Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a8d9e14-cfa9-4400-afa8-b8c0d9eee4e4.roa
File: 1a8d9e14-cfa9-4400-afa8-b8c0d9eee4e4.roa (raw, json)
Hash identifier: QFfOTZFJR9pDL8axEP3iW+4kvllA5ThVnhhlCyTGaHc=
Subject key identifier: 50:69:6F:A1:83:D5:FF:B7:ED:3A:B6:E0:20:53:3F:60:C1:6E:A7:FD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5E7A18DF7D8A92265BE3AFF8FAF457B0B95FF610
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a8d9e14-cfa9-4400-afa8-b8c0d9eee4e4.roa
Signing time: Tue 19 May 2026 05:30:10 +0000
ROA not before: Tue 19 May 2026 05:30:10 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:8080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:7a:18:df:7d:8a:92:26:5b:e3:af:f8:fa:f4:57:b0:b9:5f:f6:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:30:10 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=b7b8dcbe4960ddc5f00685f3c2a404eccf9c3fda78af40ffd8f481cca2c7d43c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:7a:dc:ac:d8:a0:2b:b0:82:5a:d9:69:38:47:
88:8c:76:05:f9:77:b2:5d:ce:9c:66:5b:2d:24:c0:
da:1d:ad:43:cd:53:c7:06:59:63:ef:26:ba:a7:97:
2a:15:a0:f4:83:5a:3e:30:9b:15:b0:00:0a:c2:29:
85:4a:ab:76:0a:cb:75:18:72:ca:90:fd:d8:89:0a:
1d:c6:be:e8:76:ad:fe:75:bc:dc:82:b7:48:2d:6b:
a2:a2:55:3b:92:07:23:2d:05:d0:7b:c6:67:e4:9c:
d4:b4:ab:41:cb:da:15:a5:8d:c5:ae:9a:2e:8d:c2:
98:e9:3e:e8:44:20:2d:90:27:a4:7a:84:b5:cb:fd:
15:4a:32:93:e9:dd:a2:10:64:c4:9c:a7:81:1f:9c:
4b:af:cb:0a:0d:4d:7e:ed:58:cc:05:d5:91:0d:ef:
4e:de:9d:c7:ea:54:82:aa:e2:cf:d1:30:24:0d:c0:
56:ac:c6:e4:a8:c0:ef:ce:dd:d6:f4:bb:42:b9:2e:
3d:ef:d1:bb:e0:93:bd:8b:a1:39:1b:f6:d7:56:fb:
d1:be:09:7f:2e:72:cf:e8:b0:0f:c1:84:d6:af:27:
c7:6e:82:72:b0:79:fa:e6:62:07:c9:57:e5:ac:69:
d6:82:4e:91:81:ed:e3:80:34:73:65:f1:97:17:4b:
10:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:69:6F:A1:83:D5:FF:B7:ED:3A:B6:E0:20:53:3F:60:C1:6E:A7:FD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a8d9e14-cfa9-4400-afa8-b8c0d9eee4e4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:8080::/48
Signature Algorithm: sha256WithRSAEncryption
4e:c3:41:06:19:7e:a8:9f:24:d2:85:22:21:66:32:4f:30:7d:
ad:44:1f:26:3a:6f:a7:97:63:9c:e6:3e:70:b2:34:02:e2:cb:
c8:34:43:d9:ba:8a:00:5a:d6:16:54:8a:3a:86:c3:97:d6:b1:
83:c1:eb:10:ae:22:8d:ab:b3:c2:53:2d:0d:fe:d4:1f:80:1b:
0c:ad:bb:c6:ce:d2:b4:8c:20:60:90:01:7c:cf:37:81:26:49:
cf:fc:e7:cd:96:fb:13:39:01:34:fa:4e:93:55:22:b6:24:22:
97:c0:17:7e:ef:90:db:85:97:d9:0e:68:07:3f:1d:a8:fc:40:
25:7d:ca:11:ac:12:e2:5e:cd:ed:5b:c8:7f:45:32:9d:54:4c:
ca:fb:51:5c:98:33:94:be:0b:f0:05:3d:c5:9b:6c:16:d4:ab:
25:64:82:f0:f6:8e:1d:fc:9d:df:e3:37:e9:77:bb:76:b4:82:
16:c2:5a:6a:e4:75:49:fe:cc:93:ef:00:e6:25:ed:da:3d:33:
e3:32:32:df:53:84:a5:23:0e:69:1c:9a:63:45:49:03:67:b8:
33:bd:eb:f6:a7:f2:24:9b:96:07:95:a8:36:9f:44:c3:08:32:
35:7d:0c:72:f4:ac:c5:7c:3d:d3:2d:52:35:36:f1:17:30:0f:
c0:83:f6:08
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUXnoY332KkiZb46/4+vRXsLlf9hAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTMwMTBaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGI3YjhkY2JlNDk2MGRkYzVmMDA2ODVmM2MyYTQwNGVjY2Y5YzNmZGE3OGFm
NDBmZmQ4ZjQ4MWNjYTJjN2Q0M2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJp63KzYoCuwglrZaThHiIx2Bfl3sl3OnGZbLSTA2h2tQ81TxwZZY+8muqeX
KhWg9INaPjCbFbAACsIphUqrdgrLdRhyypD92IkKHca+6Hat/nW83IK3SC1roqJV
O5IHIy0F0HvGZ+Sc1LSrQcvaFaWNxa6aLo3CmOk+6EQgLZAnpHqEtcv9FUoyk+nd
ohBkxJyngR+cS6/LCg1Nfu1YzAXVkQ3vTt6dx+pUgqriz9EwJA3AVqzG5KjA787d
1vS7QrkuPe/Ru+CTvYuhORv211b70b4Jfy5yz+iwD8GE1q8nx26CcrB5+uZiB8lX
5axp1oJOkYHt44A0c2XxlxdLEO0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRQaW+h
g9X/t+06tuAgUz9gwW6n/TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWE4ZDllMTQtY2ZhOS00NDAwLWFmYTgtYjhjMGQ5ZWVlNGU0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HKA
gDANBgkqhkiG9w0BAQsFAAOCAQEATsNBBhl+qJ8k0oUiIWYyTzB9rUQfJjpvp5dj
nOY+cLI0AuLLyDRD2bqKAFrWFlSKOobDl9axg8HrEK4ijauzwlMtDf7UH4AbDK27
xs7StIwgYJABfM83gSZJz/znzZb7EzkBNPpOk1UitiQil8AXfu+Q24WX2Q5oBz8d
qPxAJX3KEawS4l7N7VvIf0UynVRMyvtRXJgzlL4L8AU9xZtsFtSrJWSC8PaOHfyd
3+M36Xe7drSCFsJaauR1Sf7Mk+8A5iXt2j0z4zIy31OEpSMOaRyaY0VJA2e4M73r
9qfyJJuWB5WoNp9EwwgyNX0McvSsxXw90y1SNTbxFzAPwIP2CA==
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:11:54 2026 by rpki-client