Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b0f19cc-b646-49d7-a134-8b1c2659541a.roa
File: 4b0f19cc-b646-49d7-a134-8b1c2659541a.roa (raw, json)
Hash identifier: x6iIqp7jm1yWCavbbZflrsw1GcHdHb6iI4oLNeAqDnA=
Subject key identifier: 83:F4:2C:5F:66:D6:32:AC:96:0D:38:B1:2F:AE:AB:93:4C:76:8D:A0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 722664B8428185C47949CB2C26FE98E7F030EFE1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b0f19cc-b646-49d7-a134-8b1c2659541a.roa
Signing time: Mon 27 Apr 2026 00:30:15 +0000
ROA not before: Mon 27 Apr 2026 00:30:15 +0000
ROA not after: Sun 26 Jul 2026 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d06d:80c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Apr 2026 14:21:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:26:64:b8:42:81:85:c4:79:49:cb:2c:26:fe:98:e7:f0:30:ef:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 27 00:30:15 2026 GMT
Not After : Jul 26 23:59:59 2026 GMT
Subject: serialNumber=765e7097bebc8071d7fce042de04ec1ead0ea45c3c105f963b3bdf4ef9bd6981, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:f4:e1:23:e7:da:f6:52:c5:a8:1e:41:e7:b6:
c1:33:bc:d2:9a:44:ae:14:07:da:f4:53:26:7c:28:
74:a1:de:7e:d5:88:77:b1:19:b5:7b:46:b8:c7:f0:
ce:6f:13:79:51:d0:8d:c1:f4:f6:ab:5f:a7:00:4e:
40:ce:d9:9a:80:50:80:13:80:4e:1c:66:b0:9b:15:
b8:13:9f:65:3c:71:0a:b8:3c:d5:02:f6:16:ab:28:
fd:0c:c7:33:de:eb:51:2e:97:69:a3:00:79:44:89:
b8:3d:8f:18:5c:34:bc:75:9e:6d:01:7e:41:bc:cc:
7a:be:c8:a8:27:cc:a7:bc:24:dc:a6:7f:87:27:af:
03:a9:59:d8:a2:f3:10:a6:13:c4:1a:32:cc:d8:58:
1f:2e:1c:28:e0:ee:ac:ef:10:6a:5b:fe:34:86:99:
f2:1f:5c:39:9b:f2:2c:2a:9d:40:db:c6:00:ae:fa:
ca:3d:20:f6:62:b2:aa:9d:86:bf:bc:23:91:17:5b:
d5:a7:c7:39:95:4e:13:7a:51:42:56:c5:ee:ac:ca:
4a:7a:f7:8a:9d:fd:23:7f:b7:40:6a:d0:9b:c7:31:
a9:c5:ad:61:cb:62:e2:6f:67:a1:b7:29:0e:7d:a9:
c4:f4:fd:79:51:3e:26:57:9a:c5:42:94:e8:db:53:
9d:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:F4:2C:5F:66:D6:32:AC:96:0D:38:B1:2F:AE:AB:93:4C:76:8D:A0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b0f19cc-b646-49d7-a134-8b1c2659541a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:80c0::/48
Signature Algorithm: sha256WithRSAEncryption
28:c0:e0:74:71:ad:b0:dd:8b:44:bd:4c:44:a7:a8:91:75:73:
c8:b9:62:9c:f0:90:b0:0c:54:fe:f5:c4:83:5d:6f:30:c4:41:
f2:2a:6e:2e:5b:ee:17:04:49:4a:a7:75:53:0e:a1:d2:75:6b:
a5:84:06:43:b3:89:a1:b7:d4:1d:be:cc:0a:45:2e:32:3e:c8:
41:fe:c8:07:3e:06:68:0f:22:b0:10:81:2a:08:9c:da:d4:66:
3e:21:9b:b8:08:c8:f7:49:56:ff:6d:96:28:a2:26:4c:13:a2:
c1:fc:e1:de:78:8c:c2:2e:0f:1d:a2:fb:65:68:05:7e:26:21:
22:63:22:81:42:1c:9a:aa:6d:5e:a1:31:d8:c9:4a:72:dc:13:
d8:1f:40:e0:ca:09:2e:6c:27:73:f1:ac:48:15:ee:8a:19:6a:
28:b0:80:20:e9:21:ac:db:bf:4d:ee:9e:44:7a:2d:9f:f2:64:
1d:7d:82:d0:58:ae:b5:7d:28:56:e9:9b:a6:d3:33:77:21:af:
19:9a:70:91:0f:a6:0e:70:05:37:03:19:35:e5:e5:21:61:d1:
28:1e:d2:63:a8:ab:67:44:28:6b:b5:bf:b2:52:88:94:b9:3a:
ee:12:c2:97:57:eb:52:05:ab:78:ee:35:3b:e9:c8:41:32:80:
3f:3a:4a:72
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUciZkuEKBhcR5ScssJv6Y5/Aw7+EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA0MjcwMDMwMTVaFw0yNjA3MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDc2NWU3MDk3YmViYzgwNzFkN2ZjZTA0MmRlMDRlYzFlYWQwZWE0NWMzYzEw
NWY5NjNiM2JkZjRlZjliZDY5ODExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANP04SPn2vZSxageQee2wTO80ppErhQH2vRTJnwodKHeftWId7EZtXtGuMfw
zm8TeVHQjcH09qtfpwBOQM7ZmoBQgBOAThxmsJsVuBOfZTxxCrg81QL2Fqso/QzH
M97rUS6XaaMAeUSJuD2PGFw0vHWebQF+QbzMer7IqCfMp7wk3KZ/hyevA6lZ2KLz
EKYTxBoyzNhYHy4cKODurO8Qalv+NIaZ8h9cOZvyLCqdQNvGAK76yj0g9mKyqp2G
v7wjkRdb1afHOZVOE3pRQlbF7qzKSnr3ip39I3+3QGrQm8cxqcWtYcti4m9nobcp
Dn2pxPT9eVE+JleaxUKU6NtTnQ0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSD9Cxf
ZtYyrJYNOLEvrquTTHaNoDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGIwZjE5Y2MtYjY0Ni00OWQ3LWExMzQtOGIxYzI2NTk1NDFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0G2A
wDANBgkqhkiG9w0BAQsFAAOCAQEAKMDgdHGtsN2LRL1MRKeokXVzyLlinPCQsAxU
/vXEg11vMMRB8ipuLlvuFwRJSqd1Uw6h0nVrpYQGQ7OJobfUHb7MCkUuMj7IQf7I
Bz4GaA8isBCBKgic2tRmPiGbuAjI90lW/22WKKImTBOiwfzh3niMwi4PHaL7ZWgF
fiYhImMigUIcmqptXqEx2MlKctwT2B9A4MoJLmwnc/GsSBXuihlqKLCAIOkhrNu/
Te6eRHotn/JkHX2C0FiutX0oVumbptMzdyGvGZpwkQ+mDnAFNwMZNeXlIWHRKB7S
Y6irZ0Qoa7W/slKIlLk67hLCl1frUgWreO41O+nIQTKAPzpKcg==
-----END CERTIFICATE-----
Generated at Tue Apr 28 19:33:54 2026 by rpki-client