Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b28278f-4fad-45f4-a194-c2e785f1c443.roa
File: 0b28278f-4fad-45f4-a194-c2e785f1c443.roa (raw, json)
Hash identifier: xt3NvcjfcIEym/TSGeLpYYoDSWuJqN9AE4uv9Ya82gQ=
Subject key identifier: 70:CD:03:54:19:14:AF:DE:C1:FE:EA:72:AC:0E:5E:4B:C1:61:B5:29
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 029786030D241A43BC6E78BFD6DFE439A51B2847
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b28278f-4fad-45f4-a194-c2e785f1c443.roa
Signing time: Tue 19 May 2026 04:30:09 +0000
ROA not before: Tue 19 May 2026 04:30:09 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d019:800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:97:86:03:0d:24:1a:43:bc:6e:78:bf:d6:df:e4:39:a5:1b:28:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:30:09 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=82159c1592495f4664d5870ee2f2ead961efb1abe30e606e926d61e79823c2b2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:9a:44:d3:6f:4b:41:a1:0c:c0:8e:4d:2b:ad:
ea:cd:ac:b0:79:d3:37:cb:d8:bf:74:45:d8:80:83:
8c:62:56:8c:8d:59:26:a0:11:50:37:b9:1e:cb:f8:
5b:d8:e6:ed:1f:87:ec:c3:dd:3c:02:ab:92:25:ab:
27:80:fd:c1:28:87:63:e2:02:67:44:16:0f:60:73:
02:e0:36:84:c8:3d:55:53:e0:48:51:d5:04:95:68:
2a:f1:96:7c:fc:3d:d9:7a:b8:ee:a9:c2:8a:0e:06:
b2:30:bb:e0:55:d3:a2:d5:db:c1:42:84:5e:74:40:
93:29:4c:7b:13:59:ed:35:fb:48:64:b4:ae:b2:f1:
49:93:2d:53:96:d6:e8:c7:55:b1:84:9b:f1:45:0b:
a3:8f:a5:7d:50:40:ab:eb:87:d7:c2:ff:68:26:71:
a2:ce:d3:e0:12:f4:9a:e6:63:b1:50:fa:cd:45:04:
08:91:31:94:5f:ae:a1:07:0d:1a:9e:4a:0d:d5:35:
6a:fd:8d:d8:b9:f4:fe:a5:1f:e8:6a:a8:84:b5:b6:
c4:5d:9d:35:6f:2b:28:01:f2:b7:e5:8e:95:e1:f8:
ec:f5:28:30:5e:e5:09:44:41:fa:71:67:98:49:3d:
7d:27:53:7d:83:74:d8:34:2a:b6:ce:ff:64:47:8b:
83:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:CD:03:54:19:14:AF:DE:C1:FE:EA:72:AC:0E:5E:4B:C1:61:B5:29
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0b28278f-4fad-45f4-a194-c2e785f1c443.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d019:800::/38
Signature Algorithm: sha256WithRSAEncryption
7f:8e:fc:0c:bf:ff:76:a5:11:c8:a4:b1:64:72:24:ef:13:37:
a8:f1:36:b7:b8:a0:0a:7e:1e:1b:5d:6f:7c:36:f7:76:62:49:
8e:68:a0:bd:8d:52:9d:dd:f1:65:1d:f7:96:16:65:27:86:ce:
8c:f9:b6:91:bf:8b:ba:a3:04:43:8c:f5:90:a8:2b:2f:41:1a:
98:04:3f:84:52:ab:ca:c9:60:e2:05:83:12:d6:14:1b:03:8c:
1a:7a:42:ae:19:fe:a0:ff:88:8e:70:b2:6d:1c:cd:21:3a:65:
6d:dc:cb:ff:3e:2d:d8:01:2a:58:ed:89:83:d3:29:9d:46:e7:
d1:a7:b0:1a:b4:24:03:67:a0:cd:f8:87:6a:de:dd:32:8a:95:
29:1e:03:06:0e:94:35:2f:6c:c1:7e:66:a1:d1:66:c1:8c:44:
f6:19:c4:38:62:a6:df:ad:f6:c7:a8:7f:53:cd:88:68:51:70:
d8:65:27:9b:e6:78:d1:b4:4b:de:51:bb:72:8b:13:b1:30:f9:
3a:a6:c6:c5:06:72:eb:1e:b2:9f:e9:97:56:46:d3:4b:77:d4:
54:a8:aa:1e:b2:0e:9b:d4:18:eb:79:b8:20:e2:ec:30:f4:8e:
6f:cf:53:96:18:bf:e1:75:d3:9c:7b:22:13:5d:aa:84:a9:c5:
2a:f8:e5:42
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUApeGAw0kGkO8bni/1t/kOaUbKEcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDMwMDlaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDgyMTU5YzE1OTI0OTVmNDY2NGQ1ODcwZWUyZjJlYWQ5NjFlZmIxYWJlMzBl
NjA2ZTkyNmQ2MWU3OTgyM2MyYjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOGaRNNvS0GhDMCOTSut6s2ssHnTN8vYv3RF2ICDjGJWjI1ZJqARUDe5Hsv4
W9jm7R+H7MPdPAKrkiWrJ4D9wSiHY+ICZ0QWD2BzAuA2hMg9VVPgSFHVBJVoKvGW
fPw92Xq47qnCig4GsjC74FXTotXbwUKEXnRAkylMexNZ7TX7SGS0rrLxSZMtU5bW
6MdVsYSb8UULo4+lfVBAq+uH18L/aCZxos7T4BL0muZjsVD6zUUECJExlF+uoQcN
Gp5KDdU1av2N2Ln0/qUf6GqohLW2xF2dNW8rKAHyt+WOleH47PUoMF7lCURB+nFn
mEk9fSdTfYN02DQqts7/ZEeLg8ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRwzQNU
GRSv3sH+6nKsDl5LwWG1KTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGIyODI3OGYtNGZhZC00NWY0LWExOTQtYzJlNzg1ZjFjNDQzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BkI
MA0GCSqGSIb3DQEBCwUAA4IBAQB/jvwMv/92pRHIpLFkciTvEzeo8Ta3uKAKfh4b
XW98Nvd2YkmOaKC9jVKd3fFlHfeWFmUnhs6M+baRv4u6owRDjPWQqCsvQRqYBD+E
UqvKyWDiBYMS1hQbA4waekKuGf6g/4iOcLJtHM0hOmVt3Mv/Pi3YASpY7YmD0ymd
RufRp7AatCQDZ6DN+Idq3t0yipUpHgMGDpQ1L2zBfmah0WbBjET2GcQ4YqbfrfbH
qH9TzYhoUXDYZSeb5njRtEveUbtyixOxMPk6psbFBnLrHrKf6ZdWRtNLd9RUqKoe
sg6b1Bjrebgg4uww9I5vz1OWGL/hddOceyITXaqEqcUq+OVC
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:13:23 2026 by rpki-client