Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4dc2c958-c749-4f2f-a83c-b419f7f45487.roa
File: 4dc2c958-c749-4f2f-a83c-b419f7f45487.roa (raw, json)
Hash identifier: pyafyLnnOCxTee8VkarbvluDzgjUZEr3UhqnT/CS/WM=
Subject key identifier: 33:A3:05:D2:68:12:C1:2E:CE:37:32:C2:6D:38:FC:F0:BF:1E:66:8F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 04D3A3029077715F3A75DB625FD9DAE3CD7AD473
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4dc2c958-c749-4f2f-a83c-b419f7f45487.roa
Signing time: Tue 19 May 2026 05:20:40 +0000
ROA not before: Tue 19 May 2026 05:20:40 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07a:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:d3:a3:02:90:77:71:5f:3a:75:db:62:5f:d9:da:e3:cd:7a:d4:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:20:40 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=af79966ad173da8049c0e0abf6c15e44d535abdf5e376c976de46f6808c0e001, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:9b:27:e7:28:11:3b:72:69:8c:ab:7a:f4:8e:
ed:09:7f:14:b6:c1:66:f2:2f:f5:10:9e:bd:14:92:
48:23:a3:50:5c:3d:74:aa:a1:12:8b:70:4c:20:52:
7f:e8:51:dd:0d:94:1f:66:92:71:e2:82:ad:33:2d:
c7:c4:f1:d3:56:1c:4f:a9:1d:c7:70:2c:33:09:62:
ba:76:9f:63:2b:88:f3:c1:36:f0:7f:97:29:78:6e:
e3:0b:22:5d:db:c5:32:a9:6c:fd:ce:14:2a:09:d2:
9e:9b:3a:e7:e8:41:ad:dd:cc:36:fc:be:99:97:bf:
5c:24:87:23:a0:93:bc:50:c0:0c:c7:8f:00:a7:04:
7b:60:25:12:2f:cb:c8:bd:2a:45:9e:d1:d1:7c:1c:
ba:42:b8:07:01:5f:98:c1:56:9b:d3:27:c7:d4:f4:
e0:77:c4:35:c4:69:9b:43:25:c9:af:c6:81:1b:71:
63:98:9d:01:20:d5:83:21:95:e2:b5:db:08:f0:2c:
4e:1c:a1:95:cc:a7:7c:df:1f:05:b8:d1:eb:17:3d:
be:cb:2f:45:7a:5d:8e:13:d4:e1:65:9c:a5:2f:15:
28:cf:04:fb:e8:44:2e:59:6a:29:c4:41:8e:01:77:
77:39:c9:93:76:22:49:d3:22:9a:44:2c:cb:a5:22:
11:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:A3:05:D2:68:12:C1:2E:CE:37:32:C2:6D:38:FC:F0:BF:1E:66:8F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4dc2c958-c749-4f2f-a83c-b419f7f45487.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07a:e000::/40
Signature Algorithm: sha256WithRSAEncryption
b6:f3:7e:7d:b0:89:b2:fa:89:17:79:3e:73:2f:82:24:27:7b:
5b:88:56:87:ab:b7:c4:95:6e:c3:c3:ee:ec:a3:5a:0f:ea:6e:
14:78:02:7d:74:4c:66:93:bd:96:ad:c5:82:95:23:c0:f4:97:
24:80:e6:d9:54:52:1c:58:7a:e9:88:b4:00:5b:2a:40:0a:bb:
a7:8b:55:17:e1:83:f2:2e:52:66:ac:21:46:c8:f9:5f:53:29:
df:f8:24:85:7d:af:59:36:22:43:e9:be:e0:23:17:73:bf:d4:
f3:67:aa:78:af:4b:f7:66:0b:6f:d4:c6:30:ab:2a:d1:78:89:
4a:65:80:bf:e0:2f:28:76:69:d6:7c:13:85:18:23:81:38:84:
94:86:8b:eb:f1:9a:5f:44:b9:53:e4:b0:bd:f9:d6:7a:65:fb:
07:11:f4:90:a1:38:a6:bc:7f:1b:1b:05:05:6e:47:42:d6:d4:
e8:c9:d0:8c:1e:28:0a:ac:b3:5a:f8:e4:b5:03:e1:14:a2:3b:
c1:ba:2f:0e:ea:98:c6:d9:5f:3d:49:46:ff:72:03:bc:82:a7:
72:9b:00:3d:bf:48:51:82:aa:26:1b:6b:5e:8c:bc:04:6d:9c:
23:7a:fe:4c:a5:16:a3:de:cf:4d:84:f9:16:d8:be:08:52:70:
e0:cb:30:eb
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUBNOjApB3cV86ddtiX9na48161HMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTIwNDBaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGFmNzk5NjZhZDE3M2RhODA0OWMwZTBhYmY2YzE1ZTQ0ZDUzNWFiZGY1ZTM3
NmM5NzZkZTQ2ZjY4MDhjMGUwMDExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALibJ+coETtyaYyrevSO7Ql/FLbBZvIv9RCevRSSSCOjUFw9dKqhEotwTCBS
f+hR3Q2UH2aSceKCrTMtx8Tx01YcT6kdx3AsMwliunafYyuI88E28H+XKXhu4wsi
XdvFMqls/c4UKgnSnps65+hBrd3MNvy+mZe/XCSHI6CTvFDADMePAKcEe2AlEi/L
yL0qRZ7R0XwcukK4BwFfmMFWm9Mnx9T04HfENcRpm0Mlya/GgRtxY5idASDVgyGV
4rXbCPAsThyhlcynfN8fBbjR6xc9vssvRXpdjhPU4WWcpS8VKM8E++hELllqKcRB
jgF3dznJk3YiSdMimkQsy6UiEf8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQzowXS
aBLBLs43MsJtOPzwvx5mjzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGRjMmM5NTgtYzc0OS00ZjJmLWE4M2MtYjQxOWY3ZjQ1NDg3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hrg
MA0GCSqGSIb3DQEBCwUAA4IBAQC28359sImy+okXeT5zL4IkJ3tbiFaHq7fElW7D
w+7so1oP6m4UeAJ9dExmk72WrcWClSPA9JckgObZVFIcWHrpiLQAWypACruni1UX
4YPyLlJmrCFGyPlfUynf+CSFfa9ZNiJD6b7gIxdzv9TzZ6p4r0v3Zgtv1MYwqyrR
eIlKZYC/4C8odmnWfBOFGCOBOISUhovr8ZpfRLlT5LC9+dZ6ZfsHEfSQoTimvH8b
GwUFbkdC1tToydCMHigKrLNa+OS1A+EUojvBui8O6pjG2V89SUb/cgO8gqdymwA9
v0hRgqomG2tejLwEbZwjev5MpRaj3s9NhPkW2L4IUnDgyzDr
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:00:15 2026 by rpki-client