Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4875c926-8b00-4b21-bffa-08659e5c223d.roa
File: 4875c926-8b00-4b21-bffa-08659e5c223d.roa (raw, json)
Hash identifier: xl4ppTGaQB0+p13tawUcCuXtCfecUB1sxgI0Gf6SMD4=
Subject key identifier: 5E:31:9E:08:3E:6D:C4:B9:35:3F:2A:B0:1B:54:FE:C3:F0:74:45:9E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1B76A08ADBCA8076A92AC0652A52738870532E89
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4875c926-8b00-4b21-bffa-08659e5c223d.roa
Signing time: Fri 15 May 2026 02:20:06 +0000
ROA not before: Fri 15 May 2026 02:20:06 +0000
ROA not after: Thu 13 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:1000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:76:a0:8a:db:ca:80:76:a9:2a:c0:65:2a:52:73:88:70:53:2e:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 15 02:20:06 2026 GMT
Not After : Aug 13 23:59:59 2026 GMT
Subject: serialNumber=afa7eb19bb81b8cb880e9b1fee158b7107fb364d58b9309530beb50f0b2f9475, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:19:64:e8:80:57:45:9e:1f:72:c5:a8:ea:b1:
1e:30:03:62:33:2f:2c:9f:40:fc:9f:62:a0:1e:7b:
d0:64:2b:ad:5a:85:71:cf:36:12:4e:8f:b0:18:38:
fb:bc:19:8d:c2:cd:89:d4:20:f5:75:3c:8b:53:e7:
55:62:b8:c3:fa:7a:f5:44:ca:2b:e7:09:7c:75:33:
1e:6a:95:37:31:21:5d:78:6a:fb:85:23:ec:97:74:
6b:59:2b:23:32:ce:3f:43:bf:09:81:2e:85:31:9c:
bf:be:79:61:ef:c7:44:4c:61:60:89:45:c1:7b:d6:
5f:e4:92:7d:e0:b2:0b:24:76:60:2a:5e:4f:80:f6:
60:49:42:12:eb:40:53:48:b7:78:2e:f5:66:61:0c:
d8:a1:06:77:eb:18:63:f5:2d:4c:59:6a:f0:33:98:
08:24:4a:7c:a0:08:80:c9:c6:bc:86:ba:dc:75:68:
37:30:76:2d:8a:da:ba:31:61:d5:48:1d:e5:ab:ec:
69:01:60:49:d8:93:43:28:90:04:43:59:a0:af:ab:
88:7f:42:1e:c6:1b:e3:59:63:61:38:7f:67:24:bc:
c6:0e:03:99:0f:ee:67:87:6c:2c:82:72:fc:31:3d:
cd:f9:0e:2d:fd:22:a2:f4:d0:6c:a3:22:c6:e0:98:
1e:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:31:9E:08:3E:6D:C4:B9:35:3F:2A:B0:1B:54:FE:C3:F0:74:45:9E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4875c926-8b00-4b21-bffa-08659e5c223d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:1000::/40
Signature Algorithm: sha256WithRSAEncryption
18:1b:22:e7:40:aa:aa:57:0e:b8:59:fc:ff:32:e4:60:ce:59:
64:9e:92:23:6b:6a:42:ff:83:5f:37:bc:78:80:69:e9:a1:16:
5a:bd:4d:be:b7:f0:09:3a:d5:d0:d3:99:2d:f0:24:8d:2a:3b:
01:d5:8d:22:a1:87:cf:42:4e:45:e8:4c:52:8e:e7:a2:68:c8:
a3:8c:9f:b7:7d:fd:24:4e:94:9c:9f:1a:82:e5:07:63:a3:13:
07:d5:37:81:c6:a8:d3:0c:86:59:05:65:f1:d4:ba:84:41:c0:
80:a7:b5:4d:84:d0:f5:23:d4:b0:2a:3b:52:36:69:28:f2:c5:
3d:87:98:53:39:a6:bd:24:80:65:bd:89:a4:b6:02:28:1c:87:
8b:4f:57:99:21:5b:97:00:a3:9b:9c:b2:ef:6c:dc:6d:ed:1f:
17:2f:1d:b2:ee:70:10:cc:fb:a3:63:41:5d:89:33:09:af:55:
93:98:10:17:cd:64:44:b8:0f:3d:b4:34:a5:b6:58:45:ae:19:
2e:8f:9f:d3:da:72:24:a1:f6:af:33:b3:ae:36:92:94:4f:ee:
ba:c2:de:3e:96:4f:fc:89:d4:57:63:d9:36:4e:ef:47:a3:3d:
c0:06:a5:2d:6d:e6:51:6f:d3:78:b9:7a:12:25:79:23:eb:5a:
ac:58:4c:bb
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUG3agitvKgHapKsBlKlJziHBTLokwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTUwMjIwMDZaFw0yNjA4MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGFmYTdlYjE5YmI4MWI4Y2I4ODBlOWIxZmVlMTU4YjcxMDdmYjM2NGQ1OGI5
MzA5NTMwYmViNTBmMGIyZjk0NzUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANAZZOiAV0WeH3LFqOqxHjADYjMvLJ9A/J9ioB570GQrrVqFcc82Ek6PsBg4
+7wZjcLNidQg9XU8i1PnVWK4w/p69UTKK+cJfHUzHmqVNzEhXXhq+4Uj7Jd0a1kr
IzLOP0O/CYEuhTGcv755Ye/HRExhYIlFwXvWX+SSfeCyCyR2YCpeT4D2YElCEutA
U0i3eC71ZmEM2KEGd+sYY/UtTFlq8DOYCCRKfKAIgMnGvIa63HVoNzB2LYraujFh
1Ugd5avsaQFgSdiTQyiQBENZoK+riH9CHsYb41ljYTh/ZyS8xg4DmQ/uZ4dsLIJy
/DE9zfkOLf0iovTQbKMixuCYHqMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBReMZ4I
Pm3EuTU/KrAbVP7D8HRFnjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDg3NWM5MjYtOGIwMC00YjIxLWJmZmEtMDg2NTllNWMyMjNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HYQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAYGyLnQKqqVw64Wfz/MuRgzllknpIja2pC/4Nf
N7x4gGnpoRZavU2+t/AJOtXQ05kt8CSNKjsB1Y0ioYfPQk5F6ExSjueiaMijjJ+3
ff0kTpScnxqC5QdjoxMH1TeBxqjTDIZZBWXx1LqEQcCAp7VNhND1I9SwKjtSNmko
8sU9h5hTOaa9JIBlvYmktgIoHIeLT1eZIVuXAKObnLLvbNxt7R8XLx2y7nAQzPuj
Y0FdiTMJr1WTmBAXzWREuA89tDSltlhFrhkuj5/T2nIkofavM7OuNpKUT+66wt4+
lk/8idRXY9k2Tu9Hoz3ABqUtbeZRb9N4uXoSJXkj61qsWEy7
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:24:23 2026 by rpki-client