Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/37f8478f-5ef8-4fe5-b9a2-1bbd605a6adf.roa
File: 37f8478f-5ef8-4fe5-b9a2-1bbd605a6adf.roa (raw, json)
Hash identifier: tera5tPixnfowztJ2gkktKyAwhm8iw8t7T1if4WZHVk=
Subject key identifier: 56:AB:D7:52:24:4B:04:0A:94:82:D8:59:FD:10:32:EF:DE:23:10:01
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 41B0916D738FE635FA6499B18F6AD4E0277B9C69
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/37f8478f-5ef8-4fe5-b9a2-1bbd605a6adf.roa
Signing time: Tue 19 May 2026 05:31:03 +0000
ROA not before: Tue 19 May 2026 05:31:03 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:b0:91:6d:73:8f:e6:35:fa:64:99:b1:8f:6a:d4:e0:27:7b:9c:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:31:03 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=8ba1730e6c4b644890817d351e95515794cf8756ae6f0890aa48a5503ae8b911, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:fe:7a:ad:0c:cc:8d:34:be:4b:48:f9:0f:bd:
1e:46:a2:7c:7f:a4:1a:0d:36:cd:17:32:4c:11:92:
93:fc:dc:b6:96:58:3a:64:de:f2:55:cb:5b:ad:54:
f9:6e:19:67:45:e3:23:83:39:6e:65:4f:2f:38:e2:
7a:12:b8:9e:1e:1c:b6:12:20:f9:e8:14:78:e8:4c:
16:96:d1:ec:02:ed:ec:fb:80:6a:95:09:7a:3d:9d:
dc:a5:c2:f3:ef:5e:e9:20:bc:37:d5:f2:09:5a:3b:
88:36:ab:e6:97:2f:fa:9e:7d:fc:38:b4:b0:94:e6:
13:db:2f:c8:11:a3:a0:fd:93:f7:4f:ef:c5:ab:1c:
4b:69:f8:84:26:16:50:da:74:6b:9f:4b:a9:12:d6:
bd:6f:d0:68:95:c0:9d:d4:17:c2:03:e0:8a:4c:1e:
45:98:9c:9c:67:0d:4f:d0:a6:5a:66:63:e8:89:dd:
3e:74:cb:e6:37:31:ec:48:7d:19:11:d8:8d:94:84:
7a:af:d1:57:13:db:0d:2e:d0:6a:bc:b7:cb:b3:96:
88:ea:0f:a9:24:95:8b:ea:2f:3d:3d:89:bf:7d:2e:
a5:f9:69:8d:a0:0e:8b:2a:b2:f7:78:25:12:64:40:
f3:8a:c0:70:bf:ca:73:ac:c6:61:19:47:e0:f4:e4:
38:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:AB:D7:52:24:4B:04:0A:94:82:D8:59:FD:10:32:EF:DE:23:10:01
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/37f8478f-5ef8-4fe5-b9a2-1bbd605a6adf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:8000::/40
Signature Algorithm: sha256WithRSAEncryption
a4:09:4c:f5:e1:ac:59:7a:c4:13:20:f4:a3:02:cf:27:21:ae:
11:79:5a:14:0d:b8:b5:24:ba:9c:a8:d5:e6:05:0f:63:a2:dc:
f2:80:dc:5a:15:0d:69:f5:99:9b:3d:a1:72:03:2e:52:e8:b2:
05:63:61:eb:af:71:90:e5:34:31:5a:3d:d1:52:9c:2a:18:7f:
26:cc:6a:42:19:50:56:c5:98:51:dd:8a:4b:0e:64:82:93:db:
ef:1a:2a:c0:18:ee:74:53:c8:10:1a:e9:b3:68:fe:e7:80:71:
1d:03:5b:18:89:36:c0:aa:76:fb:12:83:b8:c5:6e:f7:24:4e:
2e:72:be:9f:10:79:b1:bc:a1:8f:f3:b4:2a:08:18:6c:e2:a5:
1b:ee:e5:fd:46:26:44:50:0b:62:3f:cd:4d:70:86:5d:28:86:
f0:d7:6d:0c:c9:6d:e0:4b:70:4f:39:42:f9:97:d7:5c:8d:5e:
03:f7:02:bd:1f:97:21:e0:48:7a:72:db:15:3e:af:c6:27:e3:
0d:32:00:4d:59:53:1f:e6:66:e6:d0:e8:19:a2:62:82:72:4b:
52:e1:75:8f:f8:26:aa:24:12:5a:67:97:b6:35:5d:60:c1:b8:
aa:9c:e3:94:f9:38:ff:43:8d:94:1b:28:5b:b8:6e:62:67:06:
b2:c8:74:e3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQbCRbXOP5jX6ZJmxj2rU4Cd7nGkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTMxMDNaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDhiYTE3MzBlNmM0YjY0NDg5MDgxN2QzNTFlOTU1MTU3OTRjZjg3NTZhZTZm
MDg5MGFhNDhhNTUwM2FlOGI5MTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK7+eq0MzI00vktI+Q+9HkaifH+kGg02zRcyTBGSk/zctpZYOmTe8lXLW61U
+W4ZZ0XjI4M5bmVPLzjiehK4nh4cthIg+egUeOhMFpbR7ALt7PuAapUJej2d3KXC
8+9e6SC8N9XyCVo7iDar5pcv+p59/Di0sJTmE9svyBGjoP2T90/vxascS2n4hCYW
UNp0a59LqRLWvW/QaJXAndQXwgPgikweRZicnGcNT9CmWmZj6IndPnTL5jcx7Eh9
GRHYjZSEeq/RVxPbDS7Qary3y7OWiOoPqSSVi+ovPT2Jv30upflpjaAOiyqy93gl
EmRA84rAcL/Kc6zGYRlH4PTkOJ8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRWq9dS
JEsECpSC2Fn9EDLv3iMQATAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzdmODQ3OGYtNWVmOC00ZmU1LWI5YTItMWJiZDYwNWE2YWRmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DaA
MA0GCSqGSIb3DQEBCwUAA4IBAQCkCUz14axZesQTIPSjAs8nIa4ReVoUDbi1JLqc
qNXmBQ9jotzygNxaFQ1p9ZmbPaFyAy5S6LIFY2Hrr3GQ5TQxWj3RUpwqGH8mzGpC
GVBWxZhR3YpLDmSCk9vvGirAGO50U8gQGumzaP7ngHEdA1sYiTbAqnb7EoO4xW73
JE4ucr6fEHmxvKGP87QqCBhs4qUb7uX9RiZEUAtiP81NcIZdKIbw120MyW3gS3BP
OUL5l9dcjV4D9wK9H5ch4Eh6ctsVPq/GJ+MNMgBNWVMf5mbm0OgZomKCcktS4XWP
+CaqJBJaZ5e2NV1gwbiqnOOU+Tj/Q42UGyhbuG5iZwayyHTj
-----END CERTIFICATE-----
Generated at Sat Jun 13 07:59:30 2026 by rpki-client