Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2b0de12a-ec1d-465b-8f38-68a2dd6a19df.roa
File: 2b0de12a-ec1d-465b-8f38-68a2dd6a19df.roa (raw, json)
Hash identifier: WdhZno4gGsq5YucCHYheJYb3DfDrgdeG44uCAhl+wnc=
Subject key identifier: F0:11:43:6C:CE:F7:5E:09:51:00:A7:0B:54:83:43:2A:4A:28:E9:E2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 27E5D9A2CF54DE02C81A4436CE96800B83723D1F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2b0de12a-ec1d-465b-8f38-68a2dd6a19df.roa
Signing time: Tue 19 May 2026 04:50:09 +0000
ROA not before: Tue 19 May 2026 04:50:09 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:6000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:e5:d9:a2:cf:54:de:02:c8:1a:44:36:ce:96:80:0b:83:72:3d:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:50:09 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=8ed572a30361c9d7efad1d9a109c87c243a0ed452cd30866c50e5240ff2804a1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:64:e0:42:9b:67:01:9b:6f:e7:df:a2:1a:fb:
a6:c7:a6:60:dd:9f:7b:e0:83:9c:da:54:5f:4a:45:
c8:0d:eb:22:b0:7b:71:b8:55:32:4d:56:10:7c:4f:
25:0d:85:a4:f4:42:60:43:9d:aa:0d:86:81:b8:e5:
fb:1d:1f:f0:ed:c7:24:ed:0a:ce:a0:60:22:d0:53:
aa:48:2f:67:8d:33:18:06:cd:03:06:fd:e3:56:19:
b4:9a:db:e0:8c:8a:ff:be:cc:7f:18:60:2c:f3:f3:
1a:1e:f6:a2:0c:03:3c:47:74:52:cd:05:23:77:d2:
ee:97:41:46:4a:26:32:91:b5:be:04:98:9a:a8:34:
cc:fc:4c:2d:5d:b1:b1:4b:a2:b1:8b:6e:29:52:6a:
c6:01:a3:56:7b:b4:f1:11:37:1b:83:f1:3a:49:99:
41:35:0d:f8:12:cd:c6:d7:a5:ca:35:9b:15:ed:48:
47:23:94:a0:19:10:9a:bf:44:d3:32:61:a1:f9:66:
d6:e9:e3:ff:82:a7:16:ca:ea:af:22:91:43:51:b3:
12:16:e1:0f:89:bd:e8:dc:32:8f:ad:e7:2f:41:2f:
27:9b:82:1f:a9:9a:e7:fb:47:8e:6e:70:3a:11:49:
fe:ed:da:12:7a:3e:68:91:7e:7d:53:17:13:be:b7:
4b:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:11:43:6C:CE:F7:5E:09:51:00:A7:0B:54:83:43:2A:4A:28:E9:E2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2b0de12a-ec1d-465b-8f38-68a2dd6a19df.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:6000::/40
Signature Algorithm: sha256WithRSAEncryption
3a:c6:18:0b:67:24:91:37:3d:47:1a:27:6e:b5:4f:52:ed:b2:
b2:3d:3d:dc:8b:dd:61:27:31:b4:41:53:87:68:da:65:12:d9:
f2:4c:a3:b3:0b:7e:3f:84:0d:19:67:9e:8a:b3:c5:1d:62:f0:
89:39:8f:8f:29:d4:d1:ec:a0:a9:d9:ee:a2:34:93:7c:ce:f2:
08:14:4f:67:c2:6d:0d:59:06:11:cc:86:e2:8e:61:73:ab:1c:
ca:31:ac:14:b4:67:97:fb:70:2f:ea:4e:a9:cd:ec:42:37:ab:
c9:d8:58:32:6e:1a:b6:46:5e:04:ea:f8:30:ce:06:57:fb:c5:
5d:bb:b0:92:05:ba:21:ea:d0:e6:3b:d0:73:ee:98:72:1b:80:
ac:b7:07:c2:d8:08:6a:b4:07:32:bb:ae:9e:9b:27:6b:bb:5b:
a2:c6:c7:f4:e3:71:26:58:e0:66:c4:c0:1e:94:21:80:33:b6:
20:3e:33:07:23:5b:c1:e6:b7:47:73:5f:b5:31:f4:e8:7f:5a:
9c:1c:d6:55:96:86:c9:49:9b:69:d7:b9:ad:e3:49:55:8b:cb:
86:6f:83:7e:be:36:0a:aa:86:40:54:fc:b4:ec:1d:91:7d:28:
de:ad:0c:95:29:be:96:0e:5e:92:52:73:10:66:d7:a5:6f:12:
c7:78:de:ac
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJ+XZos9U3gLIGkQ2zpaAC4NyPR8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDUwMDlaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDhlZDU3MmEzMDM2MWM5ZDdlZmFkMWQ5YTEwOWM4N2MyNDNhMGVkNDUyY2Qz
MDg2NmM1MGU1MjQwZmYyODA0YTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK5k4EKbZwGbb+ffohr7psemYN2fe+CDnNpUX0pFyA3rIrB7cbhVMk1WEHxP
JQ2FpPRCYEOdqg2Ggbjl+x0f8O3HJO0KzqBgItBTqkgvZ40zGAbNAwb941YZtJrb
4IyK/77MfxhgLPPzGh72ogwDPEd0Us0FI3fS7pdBRkomMpG1vgSYmqg0zPxMLV2x
sUuisYtuKVJqxgGjVnu08RE3G4PxOkmZQTUN+BLNxtelyjWbFe1IRyOUoBkQmr9E
0zJhoflm1unj/4KnFsrqryKRQ1GzEhbhD4m96Nwyj63nL0EvJ5uCH6ma5/tHjm5w
OhFJ/u3aEno+aJF+fVMXE763Sy0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTwEUNs
zvdeCVEApwtUg0MqSijp4jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmIwZGUxMmEtZWMxZC00NjViLThmMzgtNjhhMmRkNmExOWRmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ABg
MA0GCSqGSIb3DQEBCwUAA4IBAQA6xhgLZySRNz1HGidutU9S7bKyPT3ci91hJzG0
QVOHaNplEtnyTKOzC34/hA0ZZ56Ks8UdYvCJOY+PKdTR7KCp2e6iNJN8zvIIFE9n
wm0NWQYRzIbijmFzqxzKMawUtGeX+3Av6k6pzexCN6vJ2Fgybhq2Rl4E6vgwzgZX
+8Vdu7CSBboh6tDmO9Bz7phyG4CstwfC2AhqtAcyu66emydru1uixsf043EmWOBm
xMAelCGAM7YgPjMHI1vB5rdHc1+1MfTof1qcHNZVlobJSZtp17mt40lVi8uGb4N+
vjYKqoZAVPy07B2RfSjerQyVKb6WDl6SUnMQZtelbxLHeN6s
-----END CERTIFICATE-----
Generated at Sat Jun 13 07:59:16 2026 by rpki-client