Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e4b6eaee-12a7-4a5f-8dc1-7ff775f5a967.roa
File: e4b6eaee-12a7-4a5f-8dc1-7ff775f5a967.roa (raw, json)
Hash identifier: f7/W3bs5G89xYbCcjx3/bTVe4FUqHJmVBYPmY5Uf+aU=
Subject key identifier: DD:6E:F9:F1:F3:A1:3C:58:8E:26:DC:27:BF:03:4D:BE:D1:E8:50:B1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 424E0DA3D42E04CE8720C76707D9A939DC9F9108
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e4b6eaee-12a7-4a5f-8dc1-7ff775f5a967.roa
Signing time: Sat 02 May 2026 01:30:25 +0000
ROA not before: Sat 02 May 2026 01:30:25 +0000
ROA not after: Fri 31 Jul 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06a:880::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:4e:0d:a3:d4:2e:04:ce:87:20:c7:67:07:d9:a9:39:dc:9f:91:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 2 01:30:25 2026 GMT
Not After : Jul 31 23:59:59 2026 GMT
Subject: serialNumber=09c027a42eae749fc681feaa8fe0d5c25f660f71dc62bda763a3c8fbc9f277e3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:2a:2e:e6:1e:4c:d4:3d:24:a2:32:d5:ac:81:
ff:5c:ff:b5:a3:c0:d2:cb:f0:37:13:1e:74:4f:2c:
a3:5e:94:6b:2b:8b:98:9e:dc:cd:57:4b:02:b1:2d:
0e:ad:91:72:b9:2f:88:a8:6d:70:48:80:d3:10:a7:
1b:03:bd:6c:84:80:21:89:54:17:d1:c5:51:63:43:
b0:91:a6:1d:b9:a0:e7:c8:8c:25:a4:45:36:38:49:
06:ad:bd:88:1b:cd:d3:94:70:d5:f1:90:56:dd:dd:
8f:96:bb:8d:35:8e:ee:0b:98:35:c4:2b:d3:fe:ed:
ef:c7:61:35:7c:b3:d0:8a:1c:82:e4:c6:c3:0b:a9:
f1:76:49:ce:a9:8d:09:1e:cd:01:87:bf:0e:84:02:
02:48:53:ab:1b:5e:0b:ab:ac:fe:81:20:eb:7f:43:
28:d3:f2:d8:7b:d4:93:40:47:6d:40:c6:a7:4e:4e:
41:1a:20:8a:e1:86:31:b4:d0:e2:e6:bc:56:85:15:
b2:8e:92:34:e4:90:54:27:53:ec:f6:79:f8:3e:e4:
71:c5:e9:02:e6:a3:58:18:34:cc:27:bb:a6:48:a4:
2a:a0:7f:80:01:42:c3:28:d2:4b:10:4a:a7:5d:d5:
32:3a:76:7b:af:7d:e7:64:b0:64:89:bc:f6:95:1a:
bc:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:6E:F9:F1:F3:A1:3C:58:8E:26:DC:27:BF:03:4D:BE:D1:E8:50:B1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e4b6eaee-12a7-4a5f-8dc1-7ff775f5a967.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06a:880::/48
Signature Algorithm: sha256WithRSAEncryption
ca:83:4e:f1:9f:b7:23:14:71:99:bc:87:e7:3a:e9:a5:2f:d5:
20:b5:2c:10:57:52:07:26:a0:df:d3:ee:ce:56:08:4d:7f:17:
35:dd:db:f6:16:a3:fb:56:9a:e8:21:c1:eb:c5:10:32:dc:a1:
e5:cb:e1:ba:c8:12:ae:b3:f3:d1:37:af:9f:da:94:23:6d:7f:
aa:da:6a:c2:6d:46:e3:29:75:40:47:4f:dc:af:00:93:64:88:
b1:32:59:28:34:63:db:00:dc:34:f7:07:60:04:0c:64:d5:20:
e4:10:e8:cb:81:c8:b0:a4:91:2e:f9:50:93:2f:6a:49:7f:ad:
86:c9:3f:3d:74:05:e2:2b:8a:5b:6f:a4:4d:bf:21:cf:d6:f8:
2a:42:91:3e:00:39:8c:58:19:ff:fc:fd:5d:53:dc:bb:7f:a7:
5b:f9:3b:93:46:1c:bd:f0:4b:70:89:ff:ec:d5:0d:d1:9a:3c:
ea:b0:6a:aa:43:e4:42:5d:30:fb:fb:6e:d6:6e:35:21:5d:b3:
57:6f:e9:18:fc:e6:0e:23:48:a4:51:dd:c5:ca:f4:37:64:62:
3c:f6:9a:f0:c2:29:3d:3e:d6:82:92:a2:0c:9f:19:86:03:ce:
0f:d0:af:b6:56:74:13:d2:24:0a:d2:32:5e:8b:67:80:a9:a9:
fb:0c:b4:1c
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUQk4No9QuBM6HIMdnB9mpOdyfkQgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDIwMTMwMjVaFw0yNjA3MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDA5YzAyN2E0MmVhZTc0OWZjNjgxZmVhYThmZTBkNWMyNWY2NjBmNzFkYzYy
YmRhNzYzYTNjOGZiYzlmMjc3ZTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL0qLuYeTNQ9JKIy1ayB/1z/taPA0svwNxMedE8so16UayuLmJ7czVdLArEt
Dq2RcrkviKhtcEiA0xCnGwO9bISAIYlUF9HFUWNDsJGmHbmg58iMJaRFNjhJBq29
iBvN05Rw1fGQVt3dj5a7jTWO7guYNcQr0/7t78dhNXyz0IocguTGwwup8XZJzqmN
CR7NAYe/DoQCAkhTqxteC6us/oEg639DKNPy2HvUk0BHbUDGp05OQRogiuGGMbTQ
4ua8VoUVso6SNOSQVCdT7PZ5+D7kccXpAuajWBg0zCe7pkikKqB/gAFCwyjSSxBK
p13VMjp2e69952SwZIm89pUavC0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTdbvnx
86E8WI4m3Ce/A02+0ehQsTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTRiNmVhZWUtMTJhNy00YTVmLThkYzEtN2ZmNzc1ZjVhOTY3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0GoI
gDANBgkqhkiG9w0BAQsFAAOCAQEAyoNO8Z+3IxRxmbyH5zrppS/VILUsEFdSByag
39PuzlYITX8XNd3b9haj+1aa6CHB68UQMtyh5cvhusgSrrPz0Tevn9qUI21/qtpq
wm1G4yl1QEdP3K8Ak2SIsTJZKDRj2wDcNPcHYAQMZNUg5BDoy4HIsKSRLvlQky9q
SX+thsk/PXQF4iuKW2+kTb8hz9b4KkKRPgA5jFgZ//z9XVPcu3+nW/k7k0YcvfBL
cIn/7NUN0Zo86rBqqkPkQl0w+/tu1m41IV2zV2/pGPzmDiNIpFHdxcr0N2RiPPaa
8MIpPT7WgpKiDJ8ZhgPOD9CvtlZ0E9IkCtIyXotngKmp+wy0HA==
-----END CERTIFICATE-----
Generated at Tue May 12 23:12:34 2026 by rpki-client