Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8e492412-994d-4c48-a29e-9082ebce3349.roa
File: 8e492412-994d-4c48-a29e-9082ebce3349.roa (raw, json)
Hash identifier: wNiodtRkTxB5+vzv2N0SoreBWc1hQZvwLlYpgISDPt4=
Subject key identifier: 73:57:36:6B:F9:9D:FF:98:FD:3A:FF:35:85:D7:39:28:AE:FA:47:3F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 76D6F8DE91C43AC459241F776EC1ECB25A96C922
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8e492412-994d-4c48-a29e-9082ebce3349.roa
Signing time: Tue 19 May 2026 04:40:57 +0000
ROA not before: Tue 19 May 2026 04:40:57 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07a:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:d6:f8:de:91:c4:3a:c4:59:24:1f:77:6e:c1:ec:b2:5a:96:c9:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:40:57 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=fa8660221a4c54143ecebdb0b2789f5ed5a64e2c450c4d1d9606574c5d219e2e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:4c:ff:da:75:c1:9a:d3:3d:d5:fa:be:bf:d2:
68:d3:d1:c8:cd:e8:1b:57:fd:5e:0a:df:9c:02:42:
dc:c1:0a:78:5d:65:52:18:58:35:04:1d:75:8a:16:
5d:6a:07:43:d0:ab:59:b1:ad:0f:b5:f0:1f:e6:16:
12:d4:ff:ba:ef:a7:7b:32:c8:e4:bc:76:f1:a8:1b:
6d:75:9e:78:68:02:5f:23:bf:02:65:70:66:c8:17:
71:8c:18:f7:c6:b7:82:1c:cb:9a:4a:0f:b4:59:fd:
b5:4a:60:c0:ff:ad:16:cd:e1:58:78:ab:3d:4d:e3:
19:f9:32:29:53:86:ee:ee:8d:e7:5e:87:ed:70:29:
a1:45:3c:01:d3:2f:2d:82:2c:4d:56:88:4b:8a:2b:
0d:2d:3f:dc:08:41:3c:62:c4:16:10:f0:6b:07:de:
25:fa:2c:b4:fa:c9:2e:02:8e:f1:2d:be:f9:79:6b:
1f:3e:a4:9b:3a:30:ba:f7:93:bf:9d:6a:8c:03:58:
0e:b7:80:93:bd:79:fa:9d:ae:15:03:4b:8a:95:93:
36:10:9b:cf:5d:ae:6b:51:07:37:51:7d:bd:c5:0b:
9b:73:ca:7c:38:19:19:bf:1c:f8:86:1a:7f:46:cc:
a3:fd:3f:3a:ff:c0:93:61:93:69:3b:2b:a7:d5:a4:
55:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:57:36:6B:F9:9D:FF:98:FD:3A:FF:35:85:D7:39:28:AE:FA:47:3F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8e492412-994d-4c48-a29e-9082ebce3349.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07a:8000::/40
Signature Algorithm: sha256WithRSAEncryption
49:31:90:43:15:6b:9c:fb:68:9d:0a:f5:da:cb:36:a3:0a:34:
2b:5f:8e:36:5c:1e:8f:49:67:2b:fa:02:1d:bf:f2:b2:6b:bd:
78:d0:6d:1e:1c:c6:e8:a0:4f:d4:91:e0:3b:ce:c4:d1:05:f3:
4c:63:23:4f:c0:9c:fc:cb:e7:70:cf:46:dd:0f:3d:c2:5c:7e:
ee:a8:03:a6:36:e6:b9:a6:a5:0d:d1:16:39:0e:d4:ab:ca:1e:
81:64:74:3a:92:cf:ee:e5:35:86:76:14:53:bb:33:de:fc:71:
83:fe:fd:21:e9:01:fa:6e:ca:1e:bd:10:ef:5b:3a:b2:85:b0:
d3:de:95:8c:0b:27:48:9e:1e:db:e4:42:57:d5:96:08:08:a2:
16:0b:69:17:a1:3d:85:a7:69:31:2b:9c:ac:fa:e6:bd:94:70:
7c:3e:de:56:ba:e9:4c:40:5b:3f:75:38:ae:47:99:0d:94:7e:
50:eb:53:25:58:e4:81:81:0b:c8:02:84:39:62:7c:9f:e0:07:
62:53:98:e5:fc:80:fe:f0:c7:fa:03:dd:9f:19:34:6a:49:ca:
81:cd:48:52:8a:54:46:36:df:3e:3d:2e:e1:21:7b:a6:5d:ef:
1a:54:cc:03:96:0e:e5:8c:f8:a9:e6:32:f4:c5:1a:39:20:52:
6a:85:6a:72
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdtb43pHEOsRZJB93bsHsslqWySIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDQwNTdaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGZhODY2MDIyMWE0YzU0MTQzZWNlYmRiMGIyNzg5ZjVlZDVhNjRlMmM0NTBj
NGQxZDk2MDY1NzRjNWQyMTllMmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ9M/9p1wZrTPdX6vr/SaNPRyM3oG1f9XgrfnAJC3MEKeF1lUhhYNQQddYoW
XWoHQ9CrWbGtD7XwH+YWEtT/uu+nezLI5Lx28agbbXWeeGgCXyO/AmVwZsgXcYwY
98a3ghzLmkoPtFn9tUpgwP+tFs3hWHirPU3jGfkyKVOG7u6N516H7XApoUU8AdMv
LYIsTVaIS4orDS0/3AhBPGLEFhDwawfeJfostPrJLgKO8S2++XlrHz6kmzowuveT
v51qjANYDreAk715+p2uFQNLipWTNhCbz12ua1EHN1F9vcULm3PKfDgZGb8c+IYa
f0bMo/0/Ov/Ak2GTaTsrp9WkVXUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRzVzZr
+Z3/mP06/zWF1zkorvpHPzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGU0OTI0MTItOTk0ZC00YzQ4LWEyOWUtOTA4MmViY2UzMzQ5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HqA
MA0GCSqGSIb3DQEBCwUAA4IBAQBJMZBDFWuc+2idCvXayzajCjQrX442XB6PSWcr
+gIdv/Kya7140G0eHMbooE/UkeA7zsTRBfNMYyNPwJz8y+dwz0bdDz3CXH7uqAOm
Nua5pqUN0RY5DtSryh6BZHQ6ks/u5TWGdhRTuzPe/HGD/v0h6QH6bsoevRDvWzqy
hbDT3pWMCydInh7b5EJX1ZYICKIWC2kXoT2Fp2kxK5ys+ua9lHB8Pt5WuulMQFs/
dTiuR5kNlH5Q61MlWOSBgQvIAoQ5Ynyf4AdiU5jl/ID+8Mf6A92fGTRqScqBzUhS
ilRGNt8+PS7hIXumXe8aVMwDlg7ljPip5jL0xRo5IFJqhWpy
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:45:09 2026 by rpki-client