Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/595250c3-e9f2-4e23-9779-87c47497f520.roa
File: 595250c3-e9f2-4e23-9779-87c47497f520.roa (raw, json)
Hash identifier: G3wqtSiAAB7hcytjbK0Q1ZtIUOWxm8CFHw/raPxSENE=
Subject key identifier: EC:CE:FC:57:F4:0D:25:37:DC:64:60:2C:13:CD:C6:53:8F:6F:39:70
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 307B86A692256F9E356FC0141B6E67E0A1DFFA8B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/595250c3-e9f2-4e23-9779-87c47497f520.roa
Signing time: Tue 19 May 2026 04:50:24 +0000
ROA not before: Tue 19 May 2026 04:50:24 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 May 2026 14:09:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:7b:86:a6:92:25:6f:9e:35:6f:c0:14:1b:6e:67:e0:a1:df:fa:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:50:24 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=234bb3fdc729283312cd89106ec3354739ea59dbb85436da78da728fc310550a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:c7:1e:c2:26:81:aa:7f:b2:27:f7:90:49:10:
60:54:b8:ff:c4:44:8a:86:76:2a:fe:51:3b:71:ab:
47:85:a0:d0:51:9c:f8:cd:eb:fd:35:73:23:55:60:
d7:83:df:ac:36:97:f0:3c:d1:70:df:bc:13:35:0e:
0c:f8:6b:08:7a:73:26:12:1c:f4:ee:f2:50:aa:c5:
3e:ca:9e:d4:09:0a:f1:6c:c7:44:a0:65:2d:28:21:
89:87:29:5e:48:c7:08:3a:fc:54:00:42:ae:89:83:
ec:32:eb:fd:96:83:9a:ec:72:e6:29:a0:8d:80:1d:
8f:4b:76:7d:b8:64:7d:e9:69:84:2f:6e:cf:39:69:
78:25:2b:f8:e3:56:6e:ac:f2:6e:c7:94:78:d8:d4:
68:e0:ca:cd:47:12:68:43:50:98:ea:da:7a:29:4f:
1f:ab:3c:15:ad:bc:f3:e3:cc:da:df:1c:f9:7a:81:
e2:f8:57:7b:28:2b:e8:f5:40:3c:e9:e8:ab:1f:7e:
19:5b:9a:44:f8:5a:23:f8:4f:ee:16:3a:73:ca:49:
a6:17:eb:cc:e3:aa:7d:e4:b3:f1:98:26:3a:11:c4:
76:d6:c1:66:b8:62:e5:d9:12:8b:c2:af:a4:aa:22:
0c:40:83:40:37:7e:d4:96:59:1c:6e:93:08:fe:bd:
9e:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:CE:FC:57:F4:0D:25:37:DC:64:60:2C:13:CD:C6:53:8F:6F:39:70
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/595250c3-e9f2-4e23-9779-87c47497f520.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:5000::/40
Signature Algorithm: sha256WithRSAEncryption
93:cc:46:22:cb:63:37:ab:d0:ae:44:1f:42:bb:d5:7d:9c:e0:
79:dd:06:ba:95:32:aa:94:8c:2f:12:af:1f:a5:f1:fc:a9:21:
8f:98:81:62:e3:39:fc:76:25:ff:ca:d4:3a:30:11:05:78:d3:
80:a3:05:69:d2:8f:c1:05:d2:8c:a6:9d:bf:51:b3:80:75:45:
06:1a:ae:bb:70:0a:f4:62:65:bd:2a:a8:7c:a1:4f:e6:46:e8:
64:bc:ca:f5:a9:2a:e0:dd:0a:80:03:ff:36:75:59:57:d3:9d:
f6:b0:de:0a:89:cd:c7:c5:0a:ce:90:8d:5b:c4:75:ba:3c:ad:
29:8e:17:12:26:f2:ce:49:f1:2c:84:e5:b3:6c:db:c3:55:66:
a7:a0:b2:b7:61:13:72:56:1b:39:f3:27:90:7e:33:27:1e:54:
35:8d:44:f6:58:cc:64:a2:55:da:42:bc:d2:cd:9f:1c:1e:c5:
6c:8b:21:53:90:a0:e4:3b:a7:6d:76:2f:32:f5:3d:4d:e6:ea:
cb:ef:05:fd:4d:c6:c1:15:13:80:77:c2:b8:8c:8e:56:0f:04:
cb:7d:70:6b:5c:a9:bc:6b:c3:37:44:c3:bf:4a:cb:d6:ae:d2:
90:6f:60:ed:78:97:b6:1e:f2:b3:cd:f8:97:0c:f9:6a:f5:32:
31:14:af:d5
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMHuGppIlb541b8AUG25n4KHf+oswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDUwMjRaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDIzNGJiM2ZkYzcyOTI4MzMxMmNkODkxMDZlYzMzNTQ3MzllYTU5ZGJiODU0
MzZkYTc4ZGE3MjhmYzMxMDU1MGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN7HHsImgap/sif3kEkQYFS4/8REioZ2Kv5RO3GrR4Wg0FGc+M3r/TVzI1Vg
14PfrDaX8DzRcN+8EzUODPhrCHpzJhIc9O7yUKrFPsqe1AkK8WzHRKBlLSghiYcp
XkjHCDr8VABCromD7DLr/ZaDmuxy5imgjYAdj0t2fbhkfelphC9uzzlpeCUr+ONW
bqzybseUeNjUaODKzUcSaENQmOraeilPH6s8Fa288+PM2t8c+XqB4vhXeygr6PVA
POnoqx9+GVuaRPhaI/hP7hY6c8pJphfrzOOqfeSz8ZgmOhHEdtbBZrhi5dkSi8Kv
pKoiDECDQDd+1JZZHG6TCP69nmcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTszvxX
9A0lN9xkYCwTzcZTj285cDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTk1MjUwYzMtZTlmMi00ZTIzLTk3NzktODdjNDc0OTdmNTIwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HhQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCTzEYiy2M3q9CuRB9Cu9V9nOB53Qa6lTKqlIwv
Eq8fpfH8qSGPmIFi4zn8diX/ytQ6MBEFeNOAowVp0o/BBdKMpp2/UbOAdUUGGq67
cAr0YmW9Kqh8oU/mRuhkvMr1qSrg3QqAA/82dVlX0532sN4Kic3HxQrOkI1bxHW6
PK0pjhcSJvLOSfEshOWzbNvDVWanoLK3YRNyVhs58yeQfjMnHlQ1jUT2WMxkolXa
QrzSzZ8cHsVsiyFTkKDkO6dtdi8y9T1N5urL7wX9TcbBFROAd8K4jI5WDwTLfXBr
XKm8a8M3RMO/SsvWrtKQb2DteJe2HvKzzfiXDPlq9TIxFK/V
-----END CERTIFICATE-----
Generated at Sun May 24 00:18:10 2026 by rpki-client