Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/08e9f311-ee3f-4a72-94cd-4b4eeae736f4.roa
File: 08e9f311-ee3f-4a72-94cd-4b4eeae736f4.roa (raw, json)
Hash identifier: QdTLpyKwC20/e9XeEywSOMz23AqNfPYPexHxdy8HpjU=
Subject key identifier: 71:4D:37:0A:37:73:20:70:A7:78:43:89:15:79:7D:24:71:94:F9:5B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 47B33DD074F4F92D056B3AC8DA26995795EE3529
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/08e9f311-ee3f-4a72-94cd-4b4eeae736f4.roa
Signing time: Sat 16 May 2026 00:40:06 +0000
ROA not before: Sat 16 May 2026 00:40:06 +0000
ROA not after: Fri 14 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:b000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:b3:3d:d0:74:f4:f9:2d:05:6b:3a:c8:da:26:99:57:95:ee:35:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 16 00:40:06 2026 GMT
Not After : Aug 14 23:59:59 2026 GMT
Subject: serialNumber=b2e24d02ed8718e16903ff16924a2e15ef626e7d564e265645fcf7a41f1b3698, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:d3:0f:58:e9:dc:59:1c:13:3d:8b:db:e1:48:
b3:39:76:5b:08:f5:70:cb:ae:0c:e2:23:0a:20:2c:
0e:28:c7:ba:87:76:54:84:c4:36:65:01:65:54:50:
3d:8c:d9:9e:3d:96:61:62:4b:dc:b8:3e:f4:5e:b9:
74:0c:34:50:a2:85:c9:3e:39:93:36:3d:35:b1:72:
7e:c2:04:9d:1d:5f:f0:56:92:c3:d1:32:46:74:ab:
5c:51:76:e8:4c:74:b5:8a:73:86:7c:25:e7:6f:f0:
dc:a2:7b:15:92:f2:28:80:08:77:27:fc:01:69:f3:
a7:3b:67:0b:fc:94:b1:a5:6d:6c:70:f3:a1:3e:65:
5a:7c:db:ff:33:a3:9d:ae:8b:ac:e5:c0:bb:74:75:
c6:47:e0:94:a1:e9:87:59:57:92:64:f0:ad:d7:c4:
41:cc:40:d2:0f:a8:49:02:e3:e2:01:bd:82:c1:d8:
e7:c0:e1:69:93:c5:d3:f6:d3:8e:6c:21:35:69:1d:
fb:6a:2c:f3:16:b8:ae:6f:ea:50:1e:21:6d:54:8c:
7e:14:e3:42:13:5c:e8:d3:bf:a5:50:13:8d:a1:e3:
35:c2:02:08:ca:43:af:bc:13:54:ff:61:5d:28:6b:
54:fc:77:a7:a7:c1:24:a0:db:45:61:11:43:e3:77:
92:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:4D:37:0A:37:73:20:70:A7:78:43:89:15:79:7D:24:71:94:F9:5B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/08e9f311-ee3f-4a72-94cd-4b4eeae736f4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:b000::/40
Signature Algorithm: sha256WithRSAEncryption
50:0a:0e:d0:b4:63:9c:ca:32:93:08:9f:42:78:43:94:c2:d0:
3d:1a:a8:b8:98:6d:13:6b:f8:e3:f1:8c:69:93:67:32:8b:63:
11:eb:c4:9e:f0:46:ca:4c:f6:74:64:31:9a:33:28:31:c8:10:
a0:a7:e6:80:ad:a0:c4:4d:8f:83:b8:52:31:36:ba:a2:d3:b2:
d4:c0:c0:86:8a:3e:7a:00:84:43:45:a1:ed:ca:5f:cb:6c:b3:
ef:64:40:8f:18:58:7d:aa:03:93:a1:f8:96:53:e9:98:e8:fb:
07:c4:cd:af:34:84:e2:be:7e:f2:74:a4:55:1f:66:4c:be:15:
44:0b:4e:c5:b0:7f:ee:07:92:43:9a:c4:5a:c7:19:60:9b:03:
d3:eb:0f:9b:3a:9a:f8:ed:0f:96:3e:b2:40:46:ff:06:1f:d5:
50:6c:75:04:ee:8b:ab:9a:6c:a6:e2:5e:0d:dc:06:b0:85:65:
21:b2:eb:d4:22:a6:74:cb:fd:a3:41:cc:c8:4c:ef:9c:4b:ec:
1d:3c:10:7b:1b:e9:5e:f7:ed:15:44:78:42:95:ff:90:27:4e:
02:3b:8d:7f:78:57:de:3f:c2:f6:9d:45:c7:ea:96:1c:b9:7f:
be:9a:34:63:87:8b:0d:58:ae:c9:ab:95:3b:ac:7b:6d:a8:9f:
10:1e:27:76
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUR7M90HT0+S0FazrI2iaZV5XuNSkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTYwMDQwMDZaFw0yNjA4MTQyMzU5NTlaMHoxSTBHBgNV
BAUTQGIyZTI0ZDAyZWQ4NzE4ZTE2OTAzZmYxNjkyNGEyZTE1ZWY2MjZlN2Q1NjRl
MjY1NjQ1ZmNmN2E0MWYxYjM2OTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALXTD1jp3FkcEz2L2+FIszl2Wwj1cMuuDOIjCiAsDijHuod2VITENmUBZVRQ
PYzZnj2WYWJL3Lg+9F65dAw0UKKFyT45kzY9NbFyfsIEnR1f8FaSw9EyRnSrXFF2
6Ex0tYpzhnwl52/w3KJ7FZLyKIAIdyf8AWnzpztnC/yUsaVtbHDzoT5lWnzb/zOj
na6LrOXAu3R1xkfglKHph1lXkmTwrdfEQcxA0g+oSQLj4gG9gsHY58DhaZPF0/bT
jmwhNWkd+2os8xa4rm/qUB4hbVSMfhTjQhNc6NO/pVATjaHjNcICCMpDr7wTVP9h
XShrVPx3p6fBJKDbRWERQ+N3ktcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRxTTcK
N3MgcKd4Q4kVeX0kcZT5WzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDhlOWYzMTEtZWUzZi00YTcyLTk0Y2QtNGI0ZWVhZTczNmY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DWw
MA0GCSqGSIb3DQEBCwUAA4IBAQBQCg7QtGOcyjKTCJ9CeEOUwtA9Gqi4mG0Ta/jj
8Yxpk2cyi2MR68Se8EbKTPZ0ZDGaMygxyBCgp+aAraDETY+DuFIxNrqi07LUwMCG
ij56AIRDRaHtyl/LbLPvZECPGFh9qgOTofiWU+mY6PsHxM2vNITivn7ydKRVH2ZM
vhVEC07FsH/uB5JDmsRaxxlgmwPT6w+bOpr47Q+WPrJARv8GH9VQbHUE7ourmmym
4l4N3AawhWUhsuvUIqZ0y/2jQczITO+cS+wdPBB7G+le9+0VRHhClf+QJ04CO41/
eFfeP8L2nUXH6pYcuX++mjRjh4sNWK7Jq5U7rHttqJ8QHid2
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:11:56 2026 by rpki-client