Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e0f2e0c7-6d9c-428b-85e5-6a924e7414db.roa
File: e0f2e0c7-6d9c-428b-85e5-6a924e7414db.roa (raw, json)
Hash identifier: 2iz4f+k7Nis5UXNOXMxtHrBgFsLCCeXZNPBhhTg/Yf4=
Subject key identifier: 37:27:D8:CE:B5:12:8D:10:19:6C:96:62:89:3D:DA:83:D8:B9:1E:8E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4EF3FAD4086D47314FAA4F0F4A6345D15554DF50
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e0f2e0c7-6d9c-428b-85e5-6a924e7414db.roa
Signing time: Mon 04 May 2026 15:21:00 +0000
ROA not before: Mon 04 May 2026 15:21:00 +0000
ROA not after: Sun 02 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:50c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:f3:fa:d4:08:6d:47:31:4f:aa:4f:0f:4a:63:45:d1:55:54:df:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 4 15:21:00 2026 GMT
Not After : Aug 2 23:59:59 2026 GMT
Subject: serialNumber=bdba67d9924b2903032fc344a612bb47c6e9d8e7d81d65d33f6fc8d617781c58, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:45:55:6f:7e:0e:b3:b6:ee:86:e5:4d:db:5c:
5f:e2:55:a5:7a:ba:b8:e5:8b:fe:7a:5e:53:9a:53:
76:a3:3e:2d:1d:47:8b:74:47:40:cd:ac:98:4f:6f:
26:4c:c4:92:93:74:45:62:b4:80:24:af:2c:5f:d1:
29:dd:b5:30:b9:ed:0d:44:08:a4:b4:45:0f:6a:c8:
6d:7c:79:bd:0b:9f:cb:9e:26:6a:00:d5:11:e8:5d:
4f:95:9f:69:41:a9:60:3d:50:8a:39:9e:96:05:f9:
c4:8c:09:cb:f2:d7:7d:ff:6e:2c:72:27:af:32:ed:
3b:36:b5:53:32:72:e9:e8:48:ee:5a:0d:61:e4:d3:
34:78:82:2a:75:66:49:c3:22:ec:e2:93:ec:63:80:
ca:45:4f:2a:c4:7e:7b:1c:05:6d:2e:b8:f0:f2:46:
f9:81:78:78:47:12:60:aa:d5:3f:03:3b:84:e3:9b:
98:0d:e6:20:20:e5:fa:9f:af:db:8d:4e:7e:37:b0:
a1:5a:ff:51:1f:62:75:cf:a8:38:1f:7c:8d:e7:75:
ef:25:2a:1d:6d:d7:07:4b:f5:28:e8:5d:ca:98:3e:
fe:d5:ec:95:73:2f:12:c8:51:4e:f9:b9:67:3f:e9:
9b:fd:f0:c3:04:4f:7a:fa:24:b4:b3:50:9f:c8:4e:
e7:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:27:D8:CE:B5:12:8D:10:19:6C:96:62:89:3D:DA:83:D8:B9:1E:8E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e0f2e0c7-6d9c-428b-85e5-6a924e7414db.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:50c0::/46
Signature Algorithm: sha256WithRSAEncryption
b3:5b:4b:32:7b:aa:70:f8:92:89:53:1b:01:24:91:19:4e:f7:
c0:32:d6:b1:99:5a:45:60:21:81:35:26:c9:e8:4e:9d:58:a9:
c1:cb:e6:94:18:da:31:86:7b:53:8b:1b:3d:61:aa:e2:50:b9:
e7:c1:9e:61:b5:23:5d:46:56:74:84:87:78:64:16:b9:6a:b7:
1c:d5:19:dd:1b:c2:b6:5b:11:72:26:f8:5c:29:bc:87:b4:ed:
50:e8:35:f7:4b:98:f4:a2:f8:81:8c:a0:09:81:2b:39:89:21:
ec:cb:28:04:b2:21:f3:03:36:7a:88:e0:fc:e5:d8:e5:64:40:
7b:d6:a5:7a:0c:a0:08:3c:d0:42:a0:c9:69:4b:f9:10:ba:e9:
01:87:51:96:0e:66:22:b3:4d:fb:37:42:ea:6c:74:51:3b:2a:
27:88:1f:9c:88:30:ef:95:e9:e0:22:7e:8b:50:97:08:d4:82:
f0:74:d9:bd:cb:c2:42:16:18:e1:71:e3:2e:2d:8e:02:73:e3:
7d:0b:9b:13:72:7c:e0:bc:d5:ce:72:c0:95:b4:27:5c:e3:53:
94:65:d4:d8:1f:9d:08:bc:4d:8c:cb:8c:6b:28:21:14:81:5f:
eb:e1:c4:59:9a:cd:73:05:55:c5:99:9e:a2:53:07:98:2d:09:
18:30:97:1a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUTvP61AhtRzFPqk8PSmNF0VVU31AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDQxNTIxMDBaFw0yNjA4MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQGJkYmE2N2Q5OTI0YjI5MDMwMzJmYzM0NGE2MTJiYjQ3YzZlOWQ4ZTdkODFk
NjVkMzNmNmZjOGQ2MTc3ODFjNTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJdFVW9+DrO27oblTdtcX+JVpXq6uOWL/npeU5pTdqM+LR1Hi3RHQM2smE9v
JkzEkpN0RWK0gCSvLF/RKd21MLntDUQIpLRFD2rIbXx5vQufy54magDVEehdT5Wf
aUGpYD1QijmelgX5xIwJy/LXff9uLHInrzLtOza1UzJy6ehI7loNYeTTNHiCKnVm
ScMi7OKT7GOAykVPKsR+exwFbS648PJG+YF4eEcSYKrVPwM7hOObmA3mICDl+p+v
241OfjewoVr/UR9idc+oOB98jed17yUqHW3XB0v1KOhdypg+/tXslXMvEshRTvm5
Zz/pm/3wwwRPevoktLNQn8hO538CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ3J9jO
tRKNEBlslmKJPdqD2LkejjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTBmMmUwYzctNmQ5Yy00MjhiLTg1ZTUtNmE5MjRlNzQxNGRiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HNQ
wDANBgkqhkiG9w0BAQsFAAOCAQEAs1tLMnuqcPiSiVMbASSRGU73wDLWsZlaRWAh
gTUmyehOnVipwcvmlBjaMYZ7U4sbPWGq4lC558GeYbUjXUZWdISHeGQWuWq3HNUZ
3RvCtlsRcib4XCm8h7TtUOg190uY9KL4gYygCYErOYkh7MsoBLIh8wM2eojg/OXY
5WRAe9alegygCDzQQqDJaUv5ELrpAYdRlg5mIrNN+zdC6mx0UTsqJ4gfnIgw75Xp
4CJ+i1CXCNSC8HTZvcvCQhYY4XHjLi2OAnPjfQubE3J84LzVznLAlbQnXONTlGXU
2B+dCLxNjMuMayghFIFf6+HEWZrNcwVVxZmeolMHmC0JGDCXGg==
-----END CERTIFICATE-----
Generated at Wed May 13 00:10:52 2026 by rpki-client