Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0fe279cf-b55f-4d96-9958-ec3ecd64b0c8.roa
File: 0fe279cf-b55f-4d96-9958-ec3ecd64b0c8.roa (raw, json)
Hash identifier: nOJjHEqe5g/h0+vqrvuEy3aQgx7Vu88eFuKj7GA7vkM=
Subject key identifier: CA:BA:0F:BA:B7:68:0E:EB:72:3F:B9:85:C6:7F:3E:02:34:17:83:8D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 61F6399AEB28DCF7D2DE6DAC1BF72CCA86C69098
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0fe279cf-b55f-4d96-9958-ec3ecd64b0c8.roa
Signing time: Wed 20 May 2026 00:00:07 +0000
ROA not before: Wed 20 May 2026 00:00:07 +0000
ROA not after: Tue 18 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d014:1400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:f6:39:9a:eb:28:dc:f7:d2:de:6d:ac:1b:f7:2c:ca:86:c6:90:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 00:00:07 2026 GMT
Not After : Aug 18 23:59:59 2026 GMT
Subject: serialNumber=1edf3b7b32f8b61c98f372ceb9d38941e037602098ba3cea18773e7a14508eb0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:bd:d3:06:98:10:98:d7:97:88:ba:1e:4f:b1:
64:fb:d2:04:77:4b:8d:e9:36:2a:77:58:fa:80:eb:
e6:aa:8f:f4:db:25:c8:55:eb:ad:ef:26:32:4b:99:
49:e2:b9:37:db:43:e5:28:91:16:47:fe:fb:f5:b9:
43:f1:89:fc:99:97:b0:e2:04:e4:ae:f5:b1:8e:7d:
b3:de:4b:d3:bf:a4:eb:53:5e:51:3f:bf:5c:69:cc:
2c:3b:89:06:4e:8d:09:78:48:87:d6:96:47:df:30:
5d:a1:69:7d:6c:32:61:66:3e:f8:d1:34:61:86:6c:
2a:65:49:d5:0c:8e:a7:d6:49:7f:c1:60:04:26:60:
e1:4f:4d:ee:39:b7:1c:65:08:ff:f5:84:1b:da:37:
85:61:07:b5:a4:36:58:59:54:21:04:ed:c7:c3:5a:
60:2f:d9:98:46:27:a2:f7:d6:c8:98:a8:8b:cb:43:
4a:1c:f7:64:27:44:06:8c:2d:63:6d:6d:1e:b8:e8:
56:d8:a7:b9:2d:55:f4:3e:40:f8:4e:ea:9b:29:15:
3f:b1:72:94:40:ea:76:8d:3a:d0:3c:8a:2c:b0:5d:
fb:bc:a6:22:36:30:63:33:ba:55:f2:3d:7e:13:e7:
b8:12:3d:38:c6:ea:bd:db:34:b2:01:13:95:1e:d9:
11:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:BA:0F:BA:B7:68:0E:EB:72:3F:B9:85:C6:7F:3E:02:34:17:83:8D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0fe279cf-b55f-4d96-9958-ec3ecd64b0c8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d014:1400::/38
Signature Algorithm: sha256WithRSAEncryption
87:67:16:64:01:6c:e2:66:72:87:b8:2e:22:83:57:fe:96:fb:
48:f5:34:47:87:d3:a9:7c:ac:6d:c5:9e:25:80:c8:60:90:d8:
12:a5:a4:07:09:86:77:dd:4c:25:cb:3c:cb:11:59:17:9d:76:
86:52:87:2f:49:a9:c5:9d:63:a3:af:7c:38:ca:22:56:42:80:
79:17:e1:74:02:a0:76:c9:65:b8:55:dd:44:ff:20:27:14:8b:
ae:ec:81:8e:b8:a4:b1:a7:de:1d:8f:20:05:c0:d2:f1:90:7f:
d2:55:8d:d1:bb:50:34:c0:aa:5a:bf:28:af:38:c5:b3:e5:73:
ae:df:84:2d:71:ee:d4:78:ab:21:3b:ff:c5:d0:52:3b:3f:3d:
f1:8a:7c:d2:3f:02:63:ec:89:53:28:46:3b:1e:70:4f:99:d4:
ce:79:1e:54:7a:7b:47:9c:04:d5:d4:0e:78:a2:06:44:d8:f1:
66:22:27:f8:60:44:06:10:7e:77:30:cf:ca:bb:a8:61:a3:56:
3d:ad:17:0d:4c:23:6f:2b:ca:6c:56:33:6b:4c:01:70:4b:0c:
dc:ad:d8:e4:11:f4:da:ff:7e:53:fc:b3:58:6a:8d:dc:b9:33:
19:53:db:b5:fa:fc:d6:8c:c4:bb:be:59:55:cc:a8:10:8b:79:
fe:85:ad:fe
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUYfY5muso3PfS3m2sG/csyobGkJgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MjAwMDAwMDdaFw0yNjA4MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDFlZGYzYjdiMzJmOGI2MWM5OGYzNzJjZWI5ZDM4OTQxZTAzNzYwMjA5OGJh
M2NlYTE4NzczZTdhMTQ1MDhlYjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN290waYEJjXl4i6Hk+xZPvSBHdLjek2KndY+oDr5qqP9NslyFXrre8mMkuZ
SeK5N9tD5SiRFkf++/W5Q/GJ/JmXsOIE5K71sY59s95L07+k61NeUT+/XGnMLDuJ
Bk6NCXhIh9aWR98wXaFpfWwyYWY++NE0YYZsKmVJ1QyOp9ZJf8FgBCZg4U9N7jm3
HGUI//WEG9o3hWEHtaQ2WFlUIQTtx8NaYC/ZmEYnovfWyJioi8tDShz3ZCdEBowt
Y21tHrjoVtinuS1V9D5A+E7qmykVP7FylEDqdo060DyKLLBd+7ymIjYwYzO6VfI9
fhPnuBI9OMbqvds0sgETlR7ZEe0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTKug+6
t2gO63I/uYXGfz4CNBeDjTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGZlMjc5Y2YtYjU1Zi00ZDk2LTk5NTgtZWMzZWNkNjRiMGM4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BQU
MA0GCSqGSIb3DQEBCwUAA4IBAQCHZxZkAWziZnKHuC4ig1f+lvtI9TRHh9OpfKxt
xZ4lgMhgkNgSpaQHCYZ33UwlyzzLEVkXnXaGUocvSanFnWOjr3w4yiJWQoB5F+F0
AqB2yWW4Vd1E/yAnFIuu7IGOuKSxp94djyAFwNLxkH/SVY3Ru1A0wKpavyivOMWz
5XOu34Qtce7UeKshO//F0FI7Pz3xinzSPwJj7IlTKEY7HnBPmdTOeR5UentHnATV
1A54ogZE2PFmIif4YEQGEH53MM/Ku6hho1Y9rRcNTCNvK8psVjNrTAFwSwzcrdjk
EfTa/35T/LNYao3cuTMZU9u1+vzWjMS7vllVzKgQi3n+ha3+
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:44:42 2026 by rpki-client