Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2cee858e-c572-427b-8123-23b2e05abc40.roa
File: 2cee858e-c572-427b-8123-23b2e05abc40.roa (raw, json)
Hash identifier: 9LXj/21J7Se6Z0AeLPj67x3ErbynZOBXytrU0r+c88Y=
Subject key identifier: B8:98:46:97:DD:D1:F9:5E:ED:D2:AE:A7:D1:7B:BF:B3:8F:09:61:2C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4091742A1C8D34D34CBD6ECA10669DEF954A8A67
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2cee858e-c572-427b-8123-23b2e05abc40.roa
Signing time: Tue 19 May 2026 04:30:29 +0000
ROA not before: Tue 19 May 2026 04:30:29 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:c080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:91:74:2a:1c:8d:34:d3:4c:bd:6e:ca:10:66:9d:ef:95:4a:8a:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:30:29 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=0cc5b97f888556b4402f9ffb68cc6decefc1228b58af399934f3083606f4ef49, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:0c:40:c5:bc:a1:bb:37:67:65:65:2b:78:eb:
46:a8:c5:90:92:48:6c:e2:35:82:f8:89:8a:9f:fd:
45:eb:4f:cf:d6:73:80:ae:6e:7f:f6:b3:59:ef:63:
9e:06:ff:ad:9f:10:3a:1b:be:7c:83:fa:fa:8e:65:
36:6a:41:02:35:5e:b6:6b:39:a9:f0:b2:98:dd:e5:
22:3b:ed:cb:19:26:fc:fb:fb:32:84:8e:51:b3:b7:
87:e3:7d:f5:34:b3:51:3c:99:ad:92:25:af:bf:41:
7a:40:83:d6:ea:d3:11:dd:f0:4b:26:71:57:22:a3:
bd:c9:f2:0b:62:ce:59:96:7f:34:4c:af:a2:fc:76:
47:32:b2:e8:91:3d:19:8c:9a:bf:0d:09:2f:f1:c1:
06:2e:d6:e2:0b:c3:bf:7a:a0:57:99:74:c6:56:d2:
a6:b7:15:1f:1d:1b:8f:3e:19:9a:48:e0:7b:31:67:
bc:44:b9:a4:35:19:a1:a1:e4:83:34:06:52:75:60:
19:b2:9a:5e:ab:3e:d4:61:72:ee:88:f8:f8:fa:42:
6c:e5:2c:43:86:74:d0:2e:5f:21:75:13:a6:a2:a3:
34:aa:df:43:9c:48:17:97:9b:92:c0:08:2d:b6:12:
1e:ea:eb:86:d5:7d:89:58:2a:64:d5:24:75:a2:de:
fb:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:98:46:97:DD:D1:F9:5E:ED:D2:AE:A7:D1:7B:BF:B3:8F:09:61:2C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2cee858e-c572-427b-8123-23b2e05abc40.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:c080::/48
Signature Algorithm: sha256WithRSAEncryption
4e:5b:27:e6:e5:de:a7:db:30:0f:98:48:ca:1e:99:fe:60:81:
99:f1:9c:af:b4:53:16:79:38:26:49:e5:97:a7:36:96:26:43:
20:97:ba:91:8e:c1:01:f1:f2:34:b0:7a:0d:d6:e3:27:b4:26:
dd:e9:0c:3a:27:35:74:7b:e6:44:5e:5c:65:3c:3d:b6:fa:76:
7e:31:20:2d:14:b6:b4:ef:10:cb:85:75:ef:3b:0e:3a:1b:86:
51:8a:68:77:a2:a8:d4:99:e4:53:7a:c5:1b:c0:95:cb:f5:d6:
12:41:6b:5e:1f:3b:19:57:f9:57:fc:ba:41:c1:aa:ba:71:91:
f3:89:06:2b:bc:5e:d0:71:4d:4e:11:83:4a:fa:e3:27:69:96:
2b:5e:51:a6:ae:99:2a:bd:48:d5:af:68:9c:78:e1:de:fc:51:
0a:08:d2:7a:63:fe:40:54:b9:ce:13:65:17:5c:5f:61:ed:b6:
9f:f7:05:b0:1b:4d:ef:d3:1a:23:2b:2c:85:00:f9:14:df:f6:
6c:d7:57:6b:ef:ca:78:b5:72:de:51:56:39:af:f3:ea:ed:d5:
66:9e:2d:66:34:05:9f:7e:56:07:de:f7:3a:b6:79:f7:37:ce:
16:78:af:d8:20:5c:50:b2:a7:cd:7c:23:92:42:f3:17:bc:8d:
f0:54:71:fa
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUQJF0KhyNNNNMvW7KEGad75VKimcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDMwMjlaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDBjYzViOTdmODg4NTU2YjQ0MDJmOWZmYjY4Y2M2ZGVjZWZjMTIyOGI1OGFm
Mzk5OTM0ZjMwODM2MDZmNGVmNDkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKsMQMW8obs3Z2VlK3jrRqjFkJJIbOI1gviJip/9RetPz9ZzgK5uf/azWe9j
ngb/rZ8QOhu+fIP6+o5lNmpBAjVetms5qfCymN3lIjvtyxkm/Pv7MoSOUbO3h+N9
9TSzUTyZrZIlr79BekCD1urTEd3wSyZxVyKjvcnyC2LOWZZ/NEyvovx2RzKy6JE9
GYyavw0JL/HBBi7W4gvDv3qgV5l0xlbSprcVHx0bjz4ZmkjgezFnvES5pDUZoaHk
gzQGUnVgGbKaXqs+1GFy7oj4+PpCbOUsQ4Z00C5fIXUTpqKjNKrfQ5xIF5ebksAI
LbYSHurrhtV9iVgqZNUkdaLe+0sCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS4mEaX
3dH5Xu3SrqfRe7+zjwlhLDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmNlZTg1OGUtYzU3Mi00MjdiLTgxMjMtMjNiMmUwNWFiYzQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HLA
gDANBgkqhkiG9w0BAQsFAAOCAQEATlsn5uXep9swD5hIyh6Z/mCBmfGcr7RTFnk4
Jknll6c2liZDIJe6kY7BAfHyNLB6DdbjJ7Qm3ekMOic1dHvmRF5cZTw9tvp2fjEg
LRS2tO8Qy4V17zsOOhuGUYpod6Ko1JnkU3rFG8CVy/XWEkFrXh87GVf5V/y6QcGq
unGR84kGK7xe0HFNThGDSvrjJ2mWK15Rpq6ZKr1I1a9onHjh3vxRCgjSemP+QFS5
zhNlF1xfYe22n/cFsBtN79MaIysshQD5FN/2bNdXa+/KeLVy3lFWOa/z6u3VZp4t
ZjQFn35WB973OrZ59zfOFniv2CBcULKnzXwjkkLzF7yN8FRx+g==
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:00:11 2026 by rpki-client