Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1aa38486-cd53-4f48-891d-a0191edf04a1.roa
File: 1aa38486-cd53-4f48-891d-a0191edf04a1.roa (raw, json)
Hash identifier: cGv1TGt+EKMokzH+E5IlPWjn/pGCNxoyxdghYsNqlzo=
Subject key identifier: E8:02:83:00:BC:6B:73:62:C3:0E:85:89:EA:90:FE:9D:BB:4E:53:0E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3FC142CCD1C34FC035E2654EC4D7973A95F61E19
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1aa38486-cd53-4f48-891d-a0191edf04a1.roa
Signing time: Tue 19 May 2026 04:50:10 +0000
ROA not before: Tue 19 May 2026 04:50:10 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:90c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:c1:42:cc:d1:c3:4f:c0:35:e2:65:4e:c4:d7:97:3a:95:f6:1e:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:50:10 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=30c29957c0b480fe77bc49f75ffd404633a2bccd898867b2a2e108abf4fafdb6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:b6:95:ac:86:79:d7:d1:15:f7:77:1d:dd:94:
83:4f:f2:b6:ec:ee:cc:ba:5f:0b:06:58:78:a9:e0:
2c:42:6d:fa:cf:01:68:db:4b:7f:fb:f6:76:82:2d:
e4:ba:f9:20:4d:ba:c2:36:07:02:88:5a:94:da:c2:
28:de:e1:fa:63:57:e9:a1:fb:ab:49:52:03:bc:22:
df:ff:98:bb:5b:bb:e7:ce:24:5d:d6:85:07:46:5f:
32:60:8f:1e:8f:01:06:e5:ac:0a:30:21:42:e9:29:
50:21:b1:be:7a:1d:28:a1:7c:8e:ed:29:97:ae:79:
f5:de:24:b7:3b:9e:96:55:e3:dc:04:8d:4d:f4:2a:
d2:0f:b4:0c:cf:0b:66:db:aa:73:85:37:ba:47:ba:
58:3f:98:7d:74:47:ce:16:0d:53:06:aa:26:f9:89:
0a:ce:35:8b:09:05:72:8b:17:93:b9:73:83:d3:ee:
d5:9a:de:e1:79:61:bc:f6:ec:d1:cb:0f:7a:fd:a7:
80:55:39:c6:34:04:4b:c6:6b:aa:33:93:7b:87:97:
9a:1e:ab:43:93:a9:c7:17:02:7b:32:27:7a:c0:e7:
75:f2:9e:eb:97:93:17:5f:49:ec:7b:0c:14:0e:d6:
79:a5:23:dc:9a:18:cf:8b:03:0b:85:86:97:b4:60:
22:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:02:83:00:BC:6B:73:62:C3:0E:85:89:EA:90:FE:9D:BB:4E:53:0E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1aa38486-cd53-4f48-891d-a0191edf04a1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:90c0::/48
Signature Algorithm: sha256WithRSAEncryption
c9:a7:6e:23:9c:83:49:ae:83:35:de:0d:9a:5e:57:99:8b:f1:
d4:7e:5a:bf:a1:90:30:e8:0c:37:68:44:05:34:77:f1:1c:66:
3d:53:79:21:89:bf:62:93:47:80:56:10:c2:35:50:6f:03:05:
a8:26:2b:ba:69:e3:95:6a:a4:18:e1:20:10:2b:2b:d9:43:81:
04:61:70:e1:09:95:20:99:41:79:3c:54:96:42:eb:76:a9:7f:
37:91:14:18:ff:ce:5d:fa:4a:a5:b6:6e:53:4b:2c:e4:66:1d:
1e:2f:12:d9:a5:3f:7b:41:e5:ef:ad:f5:ec:37:b3:e7:ad:c7:
01:44:b0:44:c6:9a:68:45:5d:c4:0f:f2:4e:ae:8c:a8:e7:c1:
f7:03:ee:8e:f9:18:81:cc:f3:4e:9a:01:f1:d0:2f:1c:da:27:
6b:4f:8d:a9:61:a3:bf:f2:f9:a8:34:cb:13:ec:bc:be:18:7c:
5d:e2:44:08:e2:91:85:fb:17:ed:9c:43:c9:0d:de:b4:16:76:
f4:a4:e6:c5:46:41:18:3d:88:08:0d:63:8c:17:01:e3:f7:4e:
2e:c5:4d:50:3f:4e:ba:96:fb:90:be:44:f8:af:46:dc:42:f2:
80:d0:01:8b:6d:d1:13:0a:2a:50:9f:9d:25:19:f0:24:59:28:
47:67:60:dd
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUP8FCzNHDT8A14mVOxNeXOpX2HhkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDUwMTBaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDMwYzI5OTU3YzBiNDgwZmU3N2JjNDlmNzVmZmQ0MDQ2MzNhMmJjY2Q4OTg4
NjdiMmEyZTEwOGFiZjRmYWZkYjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJO2layGedfRFfd3Hd2Ug0/ytuzuzLpfCwZYeKngLEJt+s8BaNtLf/v2doIt
5Lr5IE26wjYHAohalNrCKN7h+mNX6aH7q0lSA7wi3/+Yu1u7584kXdaFB0ZfMmCP
Ho8BBuWsCjAhQukpUCGxvnodKKF8ju0pl6559d4ktzuellXj3ASNTfQq0g+0DM8L
Ztuqc4U3uke6WD+YfXRHzhYNUwaqJvmJCs41iwkFcosXk7lzg9Pu1Zre4XlhvPbs
0csPev2ngFU5xjQES8ZrqjOTe4eXmh6rQ5OpxxcCezInesDndfKe65eTF19J7HsM
FA7WeaUj3JoYz4sDC4WGl7RgIq8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBToAoMA
vGtzYsMOhYnqkP6du05TDjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWFhMzg0ODYtY2Q1My00ZjQ4LTg5MWQtYTAxOTFlZGYwNGExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACQ
wDANBgkqhkiG9w0BAQsFAAOCAQEAyaduI5yDSa6DNd4Nml5XmYvx1H5av6GQMOgM
N2hEBTR38RxmPVN5IYm/YpNHgFYQwjVQbwMFqCYrumnjlWqkGOEgECsr2UOBBGFw
4QmVIJlBeTxUlkLrdql/N5EUGP/OXfpKpbZuU0ss5GYdHi8S2aU/e0Hl76317Dez
563HAUSwRMaaaEVdxA/yTq6MqOfB9wPujvkYgczzTpoB8dAvHNona0+NqWGjv/L5
qDTLE+y8vhh8XeJECOKRhfsX7ZxDyQ3etBZ29KTmxUZBGD2ICA1jjBcB4/dOLsVN
UD9Oupb7kL5E+K9G3ELygNABi23REwoqUJ+dJRnwJFkoR2dg3Q==
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:44:54 2026 by rpki-client