Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/10e25f26-1142-4a43-8091-69f9ddd435c1.roa
File: 10e25f26-1142-4a43-8091-69f9ddd435c1.roa (raw, json)
Hash identifier: sNTn5DGcyZ6QFNPAviYG6Z+TF7wOwVt8gIes+MQgYXM=
Subject key identifier: EC:8D:E4:D0:15:83:81:E8:5D:9A:C3:22:79:50:2C:7C:B1:8A:A2:36
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4612A1F1095BB8A96771A91A59CE71626DD23071
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/10e25f26-1142-4a43-8091-69f9ddd435c1.roa
Signing time: Tue 19 May 2026 05:30:14 +0000
ROA not before: Tue 19 May 2026 05:30:14 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d075:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:12:a1:f1:09:5b:b8:a9:67:71:a9:1a:59:ce:71:62:6d:d2:30:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:30:14 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=00e16b81d8800549c0282f5a10a38e87b63674fb9c75fa39094c872f1b6cee92, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:3a:36:cb:4c:d3:3e:ff:f7:12:78:c8:ac:1c:
f4:5a:d9:d4:a0:f8:3a:0e:8b:f3:dd:3e:25:d9:05:
45:6f:91:3f:96:9a:36:9e:b1:bf:ec:02:2c:3b:31:
06:85:41:86:aa:55:19:e3:2e:9e:be:fa:3c:8e:91:
c9:08:b6:f0:66:52:33:01:fe:4a:b9:cf:30:d6:81:
fd:2d:8f:a3:58:fe:32:03:2f:73:2c:7e:37:bd:6f:
f4:07:b5:d1:e8:7b:bf:12:3a:c8:38:bb:64:22:bf:
c8:04:cc:ba:c8:75:66:09:8a:27:c7:b2:14:98:ee:
63:26:e4:e2:ac:3e:ff:12:46:30:70:94:af:d5:6d:
67:4b:bd:ab:2a:bf:22:05:0a:50:c7:d9:4b:4c:75:
a8:90:fd:a1:92:0d:fd:ec:30:f7:a2:aa:ef:53:3c:
eb:6b:70:a1:73:9f:7e:18:d5:96:14:48:2b:b0:37:
b8:b3:0f:b5:69:d2:77:5f:80:29:47:42:d6:16:7f:
ea:51:3a:64:f1:c6:cf:75:0b:ee:d9:89:fa:0b:66:
b2:ae:37:4d:e7:7d:83:53:dd:80:97:76:54:40:d9:
38:c3:05:d5:c2:41:3e:e2:01:9e:2d:e0:9e:10:05:
74:48:b2:d9:09:06:22:44:de:5c:1b:89:ad:bf:d6:
e6:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:8D:E4:D0:15:83:81:E8:5D:9A:C3:22:79:50:2C:7C:B1:8A:A2:36
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/10e25f26-1142-4a43-8091-69f9ddd435c1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d075:1000::/40
Signature Algorithm: sha256WithRSAEncryption
10:6e:cf:60:31:b0:ec:86:48:5a:b0:de:76:7b:0d:e2:d5:c6:
02:f5:ab:bc:48:fe:cc:9c:48:26:6b:08:0c:b2:9d:fe:ef:be:
8c:9a:7c:81:44:16:96:ef:97:1b:e4:d6:32:60:ff:7f:a7:04:
73:05:28:22:1c:7d:e9:b6:04:45:df:df:04:ed:27:f9:37:9d:
1c:91:00:43:ee:c3:f1:90:78:5c:df:1a:96:99:1f:35:95:37:
81:e4:41:5d:eb:93:17:84:0b:a8:3e:a0:b7:c7:57:5c:d0:4e:
f3:05:f8:32:11:75:e3:b7:5d:3b:21:2b:8b:50:b6:db:57:8d:
63:0e:6c:83:d2:20:da:10:57:27:f9:9e:e1:e5:b4:7e:86:7a:
f9:09:b9:ab:aa:78:c1:77:c3:ef:1b:95:3c:c4:e1:e2:67:74:
0f:61:ef:2b:16:dc:6d:b0:7e:d7:35:71:75:dc:fe:81:11:0c:
55:09:3c:7b:bd:9b:46:cf:2f:2f:61:58:b7:0b:ed:01:d3:c2:
ae:ea:51:f1:50:13:dc:b1:c1:e1:63:f1:b2:77:f8:b3:9b:88:
3b:45:ce:0b:0b:41:5b:66:dc:8d:72:89:cf:d0:ef:bd:91:4e:
12:92:c9:12:70:94:61:09:0a:15:38:ff:fd:e4:28:ba:0a:bd:
d6:af:f5:37
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURhKh8QlbuKlncakaWc5xYm3SMHEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTMwMTRaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDAwZTE2YjgxZDg4MDA1NDljMDI4MmY1YTEwYTM4ZTg3YjYzNjc0ZmI5Yzc1
ZmEzOTA5NGM4NzJmMWI2Y2VlOTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJk6NstM0z7/9xJ4yKwc9FrZ1KD4Og6L890+JdkFRW+RP5aaNp6xv+wCLDsx
BoVBhqpVGeMunr76PI6RyQi28GZSMwH+SrnPMNaB/S2Po1j+MgMvcyx+N71v9Ae1
0eh7vxI6yDi7ZCK/yATMush1ZgmKJ8eyFJjuYybk4qw+/xJGMHCUr9VtZ0u9qyq/
IgUKUMfZS0x1qJD9oZIN/eww96Kq71M862twoXOffhjVlhRIK7A3uLMPtWnSd1+A
KUdC1hZ/6lE6ZPHGz3UL7tmJ+gtmsq43Ted9g1PdgJd2VEDZOMMF1cJBPuIBni3g
nhAFdEiy2QkGIkTeXBuJrb/W5iECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTsjeTQ
FYOB6F2awyJ5UCx8sYqiNjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTBlMjVmMjYtMTE0Mi00YTQzLTgwOTEtNjlmOWRkZDQzNWMxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HUQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAQbs9gMbDshkhasN52ew3i1cYC9au8SP7MnEgm
awgMsp3+776MmnyBRBaW75cb5NYyYP9/pwRzBSgiHH3ptgRF398E7Sf5N50ckQBD
7sPxkHhc3xqWmR81lTeB5EFd65MXhAuoPqC3x1dc0E7zBfgyEXXjt107ISuLULbb
V41jDmyD0iDaEFcn+Z7h5bR+hnr5CbmrqnjBd8PvG5U8xOHiZ3QPYe8rFtxtsH7X
NXF13P6BEQxVCTx7vZtGzy8vYVi3C+0B08Ku6lHxUBPcscHhY/Gyd/izm4g7Rc4L
C0FbZtyNconP0O+9kU4SkskScJRhCQoVOP/95Ci6Cr3Wr/U3
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:26:08 2026 by rpki-client