:70:19:
1e:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:D9:94:C7:8F:2C:31:29:F4:7A:9B:00:3A:91:FA:38:F3:03:26:57
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d6265269-370a-4e3b-983b-9bec3a5c535a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:e000::/40
Signature Algorithm: sha256WithRSAEncryption
84:8f:0d:9d:8b:ec:c7:c6:ce:26:25:a0:55:23:68:dc:fe:07:
04:e8:ba:93:cd:09:bf:3a:6b:63:ec:6e:ac:89:aa:a6:59:18:
10:1e:93:58:2b:10:9d:6f:0e:f7:03:30:76:ac:59:2f:2d:1a:
5b:f3:14:ee:99:c7:8f:26:6d:34:c0:a8:be:a2:96:50:d7:d0:
c8:0b:71:ff:5b:28:0d:26:6a:f5:09:1d:f4:40:84:26:bf:73:
72:a1:04:e3:74:6b:80:b1:18:9a:2a:d1:b7:27:2c:95:9f:8d:
09:49:01:8b:3f:d1:b5:69:89:84:d1:50:b9:47:25:21:c7:7f:
49:2d:b3:d2:e3:7f:67:e2:05:53:27:53:00:b4:23:e1:e4:7a:
8c:77:11:f8:df:d5:32:ab:3f:02:b6:b0:a9:0a:78:e3:a7:9b:
fa:6a:96:21:cf:2b:9a:fb:18:83:3a:25:24:28:fa:4b:31:4f:
3e:22:a3:2e:81:4f:8c:52:8d:82:c5:b9:e9:5a:5e:97:f7:ff:
2b:2e:18:76:fd:dc:55:08:38:d2:82:a7:3e:84:b8:dc:02:a3:
86:18:2e:c7:65:94:4b:a7:51:7f:7c:77:fd:64:71:49:0d:93:
76:ac:f0:1b:f1:4a:2a:e9:bd:37:af:a2:31:e6:a6:6e:30:83:
1f:f6:09:15
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURsnK53YLcSGN0y8xhjz6JVNaOikwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDQxNTIwMDVaFw0yNjA4MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQGRkMDMzYzQ1OWNiMWE1NjNiYmExNWYxNjMwY2IzODYyYjdkNDNiYzI4Y2Ri
YTcwYjM5ZjcwODljYjc2NTcxMjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL6x2Kvy96iPwN9cG8EXu6FkkwT5iBnM/aLjr4G5AyT+ZmbVybqCsf8R/6NN
wIAFP7LbMjGrg+7JPgbi+/mcXdWDMgXCPwMun9Bdzxl27Hn442QzYihye1QMMaA+
V5m/uukNSUKhVQkLiwELEtZ9yyUShknMYdUxxA6tKYHUvgt2Ve/8Qjosc7/TAO1h
uuKRJ8ncy8v3lOD8LRiKHTlpxK5za/Cet016xogO9D2GNlLc5gDTZQ3rpHhM0lo4
Sc0cttshNpN9ViKSFtvyhnvsU8if//ps9vsNaTV5mof08l684sQYWzP6IZkPLRdD
R0Xj8bzgAwpO/8ni88FxmnAZHtkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSn2ZTH
jywxKfR6mwA6kfo48wMmVzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDYyNjUyNjktMzcwYS00ZTNiLTk4M2ItOWJlYzNhNWM1MzVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HPg
MA0GCSqGSIb3DQEBCwUAA4IBAQCEjw2di+zHxs4mJaBVI2jc/gcE6LqTzQm/Omtj
7G6siaqmWRgQHpNYKxCdbw73AzB2rFkvLRpb8xTumcePJm00wKi+opZQ19DIC3H/
WygNJmr1CR30QIQmv3NyoQTjdGuAsRiaKtG3JyyVn40JSQGLP9G1aYmE0VC5RyUh
x39JLbPS439n4gVTJ1MAtCPh5HqMdxH439Uyqz8CtrCpCnjjp5v6apYhzyua+xiD
OiUkKPpLMU8+IqMugU+MUo2CxbnpWl6X9/8rLhh2/dxVCDjSgqc+hLjcAqOGGC7H
ZZRLp1F/fHf9ZHFJDZN2rPAb8Uoq6b03r6Ix5qZuMIMf9gkV
-----END CERTIFICATE-----
Generated at Tue May 12 23:38:56 2026 by rpki-client