Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2678e5d7-5995-4791-9318-f087e83654a9.roa
File: 2678e5d7-5995-4791-9318-f087e83654a9.roa (raw, json)
Hash identifier: qO+oS4PMg+avxGtkoC5dKYRcc207GP+WJDuo0OXaCCs=
Subject key identifier: 70:8E:DE:B5:29:5F:FF:A6:4D:54:9F:B5:BD:E1:9D:C4:7E:5B:CA:3D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 54E3F531041300DD79F6B326AA21C6E0427C09D1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2678e5d7-5995-4791-9318-f087e83654a9.roa
Signing time: Sat 16 May 2026 00:40:09 +0000
ROA not before: Sat 16 May 2026 00:40:09 +0000
ROA not after: Fri 14 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:e000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:e3:f5:31:04:13:00:dd:79:f6:b3:26:aa:21:c6:e0:42:7c:09:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 16 00:40:09 2026 GMT
Not After : Aug 14 23:59:59 2026 GMT
Subject: serialNumber=22bd241e0b8feae64d1c59ffcce2ce385c97b275ddfe89cc04d26d34971b8b62, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:78:db:46:ca:95:24:b7:0c:48:b6:50:42:2a:
1b:f0:a2:3e:e6:ff:ba:a1:f5:06:bf:b5:0a:22:45:
c9:6c:02:30:f1:db:45:70:2a:0f:40:60:d0:4e:5f:
bd:12:39:9f:fa:de:87:4e:5f:b8:1f:57:52:08:22:
60:81:e8:62:6a:d3:ee:92:a5:70:9e:0d:56:e2:23:
33:fc:5e:be:cb:10:7b:35:85:30:56:59:e0:54:2b:
7f:57:d7:a8:75:81:b6:d4:6e:b6:1e:cf:69:ee:3e:
df:6a:25:f4:70:71:a4:36:65:7e:b8:87:97:9f:43:
53:b6:6b:8d:b1:86:6b:25:60:c8:d2:0e:f2:a5:35:
c4:24:82:e0:06:0f:52:6d:4d:7b:c3:ff:a7:d8:48:
90:9d:f1:10:df:71:a6:33:cb:75:05:3b:3e:d9:b1:
fe:51:f5:ba:5e:83:36:f6:e2:45:04:58:f3:09:c5:
0c:e2:e8:53:1a:8d:e7:6a:80:98:6d:d1:62:54:ba:
54:56:29:72:c2:ce:52:59:10:c2:f4:02:61:19:d0:
f3:22:78:51:e2:d4:22:0a:75:9f:b7:74:c1:19:1d:
94:b0:bb:d5:ca:df:4d:1b:03:c4:f5:e6:9a:49:82:
15:bf:68:30:38:6b:f2:f4:05:9f:53:7b:1d:2d:70:
78:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:8E:DE:B5:29:5F:FF:A6:4D:54:9F:B5:BD:E1:9D:C4:7E:5B:CA:3D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2678e5d7-5995-4791-9318-f087e83654a9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:e000::/48
Signature Algorithm: sha256WithRSAEncryption
4c:68:1b:9e:fa:99:76:f7:38:1c:33:d2:a9:86:00:72:45:73:
ea:d2:e3:cf:62:72:4f:db:3d:03:fa:3c:a0:16:21:44:ca:9b:
6d:db:5c:65:57:8f:7c:37:42:98:68:68:11:8a:af:22:de:2e:
6f:9e:06:8c:f6:0e:e4:0c:7a:7c:95:7f:d8:5c:a2:c2:65:d3:
c8:b3:c4:d9:0e:08:cc:9c:63:e1:b9:08:a5:05:04:9a:7f:4a:
b7:9f:63:e3:78:6c:fe:8f:f0:94:95:e5:e9:e2:dc:a0:03:80:
f8:9b:7e:2b:e1:9a:80:1f:c9:f0:46:ca:5a:c4:9b:2c:d4:3f:
ff:62:65:75:23:b1:8a:8d:be:d3:9c:e9:fd:de:bf:ac:5d:5a:
2d:d7:88:f4:5c:db:e8:0f:77:87:ca:ee:61:da:42:6b:fa:36:
a1:ab:db:20:04:66:d4:7f:11:52:ef:0a:cb:a0:af:55:db:83:
c1:e6:be:9b:97:88:74:4f:f8:01:2a:65:cb:db:c5:cc:af:d5:
b4:90:bd:5f:8b:61:b1:e8:69:81:68:37:6e:d0:34:45:ec:8c:
9a:66:a9:42:a8:76:6a:ae:e4:5d:6d:b3:8a:f8:a7:c9:e1:9d:
95:36:10:c6:11:3b:d9:eb:79:6a:f1:72:37:55:e8:b1:ac:c6:
7d:37:91:dd
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUVOP1MQQTAN159rMmqiHG4EJ8CdEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTYwMDQwMDlaFw0yNjA4MTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDIyYmQyNDFlMGI4ZmVhZTY0ZDFjNTlmZmNjZTJjZTM4NWM5N2IyNzVkZGZl
ODljYzA0ZDI2ZDM0OTcxYjhiNjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMR420bKlSS3DEi2UEIqG/CiPub/uqH1Br+1CiJFyWwCMPHbRXAqD0Bg0E5f
vRI5n/reh05fuB9XUggiYIHoYmrT7pKlcJ4NVuIjM/xevssQezWFMFZZ4FQrf1fX
qHWBttRuth7Pae4+32ol9HBxpDZlfriHl59DU7ZrjbGGayVgyNIO8qU1xCSC4AYP
Um1Ne8P/p9hIkJ3xEN9xpjPLdQU7Ptmx/lH1ul6DNvbiRQRY8wnFDOLoUxqN52qA
mG3RYlS6VFYpcsLOUlkQwvQCYRnQ8yJ4UeLUIgp1n7d0wRkdlLC71crfTRsDxPXm
mkmCFb9oMDhr8vQFn1N7HS1weNUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRwjt61
KV//pk1Un7W94Z3EflvKPTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjY3OGU1ZDctNTk5NS00NzkxLTkzMTgtZjA4N2U4MzY1NGE5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0Hbg
ADANBgkqhkiG9w0BAQsFAAOCAQEATGgbnvqZdvc4HDPSqYYAckVz6tLjz2JyT9s9
A/o8oBYhRMqbbdtcZVePfDdCmGhoEYqvIt4ub54GjPYO5Ax6fJV/2FyiwmXTyLPE
2Q4IzJxj4bkIpQUEmn9Kt59j43hs/o/wlJXl6eLcoAOA+Jt+K+GagB/J8EbKWsSb
LNQ//2JldSOxio2+05zp/d6/rF1aLdeI9Fzb6A93h8ruYdpCa/o2oavbIARm1H8R
Uu8Ky6CvVduDwea+m5eIdE/4ASply9vFzK/VtJC9X4thsehpgWg3btA0ReyMmmap
Qqh2aq7kXW2zivinyeGdlTYQxhE72et5avFyN1XosazGfTeR3Q==
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:06:43 2026 by rpki-client