Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/278dd4fa-de02-446c-a4ac-184c5f35a577.roa
File: 278dd4fa-de02-446c-a4ac-184c5f35a577.roa (raw, json)
Hash identifier: HMF+cO4GpgJy9C81JqnFSuxzzMoPDpYoXxVElYnznuY=
Subject key identifier: 50:7A:0A:BB:80:5F:BA:F4:31:50:91:9E:71:3D:B0:0F:6A:EB:8E:C0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 28140B0D49649A9D987E534740883DFC449575EB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/278dd4fa-de02-446c-a4ac-184c5f35a577.roa
Signing time: Tue 19 May 2026 05:40:46 +0000
ROA not before: Tue 19 May 2026 05:40:46 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:a000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:14:0b:0d:49:64:9a:9d:98:7e:53:47:40:88:3d:fc:44:95:75:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:40:46 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=4ba0ad6a1b432c81027f3f3e614fa3e4d298b8baee1d876f04b8464e6d5e213a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:b7:06:a7:16:2c:e4:f9:f3:5c:bc:ae:c4:e0:
3e:4c:fa:04:dd:20:5c:de:f4:c0:54:67:b5:e1:b5:
12:97:1a:b2:b0:0c:21:23:93:6a:c9:e8:52:ba:d8:
7c:f5:2c:0d:b7:e5:4c:98:b7:e1:7b:98:e5:31:2d:
1a:3d:e4:57:44:ea:52:46:2d:34:99:f1:8e:3d:85:
6f:33:0c:6a:52:9d:56:cc:cd:89:8f:a6:16:d0:3d:
15:2f:76:7b:3c:4a:05:76:75:cf:67:b3:b2:ac:aa:
64:86:55:ec:cb:b1:2e:06:29:0c:00:6b:94:d9:20:
2e:06:55:75:9c:1c:b9:92:59:c9:73:96:f2:84:dd:
48:93:a6:42:20:15:85:1d:ba:62:e0:33:3e:ce:1d:
51:4d:d6:7f:80:6f:fb:7c:45:6b:83:80:2e:e7:2d:
34:03:93:0a:9d:66:6f:b6:ed:40:bd:56:2f:65:c4:
8e:d6:72:a1:0b:3e:fd:f7:fa:8b:80:b4:d9:10:b1:
37:bd:21:61:51:61:96:68:6d:6c:a4:5b:8e:bb:51:
2f:ae:15:6f:59:a5:ec:d4:30:26:fd:68:65:ff:63:
d4:e9:35:46:7a:e8:ff:d6:32:19:25:62:61:2b:81:
83:18:df:ff:d7:cc:27:3d:7a:56:d5:77:1d:33:24:
21:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:7A:0A:BB:80:5F:BA:F4:31:50:91:9E:71:3D:B0:0F:6A:EB:8E:C0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/278dd4fa-de02-446c-a4ac-184c5f35a577.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:a000::/40
Signature Algorithm: sha256WithRSAEncryption
40:01:f1:0d:e0:a0:e6:3c:15:fc:7e:85:86:3b:a8:cf:a3:79:
6b:5a:a5:ac:5b:ff:f2:c4:a3:f1:1a:bd:73:0b:88:76:67:83:
91:ee:06:39:0a:de:44:17:7f:83:f1:5d:cf:ff:75:e8:5f:da:
79:c5:c6:21:46:0e:df:7d:9b:58:5d:81:ee:56:64:7e:62:ea:
65:1d:0a:89:f1:1b:a6:af:18:5a:73:1a:a6:19:59:ec:f2:4c:
06:e2:3a:9e:57:9d:65:92:78:f9:ca:03:a6:49:c6:72:92:bc:
33:e5:bc:03:3d:9f:d5:f1:d0:b8:f3:7e:97:d9:d5:25:63:9b:
32:84:e8:ff:d3:a5:03:5c:f3:26:95:e9:07:57:02:d9:ec:48:
ba:2c:98:58:2f:58:1d:94:98:8b:57:74:0e:7c:df:e1:9f:dd:
46:a2:b2:5c:1e:8e:d1:d2:c4:fc:3b:c1:75:5a:36:c2:21:bc:
2d:1f:b0:db:d6:d5:2d:5f:39:7d:c3:b7:67:8a:4d:9e:24:fe:
20:60:d1:20:8b:41:f8:6a:14:2d:d2:91:63:6f:2a:ef:9b:05:
e7:51:17:67:3a:73:01:7f:b0:99:da:59:24:9f:54:c7:dd:2c:
89:18:b8:bc:94:df:42:b3:a9:d5:f0:88:b2:8d:59:15:70:54:
1c:f9:28:dd
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKBQLDUlkmp2YflNHQIg9/ESVdeswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTQwNDZaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDRiYTBhZDZhMWI0MzJjODEwMjdmM2YzZTYxNGZhM2U0ZDI5OGI4YmFlZTFk
ODc2ZjA0Yjg0NjRlNmQ1ZTIxM2ExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJu3BqcWLOT581y8rsTgPkz6BN0gXN70wFRnteG1EpcasrAMISOTasnoUrrY
fPUsDbflTJi34XuY5TEtGj3kV0TqUkYtNJnxjj2FbzMMalKdVszNiY+mFtA9FS92
ezxKBXZ1z2ezsqyqZIZV7MuxLgYpDABrlNkgLgZVdZwcuZJZyXOW8oTdSJOmQiAV
hR26YuAzPs4dUU3Wf4Bv+3xFa4OALuctNAOTCp1mb7btQL1WL2XEjtZyoQs+/ff6
i4C02RCxN70hYVFhlmhtbKRbjrtRL64Vb1ml7NQwJv1oZf9j1Ok1Rnro/9YyGSVi
YSuBgxjf/9fMJz16VtV3HTMkIRECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRQegq7
gF+69DFQkZ5xPbAPauuOwDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Mjc4ZGQ0ZmEtZGUwMi00NDZjLWE0YWMtMTg0YzVmMzVhNTc3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H+g
MA0GCSqGSIb3DQEBCwUAA4IBAQBAAfEN4KDmPBX8foWGO6jPo3lrWqWsW//yxKPx
Gr1zC4h2Z4OR7gY5Ct5EF3+D8V3P/3XoX9p5xcYhRg7ffZtYXYHuVmR+YuplHQqJ
8RumrxhacxqmGVns8kwG4jqeV51lknj5ygOmScZykrwz5bwDPZ/V8dC4836X2dUl
Y5syhOj/06UDXPMmlekHVwLZ7Ei6LJhYL1gdlJiLV3QOfN/hn91GorJcHo7R0sT8
O8F1WjbCIbwtH7Db1tUtXzl9w7dnik2eJP4gYNEgi0H4ahQt0pFjbyrvmwXnURdn
OnMBf7CZ2lkkn1TH3SyJGLi8lN9Cs6nV8IiyjVkVcFQc+Sjd
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:44:10 2026 by rpki-client