Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a5c899e-1564-4329-8939-7004d7b754c8.roa
File: 7a5c899e-1564-4329-8939-7004d7b754c8.roa (raw, json)
Hash identifier: j0fW5CtSpjfL2xzwnY+y0ixPts7PMlOp/GzT5fZY5JE=
Subject key identifier: E8:F1:57:DB:6B:37:29:AB:E9:BC:9D:92:8D:82:66:37:45:C8:CF:DC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 414268D2FA32DA3122B42C2D863B9B4F2D3A4D30
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a5c899e-1564-4329-8939-7004d7b754c8.roa
Signing time: Tue 19 May 2026 05:31:02 +0000
ROA not before: Tue 19 May 2026 05:31:02 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:42:68:d2:fa:32:da:31:22:b4:2c:2d:86:3b:9b:4f:2d:3a:4d:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:31:02 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=54f651713977945e35a19ee4d31616df89419f6e6caf2ec83efb41d485859af4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:80:0e:0c:b2:65:30:68:80:fa:f3:eb:e8:67:
b5:4a:41:40:73:74:d9:87:b4:95:69:b8:73:93:9f:
36:d4:83:ec:25:34:ef:34:db:b6:e8:bd:e6:e4:14:
29:31:c1:ad:fd:c1:bc:10:c8:e9:9d:b1:ec:5d:ef:
73:56:60:75:99:5f:88:65:99:63:c5:69:e0:c3:b8:
fe:88:f8:7b:25:23:ff:24:03:9f:08:9f:4b:29:a1:
40:af:d6:1b:e4:5c:d4:78:ea:29:c6:ff:99:22:7f:
73:de:a0:0c:08:b4:06:09:a6:95:54:a0:46:e2:4f:
c7:2f:3a:bc:23:0a:7f:c6:b5:73:3b:d5:4d:e9:3d:
ed:b9:64:a0:e9:59:02:53:39:1e:4e:71:ca:77:b3:
4a:f7:d9:a6:58:95:2b:82:5a:4b:a6:d8:f0:ea:86:
b3:a0:66:88:72:6a:41:47:18:a0:7c:a7:fb:2b:20:
84:6c:6c:8d:07:9a:25:b4:6a:d8:fb:08:3c:a2:39:
27:85:d9:3c:49:c0:81:f0:1a:0c:d0:02:8d:07:59:
22:af:34:2b:54:f2:bc:ab:74:f8:fe:1f:57:b4:15:
e6:15:9a:ad:81:06:e5:a9:8e:a3:3f:11:91:bc:58:
2b:72:2d:8d:f4:a7:cc:4c:0a:5a:b4:a6:53:42:c6:
9f:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:F1:57:DB:6B:37:29:AB:E9:BC:9D:92:8D:82:66:37:45:C8:CF:DC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a5c899e-1564-4329-8939-7004d7b754c8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:9000::/40
Signature Algorithm: sha256WithRSAEncryption
40:37:17:67:39:ea:0b:76:4b:82:24:31:0f:9a:2f:90:f1:0c:
ed:2d:e0:f6:ed:11:83:92:be:1e:6e:6d:ec:16:12:39:1f:75:
f1:52:7f:d6:0c:a1:d4:62:8c:15:a9:fe:72:1c:7c:4b:d8:54:
ef:27:c7:93:60:bb:11:75:8d:e6:69:98:ea:a1:8d:69:65:68:
ca:9e:96:10:1b:d0:5b:00:cc:1d:7c:da:bf:80:de:8b:05:5c:
d6:31:3d:3c:1e:fc:c0:bf:fd:09:3a:4d:09:3b:e6:5c:f7:c2:
60:4f:d0:3c:2d:76:28:ba:ec:63:43:55:82:d3:56:6c:51:44:
69:dc:df:57:25:9f:aa:0f:3f:47:30:fc:04:56:10:1f:0b:d9:
8d:96:d3:6d:12:73:f9:53:1f:52:8f:d9:3c:25:1d:37:12:4c:
b5:74:a7:91:d9:75:c5:45:f6:2a:0c:f4:c7:35:e4:08:7f:e6:
e1:48:c6:57:e0:02:99:44:ba:c1:ee:1e:df:54:85:58:0b:9c:
99:73:fa:67:4c:7c:bb:1a:a5:0c:60:e2:3f:ef:96:31:2f:0a:
65:44:73:54:f3:e6:c1:a8:91:fa:7d:93:cb:3b:93:82:73:23:
2d:b1:00:d2:04:01:d3:b4:1c:e5:a0:cf:cb:9f:78:a6:38:45:
b0:48:39:03
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQUJo0voy2jEitCwthjubTy06TTAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTMxMDJaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDU0ZjY1MTcxMzk3Nzk0NWUzNWExOWVlNGQzMTYxNmRmODk0MTlmNmU2Y2Fm
MmVjODNlZmI0MWQ0ODU4NTlhZjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK6ADgyyZTBogPrz6+hntUpBQHN02Ye0lWm4c5OfNtSD7CU07zTbtui95uQU
KTHBrf3BvBDI6Z2x7F3vc1ZgdZlfiGWZY8Vp4MO4/oj4eyUj/yQDnwifSymhQK/W
G+Rc1HjqKcb/mSJ/c96gDAi0BgmmlVSgRuJPxy86vCMKf8a1czvVTek97blkoOlZ
AlM5Hk5xynezSvfZpliVK4JaS6bY8OqGs6BmiHJqQUcYoHyn+ysghGxsjQeaJbRq
2PsIPKI5J4XZPEnAgfAaDNACjQdZIq80K1TyvKt0+P4fV7QV5hWarYEG5amOoz8R
kbxYK3ItjfSnzEwKWrSmU0LGn2UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTo8Vfb
azcpq+m8nZKNgmY3RcjP3DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2E1Yzg5OWUtMTU2NC00MzI5LTg5MzktNzAwNGQ3Yjc1NGM4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HGQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBANxdnOeoLdkuCJDEPmi+Q8QztLeD27RGDkr4e
bm3sFhI5H3XxUn/WDKHUYowVqf5yHHxL2FTvJ8eTYLsRdY3maZjqoY1pZWjKnpYQ
G9BbAMwdfNq/gN6LBVzWMT08HvzAv/0JOk0JO+Zc98JgT9A8LXYouuxjQ1WC01Zs
UURp3N9XJZ+qDz9HMPwEVhAfC9mNltNtEnP5Ux9Sj9k8JR03Eky1dKeR2XXFRfYq
DPTHNeQIf+bhSMZX4AKZRLrB7h7fVIVYC5yZc/pnTHy7GqUMYOI/75YxLwplRHNU
8+bBqJH6fZPLO5OCcyMtsQDSBAHTtBzloM/Ln3imOEWwSDkD
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:12:59 2026 by rpki-client