Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dec4a7df-5727-45ab-92fb-7078e26fd54d.roa
File: dec4a7df-5727-45ab-92fb-7078e26fd54d.roa (raw, json)
Hash identifier: W2e2WuiJHARwdF3wuJa3Z0afIA+QCChrEqD1AzYX73c=
Subject key identifier: 59:9C:47:8C:81:99:A7:C8:65:B4:02:B1:F1:49:01:35:05:59:72:52
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4AC1E9F830FEB11B086DD47D740C0D4EAF5BC6A7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dec4a7df-5727-45ab-92fb-7078e26fd54d.roa
Signing time: Mon 11 May 2026 01:51:06 +0000
ROA not before: Mon 11 May 2026 01:51:06 +0000
ROA not after: Sun 09 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:c1:e9:f8:30:fe:b1:1b:08:6d:d4:7d:74:0c:0d:4e:af:5b:c6:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 11 01:51:06 2026 GMT
Not After : Aug 9 23:59:59 2026 GMT
Subject: serialNumber=8940e5e6b2b63e5460142be521aa6a03338b72447fa18ea396d67757a2860ff3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:4b:5d:90:13:0e:f9:77:a2:e3:ce:0a:a9:54:
a3:c0:e0:69:fc:b6:72:48:4e:ae:82:ce:66:47:0d:
01:06:74:cf:d7:12:8d:0b:f9:16:75:4c:9b:1d:ed:
82:dd:63:7b:bc:36:99:53:34:44:20:cc:bb:fe:ad:
14:c2:71:54:97:58:cf:35:e3:5a:24:37:38:8e:1e:
b9:9d:d3:86:0d:2c:44:3a:73:69:9a:17:f0:7d:bc:
ae:57:07:d4:e0:a7:c1:9e:d1:f7:fc:3a:44:2f:b4:
9c:30:4d:49:ea:68:7a:24:68:3d:34:08:42:26:f2:
1f:62:ba:10:08:f1:cb:c9:8f:71:da:8c:0e:35:0f:
e9:17:07:b5:32:70:f3:bb:fc:d5:ee:86:54:a7:02:
09:48:4b:7f:2a:a5:9f:cf:24:c0:ca:06:f1:4d:e0:
fd:d2:ea:9a:22:99:cb:b5:8a:41:ba:d1:9a:f9:47:
42:0f:1c:37:87:19:0d:5c:01:2f:11:20:1d:bf:12:
d3:7f:bc:81:43:1e:a3:0b:be:26:53:bf:63:dd:59:
46:cb:75:96:05:cf:f8:cb:f5:20:1b:68:1b:47:8b:
ff:63:57:b0:bd:b9:18:dc:32:7f:0e:b8:6d:b1:79:
33:07:3f:97:77:b9:8d:32:83:8e:d7:1b:2d:16:49:
dc:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:9C:47:8C:81:99:A7:C8:65:B4:02:B1:F1:49:01:35:05:59:72:52
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dec4a7df-5727-45ab-92fb-7078e26fd54d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076::/32
Signature Algorithm: sha256WithRSAEncryption
81:52:c5:05:4c:1c:7d:0d:3f:d2:1c:54:d3:e3:71:a8:31:e3:
aa:24:57:e1:55:72:f0:4b:75:23:fa:65:53:16:c3:9b:d2:64:
94:d4:60:7c:77:24:61:8d:b1:06:bf:b9:b1:fd:69:b4:bf:89:
12:bc:c6:a5:80:64:bd:d2:58:c5:39:e4:5d:c6:b9:8c:51:4a:
b2:0c:86:c3:20:bd:94:09:2d:af:07:d5:b1:a1:6c:2e:a1:44:
85:d0:5c:e3:7a:20:4c:42:bb:05:7e:19:91:bd:82:b3:20:28:
99:ec:30:95:fd:c2:ba:e0:be:b9:bf:27:7c:fa:de:a3:3e:3c:
97:83:cc:7d:dc:d7:1d:16:34:bd:b2:5e:22:40:7d:02:0c:7c:
69:bc:cd:58:d9:8e:c1:ea:9e:c0:8a:4a:c5:51:8c:01:61:b5:
31:8c:d3:11:da:a9:52:3c:52:f3:eb:1d:d2:fa:31:18:dd:7c:
a6:4c:52:23:99:2a:a2:15:e1:a7:6d:43:3c:ec:e5:04:b7:69:
9b:d2:be:af:62:92:2a:49:a8:9d:95:36:8c:f0:f4:0a:ef:22:
88:55:5e:c1:1c:c7:f7:94:1e:03:b7:ff:90:60:c7:2d:07:d2:
d2:02:10:07:87:ca:48:25:c9:c5:ba:d0:e9:1e:ff:b9:c5:e2:
7c:86:c9:b6
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUSsHp+DD+sRsIbdR9dAwNTq9bxqcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTEwMTUxMDZaFw0yNjA4MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDg5NDBlNWU2YjJiNjNlNTQ2MDE0MmJlNTIxYWE2YTAzMzM4YjcyNDQ3ZmEx
OGVhMzk2ZDY3NzU3YTI4NjBmZjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMpLXZATDvl3ouPOCqlUo8Dgafy2ckhOroLOZkcNAQZ0z9cSjQv5FnVMmx3t
gt1je7w2mVM0RCDMu/6tFMJxVJdYzzXjWiQ3OI4euZ3Thg0sRDpzaZoX8H28rlcH
1OCnwZ7R9/w6RC+0nDBNSepoeiRoPTQIQibyH2K6EAjxy8mPcdqMDjUP6RcHtTJw
87v81e6GVKcCCUhLfyqln88kwMoG8U3g/dLqmiKZy7WKQbrRmvlHQg8cN4cZDVwB
LxEgHb8S03+8gUMeowu+JlO/Y91ZRst1lgXP+Mv1IBtoG0eL/2NXsL25GNwyfw64
bbF5Mwc/l3e5jTKDjtcbLRZJ3NkCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBRZnEeM
gZmnyGW0ArHxSQE1BVlyUjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGVjNGE3ZGYtNTcyNy00NWFiLTkyZmItNzA3OGUyNmZkNTRkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0HYw
DQYJKoZIhvcNAQELBQADggEBAIFSxQVMHH0NP9IcVNPjcagx46okV+FVcvBLdSP6
ZVMWw5vSZJTUYHx3JGGNsQa/ubH9abS/iRK8xqWAZL3SWMU55F3GuYxRSrIMhsMg
vZQJLa8H1bGhbC6hRIXQXON6IExCuwV+GZG9grMgKJnsMJX9wrrgvrm/J3z63qM+
PJeDzH3c1x0WNL2yXiJAfQIMfGm8zVjZjsHqnsCKSsVRjAFhtTGM0xHaqVI8UvPr
HdL6MRjdfKZMUiOZKqIV4adtQzzs5QS3aZvSvq9ikipJqJ2VNozw9ArvIohVXsEc
x/eUHgO3/5Bgxy0H0tICEAeHykglycW60Oke/7nF4nyGybY=
-----END CERTIFICATE-----
Generated at Tue May 12 23:28:08 2026 by rpki-client