Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/17b4a643-b0b3-4de5-ae6d-b3610783f477.roa
File: 17b4a643-b0b3-4de5-ae6d-b3610783f477.roa (raw, json)
Hash identifier: HOpMwoFWECRDfPQS5x989w2fCcnwrW+Y/mu7PFvTVZ4=
Subject key identifier: 66:D9:41:F1:78:C7:E5:E2:1E:68:21:82:1B:E0:11:53:FD:CF:64:10
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6E0E6BDCB9A7AFBACC5D8ADA58773F8B641243E7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/17b4a643-b0b3-4de5-ae6d-b3610783f477.roa
Signing time: Fri 22 May 2026 16:03:34 +0000
ROA not before: Fri 22 May 2026 16:03:34 +0000
ROA not after: Thu 20 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d068:8c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:0e:6b:dc:b9:a7:af:ba:cc:5d:8a:da:58:77:3f:8b:64:12:43:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 22 16:03:34 2026 GMT
Not After : Aug 20 23:59:59 2026 GMT
Subject: serialNumber=62650314b5e3447dbc4f90f23ae82974ab066de97a4a86964924388785527d9f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:6d:80:a1:05:e7:10:40:42:65:53:0f:61:86:
9e:cf:fc:b3:6b:be:8b:3a:c0:ef:b7:ef:e4:03:f8:
ab:58:2f:33:08:e6:6e:82:00:63:5c:7d:b1:77:fa:
e4:d7:b5:db:36:45:17:ff:ae:44:af:f5:a4:c1:2a:
fd:8a:fa:38:ab:68:99:c5:81:27:39:2e:c7:29:aa:
22:24:c9:7c:ae:43:08:55:6a:23:37:ae:fd:29:90:
06:48:dc:f1:b7:b4:23:d6:61:b9:c7:35:bd:78:ed:
80:20:9e:8c:33:19:ca:ed:0a:a9:38:9d:10:78:d1:
16:f5:03:40:9f:45:19:4b:6f:c6:29:fe:05:b2:ae:
52:c2:eb:e9:fb:23:ef:3e:57:f6:03:9c:39:2b:40:
d3:39:e2:7e:20:1d:ad:e8:e5:9e:20:ab:11:73:75:
7d:82:41:f4:22:bf:df:ee:75:bf:3f:0b:02:c7:4d:
ed:62:2c:c3:3d:d2:41:a7:c3:7f:1a:0f:8a:bf:63:
fd:ea:ca:16:c8:51:c5:04:a4:02:3b:32:bc:4d:92:
02:53:0f:ce:e9:c6:57:bf:06:9a:07:da:cc:b8:2d:
7c:84:ae:24:22:7c:b7:f8:2a:10:fd:ca:80:34:bf:
6a:b4:88:ef:45:2e:6f:57:dd:47:18:bd:0d:8a:6e:
cc:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:D9:41:F1:78:C7:E5:E2:1E:68:21:82:1B:E0:11:53:FD:CF:64:10
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/17b4a643-b0b3-4de5-ae6d-b3610783f477.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d068:8c0::/48
Signature Algorithm: sha256WithRSAEncryption
28:a2:a2:59:de:37:65:7c:9e:96:ac:e2:df:ee:30:c2:3f:1b:
a3:a7:43:8d:74:be:f0:ac:e0:92:65:bb:cc:17:d4:11:39:ed:
2b:cb:24:a1:65:a7:d3:c5:86:4f:50:82:5d:cf:d0:c2:43:46:
12:9d:0d:91:50:34:fb:b3:47:60:d1:1c:68:ec:a3:04:f6:d3:
02:f3:be:ae:75:9d:71:3c:a7:09:cb:e4:aa:a5:ee:28:17:47:
57:b9:92:c9:ab:52:be:61:e1:d8:19:03:54:1e:98:04:71:da:
8a:75:e0:3f:b9:1e:b4:7a:c7:67:80:8e:e3:5f:cc:04:02:00:
e2:10:55:4b:39:b5:21:da:a6:4c:8e:46:09:1b:b6:c5:1b:74:
03:75:91:5f:1c:7b:b6:2f:4d:c6:e2:e6:64:db:a6:83:be:f2:
ca:77:45:74:d4:0d:c3:16:a7:7d:6e:3b:e9:5b:4a:42:96:43:
83:e3:cb:36:33:0d:67:93:41:e3:f1:ec:b4:9b:fe:cc:1a:bb:
4e:e7:38:cd:02:d2:ab:15:48:82:0d:70:7d:ae:49:23:ce:d2:
5d:ad:17:31:59:ae:7f:b0:3f:48:80:df:ad:8d:41:da:74:37:
2d:b6:40:e9:6b:14:8f:9a:85:94:f8:08:d1:2a:63:9a:21:2e:
02:b1:d8:0e
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUbg5r3Lmnr7rMXYraWHc/i2QSQ+cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MjIxNjAzMzRaFw0yNjA4MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDYyNjUwMzE0YjVlMzQ0N2RiYzRmOTBmMjNhZTgyOTc0YWIwNjZkZTk3YTRh
ODY5NjQ5MjQzODg3ODU1MjdkOWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL5tgKEF5xBAQmVTD2GGns/8s2u+izrA77fv5AP4q1gvMwjmboIAY1x9sXf6
5Ne12zZFF/+uRK/1pMEq/Yr6OKtomcWBJzkuxymqIiTJfK5DCFVqIzeu/SmQBkjc
8be0I9Zhucc1vXjtgCCejDMZyu0KqTidEHjRFvUDQJ9FGUtvxin+BbKuUsLr6fsj
7z5X9gOcOStA0znifiAdrejlniCrEXN1fYJB9CK/3+51vz8LAsdN7WIswz3SQafD
fxoPir9j/erKFshRxQSkAjsyvE2SAlMPzunGV78GmgfazLgtfISuJCJ8t/gqEP3K
gDS/arSI70Uub1fdRxi9DYpuzE8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRm2UHx
eMfl4h5oIYIb4BFT/c9kEDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTdiNGE2NDMtYjBiMy00ZGU1LWFlNmQtYjM2MTA3ODNmNDc3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0GgI
wDANBgkqhkiG9w0BAQsFAAOCAQEAKKKiWd43ZXyelqzi3+4wwj8bo6dDjXS+8Kzg
kmW7zBfUETntK8skoWWn08WGT1CCXc/QwkNGEp0NkVA0+7NHYNEcaOyjBPbTAvO+
rnWdcTynCcvkqqXuKBdHV7mSyatSvmHh2BkDVB6YBHHainXgP7ketHrHZ4CO41/M
BAIA4hBVSzm1IdqmTI5GCRu2xRt0A3WRXxx7ti9NxuLmZNumg77yyndFdNQNwxan
fW476VtKQpZDg+PLNjMNZ5NB4/HstJv+zBq7Tuc4zQLSqxVIgg1wfa5JI87SXa0X
MVmuf7A/SIDfrY1B2nQ3LbZA6WsUj5qFlPgI0SpjmiEuArHYDg==
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:16:45 2026 by rpki-client