Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0a62bd27-1249-4e47-b472-a40e20de3d28.roa
File: 0a62bd27-1249-4e47-b472-a40e20de3d28.roa (raw, json)
Hash identifier: Nf5kAZ3HtT5MY3iONdnq2iq2OiRbyyF9QyijII0FSMA=
Subject key identifier: 83:CF:E1:D8:B2:81:1F:3B:AA:36:0D:CC:60:67:F2:77:A4:84:CB:03
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 20685C4227506BEB8DEC4BF03ED1B0C9CF8104CD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0a62bd27-1249-4e47-b472-a40e20de3d28.roa
Signing time: Fri 22 May 2026 16:16:22 +0000
ROA not before: Fri 22 May 2026 16:16:22 +0000
ROA not after: Thu 20 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d068:2000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:68:5c:42:27:50:6b:eb:8d:ec:4b:f0:3e:d1:b0:c9:cf:81:04:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 22 16:16:22 2026 GMT
Not After : Aug 20 23:59:59 2026 GMT
Subject: serialNumber=c236289e72d2e3e878ec4174ca63747c2ee3bec23a2088b33fc46944b6ada1c9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:81:77:b7:df:68:2c:05:d6:4a:b0:c9:b0:42:
49:5c:d1:4d:12:21:8a:ef:2c:67:83:a9:ce:23:18:
08:24:50:a0:bd:59:1b:dc:95:b0:36:e7:0f:58:6b:
f2:b6:6c:5a:17:53:76:51:ff:05:ad:e9:10:96:44:
78:c7:9a:62:02:b4:74:8c:70:fe:c1:24:ab:93:b8:
26:b2:cc:d6:b2:36:f8:ad:7e:cf:b6:a5:2c:df:bc:
22:c5:a4:64:ef:a9:8e:8a:aa:4b:1b:7f:9c:0f:0c:
2b:ae:ac:0f:5b:59:b5:64:1a:f4:71:27:5a:c0:c4:
46:e2:3d:b9:7a:08:74:1e:4d:f2:b6:b6:f2:00:bc:
23:c2:aa:2b:9b:cc:e3:73:11:e2:b6:a5:db:c4:40:
1f:6a:ce:ef:16:b3:5c:80:55:13:c2:7c:c4:52:55:
0c:d8:e4:dc:97:71:7e:b4:f0:ba:24:c1:94:9b:c6:
74:ad:49:37:44:2b:79:85:f2:b4:3b:3d:49:e6:8f:
b4:09:17:cc:97:07:0b:18:d0:0e:40:90:1b:2e:41:
9b:19:e5:b9:54:fb:a2:3b:15:d1:5b:fb:a4:2e:54:
31:a7:31:30:d1:c1:57:8b:b9:f1:c2:38:52:92:17:
05:0e:63:21:bb:34:39:1f:e8:d8:e6:9c:a7:1d:d3:
19:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:CF:E1:D8:B2:81:1F:3B:AA:36:0D:CC:60:67:F2:77:A4:84:CB:03
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0a62bd27-1249-4e47-b472-a40e20de3d28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d068:2000::/40
Signature Algorithm: sha256WithRSAEncryption
7c:e0:7f:4b:8b:f4:00:54:be:d9:3f:f1:07:58:1e:11:bf:bc:
4e:66:cd:d4:34:2b:52:22:7b:57:c9:d2:23:7f:f6:ac:6b:71:
21:52:a3:07:4e:3e:8a:a8:aa:cc:97:0d:95:5d:4b:05:8e:92:
81:4f:0b:dd:c5:ac:97:1d:cd:b9:3b:2b:44:bd:c1:6c:35:cf:
1f:88:84:a5:1f:e9:57:2f:53:2c:ae:4e:e0:93:66:0c:10:0c:
5b:bf:e7:e6:b0:93:42:11:97:16:4f:ae:41:1e:40:1f:01:f1:
64:06:5d:2e:0b:e7:86:8d:ff:d1:c3:18:5d:36:f6:2d:f6:87:
e8:cb:c5:7f:fe:9b:03:31:0b:76:43:d1:bb:a1:ec:93:bc:84:
21:1c:30:60:e3:1b:1a:16:b3:70:aa:13:59:b7:22:2c:7c:ec:
35:98:d3:19:8d:84:ae:9a:aa:60:d2:67:80:ca:69:22:b0:0a:
d7:0d:78:ba:1c:a9:87:cf:a1:35:36:ae:36:3c:2e:76:3c:26:
ed:a0:92:2e:23:4d:f2:17:d3:f9:75:e8:9a:9d:40:57:64:2e:
4d:12:2f:c3:38:e4:30:c5:93:52:d6:dc:25:84:4a:73:4b:74:
09:51:c3:7f:77:ec:df:c6:4c:e0:69:fd:49:54:f5:7b:d0:02:
6c:1c:3c:07
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIGhcQidQa+uN7EvwPtGwyc+BBM0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MjIxNjE2MjJaFw0yNjA4MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGMyMzYyODllNzJkMmUzZTg3OGVjNDE3NGNhNjM3NDdjMmVlM2JlYzIzYTIw
ODhiMzNmYzQ2OTQ0YjZhZGExYzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM+Bd7ffaCwF1kqwybBCSVzRTRIhiu8sZ4OpziMYCCRQoL1ZG9yVsDbnD1hr
8rZsWhdTdlH/Ba3pEJZEeMeaYgK0dIxw/sEkq5O4JrLM1rI2+K1+z7alLN+8IsWk
ZO+pjoqqSxt/nA8MK66sD1tZtWQa9HEnWsDERuI9uXoIdB5N8ra28gC8I8KqK5vM
43MR4ral28RAH2rO7xazXIBVE8J8xFJVDNjk3JdxfrTwuiTBlJvGdK1JN0QreYXy
tDs9SeaPtAkXzJcHCxjQDkCQGy5BmxnluVT7ojsV0Vv7pC5UMacxMNHBV4u58cI4
UpIXBQ5jIbs0OR/o2Oacpx3TGf8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSDz+HY
soEfO6o2DcxgZ/J3pITLAzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGE2MmJkMjctMTI0OS00ZTQ3LWI0NzItYTQwZTIwZGUzZDI4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Ggg
MA0GCSqGSIb3DQEBCwUAA4IBAQB84H9Li/QAVL7ZP/EHWB4Rv7xOZs3UNCtSIntX
ydIjf/asa3EhUqMHTj6KqKrMlw2VXUsFjpKBTwvdxayXHc25OytEvcFsNc8fiISl
H+lXL1Msrk7gk2YMEAxbv+fmsJNCEZcWT65BHkAfAfFkBl0uC+eGjf/RwxhdNvYt
9ofoy8V//psDMQt2Q9G7oeyTvIQhHDBg4xsaFrNwqhNZtyIsfOw1mNMZjYSumqpg
0meAymkisArXDXi6HKmHz6E1Nq42PC52PCbtoJIuI03yF9P5deianUBXZC5NEi/D
OOQwxZNS1twlhEpzS3QJUcN/d+zfxkzgaf1JVPV70AJsHDwH
-----END CERTIFICATE-----
Generated at Sat Jun 13 11:27:47 2026 by rpki-client