Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/93549c76-d7f3-48f4-9e55-b485fec00b13.roa
File: 93549c76-d7f3-48f4-9e55-b485fec00b13.roa (raw, json)
Hash identifier: qgTxe4COya0YgM429/v5gGPaaUrhxPz7qRMuWo9+E3M=
Subject key identifier: F8:3A:F2:74:39:3A:7E:CF:3D:AE:2B:E9:2D:0C:8E:0E:E3:73:71:42
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4581CEF8F02BB92605824A2ABFEF752C99E5D016
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/93549c76-d7f3-48f4-9e55-b485fec00b13.roa
Signing time: Fri 15 May 2026 03:50:08 +0000
ROA not before: Fri 15 May 2026 03:50:08 +0000
ROA not after: Thu 13 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:81:ce:f8:f0:2b:b9:26:05:82:4a:2a:bf:ef:75:2c:99:e5:d0:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 15 03:50:08 2026 GMT
Not After : Aug 13 23:59:59 2026 GMT
Subject: serialNumber=e164d58fd6f029a792c0b4bd45d3f55106decd27ba9122a41193540f58579984, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:2a:a6:00:73:38:81:3b:f4:0d:ed:85:af:10:
b5:bd:dc:51:26:08:4b:c8:22:d3:59:6d:09:27:c4:
bf:0d:9a:ab:73:80:86:37:0e:2b:8a:eb:8b:37:4c:
ce:78:76:ea:33:7b:58:9a:be:17:ec:6a:43:69:95:
2d:a3:8b:21:67:f7:43:e3:1f:44:39:1c:b1:9a:59:
c4:75:bd:87:38:3e:40:a2:9c:ae:23:de:7b:d9:89:
b9:c6:2b:4f:f9:15:d1:d5:4f:87:5c:44:15:3a:fc:
87:12:eb:6c:b3:f7:ff:ce:6c:0b:ac:ed:80:f6:0d:
9d:89:b5:57:87:b9:64:f6:3a:52:52:3f:e0:18:c1:
f8:0e:7e:eb:fe:9b:3b:5d:80:67:63:9b:cc:39:3b:
88:72:67:ca:c8:b2:2b:81:31:f7:60:c1:55:71:43:
f9:8b:0b:52:a9:cd:8d:a9:70:e4:88:bd:b4:3f:75:
03:81:33:c9:53:60:63:4f:e9:f7:52:67:6b:13:72:
12:1c:5a:c5:f8:be:a5:59:e2:cc:96:4f:c8:e6:55:
f6:c0:e9:a6:ad:4b:44:90:f7:72:b2:fd:68:b1:fb:
54:7d:50:a2:4f:ed:50:6d:86:8b:31:a1:8e:1d:e2:
0c:ec:24:7d:6c:62:e7:45:2c:07:74:dd:f3:97:4c:
74:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:3A:F2:74:39:3A:7E:CF:3D:AE:2B:E9:2D:0C:8E:0E:E3:73:71:42
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/93549c76-d7f3-48f4-9e55-b485fec00b13.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:a000::/40
Signature Algorithm: sha256WithRSAEncryption
31:f7:9a:a4:ed:ca:ea:83:04:01:8a:22:c8:8c:2a:03:df:86:
6f:15:11:9d:0b:ce:5b:a0:8a:6f:ec:10:92:be:de:f8:74:b0:
ed:e9:ea:40:49:9e:32:ef:37:99:b2:86:80:25:6a:a5:b9:56:
26:1b:42:33:c8:5a:d2:ef:d3:eb:da:bb:3b:2a:52:08:20:df:
c2:7a:99:d3:04:af:c6:59:2b:86:c7:8e:50:95:2c:e7:17:92:
ef:90:2f:e1:51:b3:97:c4:e8:75:b8:27:63:99:33:5a:64:9d:
5e:41:5c:5f:68:f4:b9:38:ae:90:75:36:6f:ec:ba:87:76:cc:
f4:43:d9:79:a2:c2:73:08:4f:ac:41:02:03:d6:76:8b:87:c1:
94:72:4b:2e:f2:be:c5:15:e8:03:bb:ce:d3:4b:83:8d:b0:a9:
e3:04:5f:a3:df:78:7e:cb:41:44:cc:b1:6e:df:8e:2e:e2:be:
49:02:1c:4d:bb:ca:c9:91:d2:6e:9f:69:6d:a5:d8:9b:e4:4a:
25:5b:c5:4f:56:05:d4:9a:5a:5d:95:a6:af:3d:fd:69:be:8c:
ef:11:b4:2e:5f:e6:77:fd:c0:1e:dd:c0:f1:cc:23:c2:b2:89:
65:b2:12:61:25:43:2e:ef:02:ea:a9:7e:fe:f6:5c:22:22:59:
e5:1d:d6:84
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURYHO+PAruSYFgkoqv+91LJnl0BYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTUwMzUwMDhaFw0yNjA4MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGUxNjRkNThmZDZmMDI5YTc5MmMwYjRiZDQ1ZDNmNTUxMDZkZWNkMjdiYTkx
MjJhNDExOTM1NDBmNTg1Nzk5ODQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK4qpgBzOIE79A3tha8Qtb3cUSYIS8gi01ltCSfEvw2aq3OAhjcOK4rrizdM
znh26jN7WJq+F+xqQ2mVLaOLIWf3Q+MfRDkcsZpZxHW9hzg+QKKcriPee9mJucYr
T/kV0dVPh1xEFTr8hxLrbLP3/85sC6ztgPYNnYm1V4e5ZPY6UlI/4BjB+A5+6/6b
O12AZ2ObzDk7iHJnysiyK4Ex92DBVXFD+YsLUqnNjalw5Ii9tD91A4EzyVNgY0/p
91JnaxNyEhxaxfi+pVnizJZPyOZV9sDppq1LRJD3crL9aLH7VH1Qok/tUG2GizGh
jh3iDOwkfWxi50UsB3Td85dMdCUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT4OvJ0
OTp+zz2uK+ktDI4O43NxQjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTM1NDljNzYtZDdmMy00OGY0LTllNTUtYjQ4NWZlYzAwYjEzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hug
MA0GCSqGSIb3DQEBCwUAA4IBAQAx95qk7crqgwQBiiLIjCoD34ZvFRGdC85boIpv
7BCSvt74dLDt6epASZ4y7zeZsoaAJWqluVYmG0IzyFrS79Pr2rs7KlIIIN/CepnT
BK/GWSuGx45QlSznF5LvkC/hUbOXxOh1uCdjmTNaZJ1eQVxfaPS5OK6QdTZv7LqH
dsz0Q9l5osJzCE+sQQID1naLh8GUcksu8r7FFegDu87TS4ONsKnjBF+j33h+y0FE
zLFu344u4r5JAhxNu8rJkdJun2ltpdib5EolW8VPVgXUmlpdlaavPf1pvozvEbQu
X+Z3/cAe3cDxzCPCsollshJhJUMu7wLqqX7+9lwiIlnlHdaE
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:11:44 2026 by rpki-client