Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8e4adf38-a007-4c0e-8621-1e65a160ad12.roa
File: 8e4adf38-a007-4c0e-8621-1e65a160ad12.roa (raw, json)
Hash identifier: fMJUpOqhK6pZM+yv/G+TimnbGVtJknVfGc+GqVDsegA=
Subject key identifier: 38:34:AB:93:8D:97:0A:02:D9:7E:04:25:8B:7D:45:39:0A:27:86:E3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 54187A242106B5F8CBAC86C51BB7C3AA9BFFD17B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8e4adf38-a007-4c0e-8621-1e65a160ad12.roa
Signing time: Tue 19 May 2026 04:50:04 +0000
ROA not before: Tue 19 May 2026 04:50:04 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:2000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:18:7a:24:21:06:b5:f8:cb:ac:86:c5:1b:b7:c3:aa:9b:ff:d1:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:50:04 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=cad37b9a90450c232ae0ace4181d99d81c802f711713c39a5aeb9f84cdfe5c38, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:f3:92:5f:1e:e1:b2:06:a8:ea:48:ef:41:51:
74:58:a8:04:31:22:5f:f4:48:1b:52:c8:6e:e8:a6:
d7:c7:99:fa:4b:d3:1a:64:58:60:2d:93:09:e3:65:
24:68:d3:fa:72:48:d7:3a:95:c7:7d:e1:3b:30:65:
e7:68:f7:8e:42:9d:a4:bc:88:fd:d7:47:cf:21:e5:
7d:d1:d8:32:d0:76:6c:dc:ce:4f:18:2e:f3:e8:e9:
55:14:c2:21:6f:ce:7f:97:f3:1d:9e:42:95:34:1e:
7f:e7:ee:54:3e:60:64:f4:6d:23:cf:00:2b:27:51:
cd:12:07:83:b6:38:4a:2b:9f:2f:b2:2c:43:f0:88:
fd:a7:20:ea:6c:45:44:54:10:09:e7:6d:e4:dc:9d:
e2:21:2b:c4:fb:46:4f:86:ed:1d:32:0c:a6:83:b0:
6e:78:6d:6a:d4:83:4b:58:c4:7a:67:8f:af:54:dd:
7b:81:74:b5:5f:d4:1b:05:a0:ab:23:fd:ac:ce:28:
1f:83:f4:29:d3:dd:b6:11:c8:13:12:6e:5c:ff:73:
4f:50:9d:05:f2:25:cf:ba:4c:20:b4:f1:94:49:c0:
29:1c:b6:71:a1:72:12:aa:bb:31:4e:02:b4:bd:5c:
80:ca:39:db:b2:a3:6e:d1:db:6a:e8:91:bc:cc:39:
7d:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:34:AB:93:8D:97:0A:02:D9:7E:04:25:8B:7D:45:39:0A:27:86:E3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8e4adf38-a007-4c0e-8621-1e65a160ad12.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:2000::/40
Signature Algorithm: sha256WithRSAEncryption
37:11:b3:3f:ff:b6:63:c5:b2:1a:05:0c:b0:43:98:33:4a:92:
f1:30:c9:7c:0c:4a:98:e5:b2:ab:a8:76:a9:a4:10:1b:c2:b3:
8b:ee:4c:2f:54:66:f5:e9:2e:47:d2:29:a2:01:a0:10:b0:cb:
7e:9f:57:84:98:ed:bc:00:8d:f4:a2:f7:7b:cb:b0:f0:bd:d0:
79:69:1b:e0:a2:ea:3b:ca:dc:38:f2:f2:99:54:a8:8e:5b:a4:
46:90:29:6a:b5:73:71:b4:4a:8f:b0:9d:be:b5:0e:8f:a2:5d:
89:c2:63:37:ba:84:ea:57:00:90:49:46:2e:eb:4f:cf:26:5e:
2e:c9:03:fc:df:bd:81:ef:ed:78:b5:1f:de:e6:5d:c7:16:ae:
6d:0b:42:11:69:91:3d:26:0a:0b:96:48:b6:6b:0e:43:fd:18:
a4:80:bb:ec:24:33:30:cc:3e:18:b2:55:d4:21:04:74:5d:e6:
fb:c3:3b:d9:20:dd:db:39:2d:80:c2:95:da:e7:ee:22:a0:10:
68:bf:d1:df:0c:7c:44:db:4e:2a:de:bf:5f:98:62:3e:5b:ff:
04:ea:d1:19:5c:48:f7:2c:7c:0f:2e:e1:5b:f5:56:93:6b:35:
7f:d7:93:ec:21:9a:ab:fd:6f:de:7a:47:b7:a1:9d:91:9e:73:
31:e7:12:9c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVBh6JCEGtfjLrIbFG7fDqpv/0XswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDUwMDRaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGNhZDM3YjlhOTA0NTBjMjMyYWUwYWNlNDE4MWQ5OWQ4MWM4MDJmNzExNzEz
YzM5YTVhZWI5Zjg0Y2RmZTVjMzgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKjzkl8e4bIGqOpI70FRdFioBDEiX/RIG1LIbuim18eZ+kvTGmRYYC2TCeNl
JGjT+nJI1zqVx33hOzBl52j3jkKdpLyI/ddHzyHlfdHYMtB2bNzOTxgu8+jpVRTC
IW/Of5fzHZ5ClTQef+fuVD5gZPRtI88AKydRzRIHg7Y4SiufL7IsQ/CI/acg6mxF
RFQQCedt5Nyd4iErxPtGT4btHTIMpoOwbnhtatSDS1jEemePr1Tde4F0tV/UGwWg
qyP9rM4oH4P0KdPdthHIExJuXP9zT1CdBfIlz7pMILTxlEnAKRy2caFyEqq7MU4C
tL1cgMo527KjbtHbauiRvMw5fR0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ4NKuT
jZcKAtl+BCWLfUU5CieG4zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGU0YWRmMzgtYTAwNy00YzBlLTg2MjEtMWU2NWExNjBhZDEyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H8g
MA0GCSqGSIb3DQEBCwUAA4IBAQA3EbM//7ZjxbIaBQywQ5gzSpLxMMl8DEqY5bKr
qHappBAbwrOL7kwvVGb16S5H0imiAaAQsMt+n1eEmO28AI30ovd7y7DwvdB5aRvg
ouo7ytw48vKZVKiOW6RGkClqtXNxtEqPsJ2+tQ6Pol2JwmM3uoTqVwCQSUYu60/P
Jl4uyQP8372B7+14tR/e5l3HFq5tC0IRaZE9JgoLlki2aw5D/RikgLvsJDMwzD4Y
slXUIQR0Xeb7wzvZIN3bOS2AwpXa5+4ioBBov9HfDHxE204q3r9fmGI+W/8E6tEZ
XEj3LHwPLuFb9VaTazV/15PsIZqr/W/eeke3oZ2RnnMx5xKc
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:46:17 2026 by rpki-client