Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4cf83881-74f7-4033-977b-362e08e8d6d2.roa
File: 4cf83881-74f7-4033-977b-362e08e8d6d2.roa (raw, json)
Hash identifier: hlJRmlhnRCJht6qQHwNR5vPUhw1p3gHrUS+kkwOumAc=
Subject key identifier: F8:7C:98:16:47:4B:13:76:BE:CA:98:A2:72:2D:6C:13:48:1E:1A:D8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 024D38AC020A80EC2E24BF75A88F2DC21385F7EC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4cf83881-74f7-4033-977b-362e08e8d6d2.roa
Signing time: Sun 17 May 2026 02:10:08 +0000
ROA not before: Sun 17 May 2026 02:10:08 +0000
ROA not after: Sat 15 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:840::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:4d:38:ac:02:0a:80:ec:2e:24:bf:75:a8:8f:2d:c2:13:85:f7:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 17 02:10:08 2026 GMT
Not After : Aug 15 23:59:59 2026 GMT
Subject: serialNumber=fad537f5bb29c557521a85717c826413a90b25b25d6fdba7a0917faca07d8ffb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:ca:71:d1:ec:d3:f8:99:94:6f:20:15:68:87:
53:d0:5f:61:de:8d:ff:e0:22:47:f5:2a:5f:02:f7:
66:db:a0:21:f0:20:24:94:8b:19:f1:7d:0b:1c:0f:
84:f9:05:5e:ee:13:46:19:f6:3d:39:b1:0d:d6:df:
73:c3:14:00:e9:49:c6:3b:4e:7b:18:4c:b1:b9:6a:
44:74:7d:64:b7:5e:84:55:93:cd:91:b2:a7:4a:e0:
3f:19:0b:50:84:38:80:85:07:c2:68:53:97:a4:c6:
37:24:79:d6:cd:5a:a3:5c:ea:af:4d:05:cd:08:1b:
ef:5b:66:92:fe:86:61:cf:d2:bf:81:32:82:ad:70:
e9:37:5b:5b:8d:49:6e:4a:50:6c:f5:a1:04:98:3a:
88:0f:f6:d6:8b:54:c8:bf:0f:1d:b0:b1:52:b6:ad:
f8:e2:8d:d1:5e:c3:be:51:64:c0:76:96:70:2b:13:
67:00:57:d7:de:2c:52:65:a0:db:6b:90:db:cb:f9:
03:c3:2d:1a:87:f5:6f:75:71:18:76:bb:44:5f:a5:
d4:04:c2:e1:c5:8a:58:72:6a:86:46:fb:0a:07:70:
28:90:f9:05:bc:55:01:ad:4d:5a:e7:39:9c:7a:ed:
44:43:7a:25:80:41:0d:f7:3c:5e:7e:f9:07:22:5a:
2d:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:7C:98:16:47:4B:13:76:BE:CA:98:A2:72:2D:6C:13:48:1E:1A:D8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4cf83881-74f7-4033-977b-362e08e8d6d2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:840::/48
Signature Algorithm: sha256WithRSAEncryption
a1:f5:6c:a9:c5:e1:12:c4:d1:b3:d4:29:d8:8c:80:4f:84:83:
90:44:79:60:3a:65:01:d0:25:db:d5:dc:ff:17:d4:89:e3:7f:
4c:a9:ef:04:08:4d:96:08:1e:36:5f:18:86:1b:bc:23:23:bd:
ec:0e:c7:77:8d:c8:6d:8c:59:41:26:5d:35:cd:0a:ba:ae:b3:
10:f9:c9:f3:b7:f7:bd:2b:a1:04:29:b8:22:e1:97:82:44:5c:
87:05:dc:e7:a6:01:cd:3e:91:2f:7c:92:68:21:57:84:10:a6:
9c:a3:39:35:dc:0e:c8:a3:5f:1f:06:a1:0c:c1:21:d9:dd:22:
47:16:3e:2b:51:6d:4a:93:46:85:30:27:b5:72:4a:2c:b8:7d:
b8:b4:4a:99:38:77:a7:56:8f:9a:8e:cc:01:7d:74:c1:06:01:
ca:fb:e2:6f:36:c6:d0:2f:e3:bc:c7:0f:4b:ff:89:41:2e:5b:
e3:a5:51:e1:16:59:f8:60:fe:52:53:25:c8:1c:da:d4:81:ff:
79:68:25:b2:c6:f2:7a:0a:e9:e1:b3:e5:f2:48:93:2b:d7:3a:
9f:fb:32:14:4a:ef:17:1c:f7:9f:6c:3a:1a:ac:e0:b3:fb:53:
76:8c:68:26:57:19:65:ef:db:e5:93:76:1e:b1:de:a3:8e:0c:
4a:92:af:93
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUAk04rAIKgOwuJL91qI8twhOF9+wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTcwMjEwMDhaFw0yNjA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGZhZDUzN2Y1YmIyOWM1NTc1MjFhODU3MTdjODI2NDEzYTkwYjI1YjI1ZDZm
ZGJhN2EwOTE3ZmFjYTA3ZDhmZmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALvKcdHs0/iZlG8gFWiHU9BfYd6N/+AiR/UqXwL3ZtugIfAgJJSLGfF9CxwP
hPkFXu4TRhn2PTmxDdbfc8MUAOlJxjtOexhMsblqRHR9ZLdehFWTzZGyp0rgPxkL
UIQ4gIUHwmhTl6TGNyR51s1ao1zqr00FzQgb71tmkv6GYc/Sv4Eygq1w6TdbW41J
bkpQbPWhBJg6iA/21otUyL8PHbCxUrat+OKN0V7DvlFkwHaWcCsTZwBX194sUmWg
22uQ28v5A8MtGof1b3VxGHa7RF+l1ATC4cWKWHJqhkb7CgdwKJD5BbxVAa1NWuc5
nHrtREN6JYBBDfc8Xn75ByJaLZUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT4fJgW
R0sTdr7KmKJyLWwTSB4a2DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGNmODM4ODEtNzRmNy00MDMzLTk3N2ItMzYyZTA4ZThkNmQyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HII
QDANBgkqhkiG9w0BAQsFAAOCAQEAofVsqcXhEsTRs9Qp2IyAT4SDkER5YDplAdAl
29Xc/xfUieN/TKnvBAhNlggeNl8Yhhu8IyO97A7Hd43IbYxZQSZdNc0Kuq6zEPnJ
87f3vSuhBCm4IuGXgkRchwXc56YBzT6RL3ySaCFXhBCmnKM5NdwOyKNfHwahDMEh
2d0iRxY+K1FtSpNGhTAntXJKLLh9uLRKmTh3p1aPmo7MAX10wQYByvvibzbG0C/j
vMcPS/+JQS5b46VR4RZZ+GD+UlMlyBza1IH/eWglssbyegrp4bPl8kiTK9c6n/sy
FErvFxz3n2w6Gqzgs/tTdoxoJlcZZe/b5ZN2HrHeo44MSpKvkw==
-----END CERTIFICATE-----
Generated at Sat Jun 13 13:43:01 2026 by rpki-client