Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/15de004b-cd0f-44a1-99b1-4e2e71ff07d1.roa
File: 15de004b-cd0f-44a1-99b1-4e2e71ff07d1.roa (raw, json)
Hash identifier: JxWBOnBi4jG1R4OZP0f7YjiL0uyP7MxhyrcJztoIENk=
Subject key identifier: BF:CC:A5:64:8B:E6:BD:C1:1E:F1:50:87:C8:88:98:01:21:5D:5E:1B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6D711BDC7FF125B117121A16D9BF8D9529D56848
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/15de004b-cd0f-44a1-99b1-4e2e71ff07d1.roa
Signing time: Tue 19 May 2026 05:00:08 +0000
ROA not before: Tue 19 May 2026 05:00:08 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:40c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:71:1b:dc:7f:f1:25:b1:17:12:1a:16:d9:bf:8d:95:29:d5:68:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:00:08 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=ab913cc6cff1c98101f36d8f805cf8cf28f731e572aae9769363b5e333199762, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:65:99:f3:82:c3:31:81:d4:ef:37:0a:a3:a2:
d0:3e:d8:e3:60:5c:59:04:6d:86:3a:03:ca:00:be:
5d:cb:7a:8d:28:5c:79:6a:49:24:f8:38:7e:3b:c1:
20:e0:5c:cb:38:14:52:85:a3:a5:a0:21:ad:f0:fc:
55:32:3b:09:7c:ed:2f:85:1b:e7:cd:38:6d:e5:a8:
29:a6:24:34:e1:ee:5b:9c:1a:5c:1d:e8:e7:6c:05:
e2:38:4d:e2:5a:8c:ec:4b:82:56:04:37:72:04:46:
d6:86:84:79:db:65:bb:01:72:9b:d5:55:ae:d5:8f:
42:fe:ef:9c:1b:51:0a:e1:97:ac:30:3c:10:8b:11:
b0:14:d7:f3:00:b8:13:dc:49:05:17:a4:ee:f9:41:
4b:aa:2e:80:95:ed:54:12:4b:ed:46:5d:ad:f9:b5:
90:73:4d:a8:0d:fc:73:cc:d5:da:a0:61:6a:29:b8:
15:d8:6e:bc:08:a3:37:48:cc:86:fe:fa:b9:d6:a6:
e6:99:cc:09:76:a7:03:39:c9:53:1b:ec:45:d6:4d:
cb:9d:9e:64:43:1b:ec:11:39:cc:46:e3:1e:b2:9e:
15:b2:ee:06:5e:5e:57:0a:ec:cd:2a:6d:c6:96:46:
2e:b3:2a:ff:d8:3a:cd:4b:ef:9b:ff:4a:74:70:e4:
fc:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:CC:A5:64:8B:E6:BD:C1:1E:F1:50:87:C8:88:98:01:21:5D:5E:1B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/15de004b-cd0f-44a1-99b1-4e2e71ff07d1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:40c0::/48
Signature Algorithm: sha256WithRSAEncryption
36:4a:2c:54:00:f7:4d:2e:98:15:94:9f:24:10:aa:95:66:cd:
4e:40:8c:0e:01:c8:2e:64:fa:99:4b:14:f9:75:b5:2a:f5:ea:
01:b1:e0:c7:da:ff:63:fe:6a:ed:61:24:c5:7f:33:db:37:cf:
c6:17:63:4d:49:3c:78:48:c2:9b:4a:c5:4d:d7:68:a8:e6:5c:
f8:ca:9f:6e:61:dd:ca:cc:16:20:5a:b2:94:df:ad:02:2b:d2:
e2:d3:56:2c:73:32:7b:95:ab:d8:31:62:bf:e6:39:ee:ea:da:
f8:07:d9:89:c6:b5:26:b2:77:89:c8:b0:c5:1e:f0:4a:ba:17:
1c:eb:4a:99:a8:17:ef:25:1a:a2:30:b2:b0:d4:88:aa:58:be:
38:c4:96:c2:f0:ad:44:32:fd:b8:26:8d:d8:0a:91:2a:a0:19:
8e:ea:d2:7b:7d:70:96:4e:6e:13:65:18:38:eb:29:01:ea:d5:
97:00:7f:e9:bd:62:ae:96:44:31:b8:3d:0b:56:d4:da:83:1b:
17:b4:c4:fa:2c:78:37:71:da:ff:c4:8b:a8:4d:1d:e2:f8:a8:
fd:b9:29:40:7b:52:88:4f:7e:0f:18:53:52:d2:8f:2c:25:06:
87:91:3f:45:a8:8c:0b:58:5f:13:b5:b4:ba:f9:89:2f:44:65:
29:6b:02:fc
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUbXEb3H/xJbEXEhoW2b+NlSnVaEgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTAwMDhaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGFiOTEzY2M2Y2ZmMWM5ODEwMWYzNmQ4ZjgwNWNmOGNmMjhmNzMxZTU3MmFh
ZTk3NjkzNjNiNWUzMzMxOTk3NjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALBlmfOCwzGB1O83CqOi0D7Y42BcWQRthjoDygC+Xct6jShceWpJJPg4fjvB
IOBcyzgUUoWjpaAhrfD8VTI7CXztL4Ub5804beWoKaYkNOHuW5waXB3o52wF4jhN
4lqM7EuCVgQ3cgRG1oaEedtluwFym9VVrtWPQv7vnBtRCuGXrDA8EIsRsBTX8wC4
E9xJBRek7vlBS6ougJXtVBJL7UZdrfm1kHNNqA38c8zV2qBhaim4FdhuvAijN0jM
hv76udam5pnMCXanAznJUxvsRdZNy52eZEMb7BE5zEbjHrKeFbLuBl5eVwrszSpt
xpZGLrMq/9g6zUvvm/9KdHDk/I0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS/zKVk
i+a9wR7xUIfIiJgBIV1eGzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTVkZTAwNGItY2QwZi00NGExLTk5YjEtNGUyZTcxZmYwN2QxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9A
wDANBgkqhkiG9w0BAQsFAAOCAQEANkosVAD3TS6YFZSfJBCqlWbNTkCMDgHILmT6
mUsU+XW1KvXqAbHgx9r/Y/5q7WEkxX8z2zfPxhdjTUk8eEjCm0rFTddoqOZc+Mqf
bmHdyswWIFqylN+tAivS4tNWLHMye5Wr2DFiv+Y57ura+AfZica1JrJ3iciwxR7w
SroXHOtKmagX7yUaojCysNSIqli+OMSWwvCtRDL9uCaN2AqRKqAZjurSe31wlk5u
E2UYOOspAerVlwB/6b1irpZEMbg9C1bU2oMbF7TE+ix4N3Ha/8SLqE0d4vio/bkp
QHtSiE9+DxhTUtKPLCUGh5E/RaiMC1hfE7W0uvmJL0RlKWsC/A==
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:11:55 2026 by rpki-client