Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e082537-6e36-474a-9ff8-b7d3bcaabb64.roa
File: 0e082537-6e36-474a-9ff8-b7d3bcaabb64.roa (raw, json)
Hash identifier: aybDGTOByodLp5Ng6kGBtDb4LUSVCm38x6oVBouG2OA=
Subject key identifier: 7A:07:FC:2A:AF:8A:44:EC:AB:F9:E0:BD:48:78:3E:FA:7C:7E:66:EA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4D55ED547E597292BBA4EA6CDEC361CB95ADC4B4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e082537-6e36-474a-9ff8-b7d3bcaabb64.roa
Signing time: Tue 19 May 2026 05:40:39 +0000
ROA not before: Tue 19 May 2026 05:40:39 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:e000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:55:ed:54:7e:59:72:92:bb:a4:ea:6c:de:c3:61:cb:95:ad:c4:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:40:39 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=f5cc1fe2d3685a9de50b88da4812fe8d4d73db23a9135cf2a5f379082c62eaa3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:82:ad:c1:10:56:f8:6b:34:8a:d6:f3:b6:10:
68:04:a1:5e:b7:a6:cf:d8:7b:01:06:43:99:8a:7e:
34:b3:26:83:63:a7:f6:61:79:cb:60:c6:ec:91:0e:
f4:7d:ca:50:45:a7:1d:d5:16:ab:44:32:01:e3:e2:
97:40:30:66:69:1f:41:11:42:a8:89:ed:84:3c:40:
61:00:02:34:af:60:91:e5:2c:0c:0e:41:80:df:2b:
bc:2a:dc:ef:a4:6c:94:58:aa:6d:1d:0d:44:00:12:
b2:d4:61:1e:8c:bc:58:d8:d7:03:06:aa:7c:76:7e:
81:a1:9c:fd:a6:f3:9a:32:9f:a3:f8:76:3d:6e:f9:
13:bd:37:7b:2f:47:48:91:d9:68:31:e0:a7:77:71:
1d:33:05:0e:1a:be:5b:cd:1e:d7:04:1e:6b:a1:a0:
cb:23:ab:d5:6e:47:d7:cb:32:d2:73:54:59:77:bd:
d7:3c:a6:ea:b5:fc:a1:8a:10:fc:cc:3f:45:5a:ef:
fc:f8:62:3f:8e:e5:39:a0:29:a3:3a:c6:a7:71:d1:
e9:6d:91:aa:1b:bc:af:a7:c8:c0:b3:25:35:d0:cd:
07:8d:96:31:37:bc:5b:b9:1f:e8:e0:1f:e5:66:6f:
e5:9f:53:37:b0:e4:55:94:4d:c7:ba:d7:7b:be:1c:
f2:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:07:FC:2A:AF:8A:44:EC:AB:F9:E0:BD:48:78:3E:FA:7C:7E:66:EA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0e082537-6e36-474a-9ff8-b7d3bcaabb64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:e000::/40
Signature Algorithm: sha256WithRSAEncryption
72:e7:9e:83:35:46:da:ac:17:6c:9b:5a:2b:a6:8d:af:87:02:
48:9b:41:01:a5:29:00:d7:72:58:af:9e:c5:ad:a5:da:5a:a6:
dd:d7:63:32:5b:c7:e2:4e:ce:a3:c1:45:8e:a9:4e:44:de:74:
21:40:bc:ce:89:f0:8b:60:af:33:54:fb:6f:e7:3d:78:dc:d2:
3a:15:3d:b9:66:94:43:3b:d8:59:ef:b9:d9:de:a2:0d:6d:6b:
5a:de:4a:03:66:ba:8e:45:5e:d6:74:ca:ef:0a:df:3f:7d:4d:
d6:68:60:c9:08:f7:90:8c:b2:c8:69:53:99:76:3a:86:71:84:
cd:2e:40:40:15:7e:6d:05:2c:3c:8e:71:21:0e:74:22:0f:14:
12:f7:71:bc:6b:f8:27:ff:5f:81:1b:6e:68:05:d6:e2:a2:89:
c7:1d:f5:a5:0c:2d:b0:f2:af:e4:7e:da:03:01:27:b4:91:0e:
bf:96:88:8a:3a:3b:b1:45:bd:99:d7:bc:5d:b4:f8:0c:01:ca:
dc:57:49:dc:2b:55:c1:22:ec:e9:3c:52:60:70:c1:ce:e1:ce:
a0:f3:a8:8a:08:49:14:6b:98:12:61:66:1f:bc:6d:8f:c7:79:
07:df:3b:a9:da:a0:c8:5a:55:01:92:a3:21:31:9e:bf:b5:9b:
de:44:b9:72
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUTVXtVH5ZcpK7pOps3sNhy5WtxLQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTQwMzlaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGY1Y2MxZmUyZDM2ODVhOWRlNTBiODhkYTQ4MTJmZThkNGQ3M2RiMjNhOTEz
NWNmMmE1ZjM3OTA4MmM2MmVhYTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMqCrcEQVvhrNIrW87YQaAShXremz9h7AQZDmYp+NLMmg2On9mF5y2DG7JEO
9H3KUEWnHdUWq0QyAePil0AwZmkfQRFCqInthDxAYQACNK9gkeUsDA5BgN8rvCrc
76RslFiqbR0NRAASstRhHoy8WNjXAwaqfHZ+gaGc/abzmjKfo/h2PW75E703ey9H
SJHZaDHgp3dxHTMFDhq+W80e1wQea6GgyyOr1W5H18sy0nNUWXe91zym6rX8oYoQ
/Mw/RVrv/PhiP47lOaApozrGp3HR6W2Rqhu8r6fIwLMlNdDNB42WMTe8W7kf6OAf
5WZv5Z9TN7DkVZRNx7rXe74c8isCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR6B/wq
r4pE7Kv54L1IeD76fH5m6jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGUwODI1MzctNmUzNi00NzRhLTlmZjgtYjdkM2JjYWFiYjY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Drg
MA0GCSqGSIb3DQEBCwUAA4IBAQBy556DNUbarBdsm1orpo2vhwJIm0EBpSkA13JY
r57FraXaWqbd12MyW8fiTs6jwUWOqU5E3nQhQLzOifCLYK8zVPtv5z143NI6FT25
ZpRDO9hZ77nZ3qINbWta3koDZrqORV7WdMrvCt8/fU3WaGDJCPeQjLLIaVOZdjqG
cYTNLkBAFX5tBSw8jnEhDnQiDxQS93G8a/gn/1+BG25oBdbioonHHfWlDC2w8q/k
ftoDASe0kQ6/loiKOjuxRb2Z17xdtPgMAcrcV0ncK1XBIuzpPFJgcMHO4c6g86iK
CEkUa5gSYWYfvG2Px3kH3zup2qDIWlUBkqMhMZ6/tZveRLly
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:44:35 2026 by rpki-client