Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7c14cb3-24d5-4890-8889-cb7c26338a6d.roa
File: f7c14cb3-24d5-4890-8889-cb7c26338a6d.roa (raw, json)
Hash identifier: 2CKd8LKIl36Yff1gIyZx/LqJQIzAu2XDKa/ARyMA7U4=
Subject key identifier: 7C:03:09:53:AF:78:40:8E:F6:93:85:CA:AB:77:A2:D6:DD:96:DE:37
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 76257D87A73FD540CC2FB873AA576FAF61537BA7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7c14cb3-24d5-4890-8889-cb7c26338a6d.roa
Signing time: Mon 11 May 2026 01:50:52 +0000
ROA not before: Mon 11 May 2026 01:50:52 +0000
ROA not after: Sun 09 Aug 2026 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d030:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:25:7d:87:a7:3f:d5:40:cc:2f:b8:73:aa:57:6f:af:61:53:7b:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 11 01:50:52 2026 GMT
Not After : Aug 9 23:59:59 2026 GMT
Subject: serialNumber=4d521c85e37b95260bace80b94254c7b76adc84690c4ebb4e9ba26003c3d6af5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:23:50:6a:91:27:8c:d9:86:32:8b:15:66:1d:
8e:3e:62:41:1a:ee:98:8d:cb:2b:fc:9e:77:7a:c7:
f5:95:f4:a0:68:06:1e:f8:50:03:af:4b:23:f9:97:
a2:ff:0c:61:99:58:de:d1:0c:a4:cb:62:a4:c6:7d:
28:ae:65:75:38:e2:0b:ce:e1:3e:5d:b6:12:f5:a4:
d1:db:f9:3b:6f:71:e2:d2:05:1a:cd:0f:94:03:36:
70:3f:e8:34:14:26:99:3f:d8:e2:91:78:c6:f3:a7:
03:86:36:cc:98:53:e3:2c:c2:d2:74:7e:28:dc:b5:
4d:73:27:b8:89:16:72:b7:d5:d4:94:59:db:78:2a:
9b:09:3a:03:65:22:da:05:7c:2f:f6:4c:64:dd:9a:
4e:34:53:75:ed:22:a7:15:5a:8d:91:a1:ed:c7:8b:
10:2f:58:dd:a1:aa:1e:0e:06:82:45:e9:2c:b0:fe:
f7:29:9c:f9:e5:07:08:72:12:f2:17:f0:4c:dc:19:
a9:0f:51:1f:10:61:be:a0:cf:56:38:71:96:36:c9:
88:54:0b:43:b2:28:24:a6:6e:3f:d1:2a:ac:a1:27:
89:c8:0a:03:90:26:23:64:2b:3f:04:d5:69:0a:e9:
7b:87:1c:6b:1e:fb:20:c1:4f:63:0e:f6:f2:9f:41:
fa:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:03:09:53:AF:78:40:8E:F6:93:85:CA:AB:77:A2:D6:DD:96:DE:37
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7c14cb3-24d5-4890-8889-cb7c26338a6d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:e000::/40
Signature Algorithm: sha256WithRSAEncryption
80:e1:cf:ea:c3:d5:e6:a0:58:ed:ce:60:69:35:69:28:87:46:
b8:4f:6d:80:8c:87:78:73:64:c6:a4:4c:23:cf:93:77:46:31:
6a:83:49:a8:75:3b:a0:99:2b:0c:8d:66:8d:b8:70:9d:2d:4f:
74:d6:be:ee:76:43:f1:78:2d:33:95:8f:55:ec:3d:1b:31:98:
82:34:5e:42:00:ba:be:db:ea:29:8a:82:80:bf:b9:0b:24:d3:
f6:fa:ce:d5:c7:70:8c:3a:e1:61:5b:7f:71:1f:67:85:5a:c8:
0e:07:b8:89:6e:e5:12:eb:df:6d:3a:40:53:93:bc:80:03:3a:
23:85:da:a5:6c:72:7a:97:28:fc:76:2e:7a:4c:a9:91:46:69:
ae:a9:81:af:a4:48:55:80:3f:94:97:06:dd:5e:ef:20:8e:f6:
ff:79:06:c9:c5:59:32:5e:81:8a:e3:56:e6:88:92:fe:be:60:
d0:e8:ae:a5:82:60:0d:f5:54:cd:63:93:f3:79:49:fe:d4:b4:
f3:cc:fd:6b:23:a2:4c:16:ca:99:58:12:f1:65:7e:e4:f6:de:
b9:32:aa:de:a8:c4:39:5e:dd:1c:e6:45:2c:5b:a9:8f:49:a3:
81:03:bc:7b:3b:f2:79:dd:3a:52:8a:3b:d2:83:37:71:8b:14:
a3:b5:21:38
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdiV9h6c/1UDML7hzqldvr2FTe6cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTEwMTUwNTJaFw0yNjA4MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDRkNTIxYzg1ZTM3Yjk1MjYwYmFjZTgwYjk0MjU0YzdiNzZhZGM4NDY5MGM0
ZWJiNGU5YmEyNjAwM2MzZDZhZjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI4jUGqRJ4zZhjKLFWYdjj5iQRrumI3LK/yed3rH9ZX0oGgGHvhQA69LI/mX
ov8MYZlY3tEMpMtipMZ9KK5ldTjiC87hPl22EvWk0dv5O29x4tIFGs0PlAM2cD/o
NBQmmT/Y4pF4xvOnA4Y2zJhT4yzC0nR+KNy1TXMnuIkWcrfV1JRZ23gqmwk6A2Ui
2gV8L/ZMZN2aTjRTde0ipxVajZGh7ceLEC9Y3aGqHg4GgkXpLLD+9ymc+eUHCHIS
8hfwTNwZqQ9RHxBhvqDPVjhxljbJiFQLQ7IoJKZuP9EqrKEnicgKA5AmI2QrPwTV
aQrpe4ccax77IMFPYw728p9B+qkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR8AwlT
r3hAjvaThcqrd6LW3ZbeNzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjdjMTRjYjMtMjRkNS00ODkwLTg4ODktY2I3YzI2MzM4YTZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DDg
MA0GCSqGSIb3DQEBCwUAA4IBAQCA4c/qw9XmoFjtzmBpNWkoh0a4T22AjId4c2TG
pEwjz5N3RjFqg0modTugmSsMjWaNuHCdLU901r7udkPxeC0zlY9V7D0bMZiCNF5C
ALq+2+opioKAv7kLJNP2+s7Vx3CMOuFhW39xH2eFWsgOB7iJbuUS699tOkBTk7yA
AzojhdqlbHJ6lyj8di56TKmRRmmuqYGvpEhVgD+UlwbdXu8gjvb/eQbJxVkyXoGK
41bmiJL+vmDQ6K6lgmAN9VTNY5PzeUn+1LTzzP1rI6JMFsqZWBLxZX7k9t65Mqre
qMQ5Xt0c5kUsW6mPSaOBA7x7O/J53TpSijvSgzdxixSjtSE4
-----END CERTIFICATE-----
Generated at Tue May 12 22:23:11 2026 by rpki-client