Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2c5ba673-6d9a-4ef2-b8a0-11d0ddbf302c.roa
File: 2c5ba673-6d9a-4ef2-b8a0-11d0ddbf302c.roa (raw, json)
Hash identifier: r49qpcTi2u2+T6CvFX5evdJSz1WPL+l24+TDqcKFlU8=
Subject key identifier: 89:19:1E:2B:49:D1:D3:16:FB:5B:5B:86:4D:8B:E5:DF:CE:02:3C:FE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0BD97A05543B74BD56096BDCD01592FAD3C8AF18
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2c5ba673-6d9a-4ef2-b8a0-11d0ddbf302c.roa
Signing time: Wed 20 May 2026 00:00:04 +0000
ROA not before: Wed 20 May 2026 00:00:04 +0000
ROA not after: Tue 18 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d014::/35 maxlen: 35
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:d9:7a:05:54:3b:74:bd:56:09:6b:dc:d0:15:92:fa:d3:c8:af:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 00:00:04 2026 GMT
Not After : Aug 18 23:59:59 2026 GMT
Subject: serialNumber=e2e8a95f62abe24f1f8f67e3289f47f4ddc67b88361f612fbca4e702a898c1ae, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:65:b1:6f:9f:e1:41:f5:cf:b5:bb:c1:10:67:
b5:7b:a5:c3:95:1f:eb:20:3d:fa:7e:06:8c:f6:fe:
87:d7:7c:0a:b3:3b:b5:01:38:ee:6c:3a:3d:22:56:
bc:5c:47:74:6b:a4:5e:21:92:0a:e5:07:fc:78:46:
17:52:87:0d:02:0d:d8:3a:78:23:fa:88:ee:c1:c5:
ea:a8:2e:21:1d:a4:21:5b:37:96:df:2c:a8:fe:45:
74:e8:28:90:24:e3:46:ce:33:f5:be:8d:9a:01:cb:
22:fa:69:56:69:db:24:92:27:13:ee:0f:29:52:e8:
81:02:be:7d:bd:76:bb:67:6f:7b:99:93:5d:12:09:
3c:f3:48:f7:3d:85:73:f1:bd:13:a7:d2:18:26:4e:
79:d3:6e:4b:97:11:2e:f5:df:69:9b:d9:86:65:0b:
a8:85:e7:82:7d:8a:23:0e:53:8a:18:da:4c:74:2f:
9d:70:53:08:d0:6b:92:9a:23:50:0b:ff:47:d9:db:
4a:2f:ba:6e:8b:26:24:21:3a:f1:48:31:34:97:f3:
e5:ad:e7:f5:9d:3a:ba:f2:67:7d:70:b6:1e:88:ea:
bf:6c:1a:be:e3:5d:31:e6:a9:43:f5:52:41:1e:be:
3a:eb:6a:00:97:e3:cc:f6:2b:69:ca:f1:3d:a1:56:
90:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:19:1E:2B:49:D1:D3:16:FB:5B:5B:86:4D:8B:E5:DF:CE:02:3C:FE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2c5ba673-6d9a-4ef2-b8a0-11d0ddbf302c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d014::/35
Signature Algorithm: sha256WithRSAEncryption
41:89:55:26:ab:e9:2f:39:77:14:49:4e:16:ea:32:74:a4:32:
16:76:d1:d4:7b:0c:56:eb:43:da:1c:2b:10:c6:4e:d4:32:e5:
6b:19:ec:70:0c:5a:19:25:c7:ff:a6:4c:c2:98:dc:75:98:9b:
18:3d:ce:5f:4c:73:9d:1b:c8:d3:8f:a0:aa:87:59:ed:f5:e2:
4d:2c:93:47:dd:36:ad:85:0f:97:24:d1:c8:e9:d8:7a:91:26:
82:41:a8:c9:29:b4:5a:6c:fa:36:2b:cd:5f:9c:c1:bb:97:49:
8f:ec:cc:1e:b7:dd:da:4a:d4:28:f0:f9:98:26:d1:e4:6c:a7:
42:89:fa:f7:ad:ff:eb:c0:d7:c6:cd:04:c3:f6:36:0a:a9:cc:
e8:01:f2:ea:06:2b:37:e1:0e:88:11:13:a5:9c:32:d0:fa:15:
ea:a7:ef:61:ef:53:aa:11:05:2e:55:85:e9:72:0a:56:8b:a7:
48:1f:28:92:20:4e:c9:9c:bc:f5:5b:6b:21:ac:b1:26:57:55:
2f:c7:8a:fe:b4:76:f7:02:f5:1c:cd:c5:55:65:5f:93:85:c3:
ce:69:29:90:9b:5c:21:2c:8c:f9:e3:42:fd:7b:99:77:c1:2f:
a7:65:38:3c:56:70:cd:6e:19:97:55:d9:a8:88:85:8d:d4:65:
35:b0:30:d6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUC9l6BVQ7dL1WCWvc0BWS+tPIrxgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MjAwMDAwMDRaFw0yNjA4MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQGUyZThhOTVmNjJhYmUyNGYxZjhmNjdlMzI4OWY0N2Y0ZGRjNjdiODgzNjFm
NjEyZmJjYTRlNzAyYTg5OGMxYWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANtlsW+f4UH1z7W7wRBntXulw5Uf6yA9+n4GjPb+h9d8CrM7tQE47mw6PSJW
vFxHdGukXiGSCuUH/HhGF1KHDQIN2Dp4I/qI7sHF6qguIR2kIVs3lt8sqP5FdOgo
kCTjRs4z9b6NmgHLIvppVmnbJJInE+4PKVLogQK+fb12u2dve5mTXRIJPPNI9z2F
c/G9E6fSGCZOedNuS5cRLvXfaZvZhmULqIXngn2KIw5TihjaTHQvnXBTCNBrkpoj
UAv/R9nbSi+6bosmJCE68UgxNJfz5a3n9Z06uvJnfXC2Hojqv2wavuNdMeapQ/VS
QR6+OutqAJfjzPYracrxPaFWkCUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSJGR4r
SdHTFvtbW4ZNi+XfzgI8/jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmM1YmE2NzMtNmQ5YS00ZWYyLWI4YTAtMTFkMGRkYmYzMDJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBSoF0BQA
MA0GCSqGSIb3DQEBCwUAA4IBAQBBiVUmq+kvOXcUSU4W6jJ0pDIWdtHUewxW60Pa
HCsQxk7UMuVrGexwDFoZJcf/pkzCmNx1mJsYPc5fTHOdG8jTj6Cqh1nt9eJNLJNH
3TathQ+XJNHI6dh6kSaCQajJKbRabPo2K81fnMG7l0mP7Mwet93aStQo8PmYJtHk
bKdCifr3rf/rwNfGzQTD9jYKqczoAfLqBis34Q6IEROlnDLQ+hXqp+9h71OqEQUu
VYXpcgpWi6dIHyiSIE7JnLz1W2shrLEmV1Uvx4r+tHb3AvUczcVVZV+ThcPOaSmQ
m1whLIz540L9e5l3wS+nZTg8VnDNbhmXVdmoiIWN1GU1sDDW
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:11:40 2026 by rpki-client