Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b520f2f-7fc0-41af-8c53-ec0675aa83d0.roa
File: 4b520f2f-7fc0-41af-8c53-ec0675aa83d0.roa (raw, json)
Hash identifier: 8ra3P0xDeGnVqYJLuITcfn6M4zUyVv1wxseCYqI740I=
Subject key identifier: 86:D7:C0:5C:55:62:02:0B:CD:8B:4B:03:C3:82:A6:F5:F7:4D:23:07
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 05F49D67913A8C122728F02515CB3D25FB9850AD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b520f2f-7fc0-41af-8c53-ec0675aa83d0.roa
Signing time: Tue 19 May 2026 04:50:56 +0000
ROA not before: Tue 19 May 2026 04:50:56 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06d:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:f4:9d:67:91:3a:8c:12:27:28:f0:25:15:cb:3d:25:fb:98:50:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:50:56 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=d493cedd392340d66dab318818b45d777c33281ef8e5d207d79c59bdf11fb8c9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:e6:15:5c:08:b8:55:9a:d6:a4:0d:22:db:e4:
a6:00:de:ca:ff:36:ec:71:da:61:e5:8f:10:59:5d:
ac:71:4c:a4:6d:e0:b7:a1:19:d9:67:83:75:3a:47:
5c:ab:d7:38:9d:05:b9:85:2e:8b:74:1a:ff:07:91:
1d:f7:a6:a8:8a:5c:4b:7f:e6:df:e6:55:f1:bf:d6:
12:cb:df:0f:47:70:d5:de:72:ea:38:18:8d:ee:a6:
4b:a6:cd:7d:09:f1:07:a7:b1:f2:55:7c:b6:8d:70:
dd:87:46:bb:f5:d8:e1:1a:1c:a2:11:fb:4d:b9:1f:
c9:12:c9:ec:70:39:58:87:4c:dd:c4:13:6a:f1:4c:
59:44:46:fa:6b:65:19:a0:51:d7:51:db:e5:16:23:
29:05:66:ad:0f:e7:87:38:93:f1:df:f5:86:45:2b:
72:60:d8:ac:16:00:6d:e8:36:ab:23:8c:a7:5d:6e:
81:30:53:ae:11:3e:9a:86:5f:c1:3c:43:c2:0d:5b:
d0:24:63:c1:5c:66:d8:ef:c6:7f:2a:22:49:f0:41:
a2:f9:79:74:23:05:15:37:98:52:87:30:9e:7c:26:
55:99:66:c9:1f:c6:76:ee:89:fc:09:3f:4e:67:fe:
aa:a3:73:7f:04:20:3e:f9:09:c3:b0:68:bc:d8:50:
2c:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:D7:C0:5C:55:62:02:0B:CD:8B:4B:03:C3:82:A6:F5:F7:4D:23:07
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b520f2f-7fc0-41af-8c53-ec0675aa83d0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:e000::/40
Signature Algorithm: sha256WithRSAEncryption
a4:85:4a:2d:f2:75:ad:09:31:24:ba:a4:33:1f:ea:b4:33:60:
26:43:37:15:05:8e:4a:10:ed:4f:ad:16:57:24:32:23:09:15:
97:c9:c5:de:15:d3:ea:20:64:53:3d:a1:68:c4:3f:ee:80:0a:
ee:6b:8c:a1:38:8c:3a:b6:9f:8d:76:8e:f2:be:4e:73:f0:30:
c5:0c:29:9c:c7:16:d1:40:d4:e9:eb:c0:a1:8e:30:0d:10:0f:
8e:bf:47:72:d7:fe:dc:31:00:80:b6:34:6f:00:90:dd:bd:bd:
ed:31:86:3e:d7:02:ac:f8:1a:7c:4e:40:6d:03:3c:01:5e:21:
6b:35:b8:c8:9a:e1:ac:1e:82:63:ca:7d:fd:7d:ef:13:97:7d:
86:f6:4e:a2:a8:49:a3:37:ce:4c:2c:9d:c8:8a:0f:2b:d1:82:
16:cd:a8:eb:04:e1:26:e5:c3:32:59:4a:ef:f1:48:72:3c:72:
ee:6b:74:7a:95:fe:e5:bc:e5:8c:21:5e:27:82:40:f6:dd:98:
e6:0c:aa:bb:52:91:bf:58:13:9b:bc:0a:68:85:3a:60:35:77:
4f:99:bf:ca:36:c2:6e:e9:53:06:be:98:ae:ee:ea:41:6a:34:
2f:22:dd:ec:33:a3:27:29:72:ed:75:05:07:56:9b:c2:54:35:
58:03:1e:8d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUBfSdZ5E6jBInKPAlFcs9JfuYUK0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDUwNTZaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ0OTNjZWRkMzkyMzQwZDY2ZGFiMzE4ODE4YjQ1ZDc3N2MzMzI4MWVmOGU1
ZDIwN2Q3OWM1OWJkZjExZmI4YzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO3mFVwIuFWa1qQNItvkpgDeyv827HHaYeWPEFldrHFMpG3gt6EZ2WeDdTpH
XKvXOJ0FuYUui3Qa/weRHfemqIpcS3/m3+ZV8b/WEsvfD0dw1d5y6jgYje6mS6bN
fQnxB6ex8lV8to1w3YdGu/XY4RocohH7TbkfyRLJ7HA5WIdM3cQTavFMWURG+mtl
GaBR11Hb5RYjKQVmrQ/nhziT8d/1hkUrcmDYrBYAbeg2qyOMp11ugTBTrhE+moZf
wTxDwg1b0CRjwVxm2O/GfyoiSfBBovl5dCMFFTeYUocwnnwmVZlmyR/Gdu6J/Ak/
Tmf+qqNzfwQgPvkJw7BovNhQLJUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSG18Bc
VWICC82LSwPDgqb1900jBzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGI1MjBmMmYtN2ZjMC00MWFmLThjNTMtZWMwNjc1YWE4M2QwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G3g
MA0GCSqGSIb3DQEBCwUAA4IBAQCkhUot8nWtCTEkuqQzH+q0M2AmQzcVBY5KEO1P
rRZXJDIjCRWXycXeFdPqIGRTPaFoxD/ugArua4yhOIw6tp+Ndo7yvk5z8DDFDCmc
xxbRQNTp68ChjjANEA+Ov0dy1/7cMQCAtjRvAJDdvb3tMYY+1wKs+Bp8TkBtAzwB
XiFrNbjImuGsHoJjyn39fe8Tl32G9k6iqEmjN85MLJ3Iig8r0YIWzajrBOEm5cMy
WUrv8UhyPHLua3R6lf7lvOWMIV4ngkD23ZjmDKq7UpG/WBObvApohTpgNXdPmb/K
NsJu6VMGvpiu7upBajQvIt3sM6MnKXLtdQUHVpvCVDVYAx6N
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:11:46 2026 by rpki-client