Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/34da2636-4c93-4f68-b95d-0279f3b48717.roa
File: 34da2636-4c93-4f68-b95d-0279f3b48717.roa (raw, json)
Hash identifier: KuGqfYlw/Bn/R5E7u/qTzbo5paLJjTl6/aW+OqLWdvw=
Subject key identifier: 27:57:47:A4:22:D0:F3:FE:06:C9:75:1A:38:7F:B4:04:F6:41:C3:A6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 37B8DCF2B6F88A48965B939286F36468EC827AF4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/34da2636-4c93-4f68-b95d-0279f3b48717.roa
Signing time: Sun 31 May 2026 01:00:06 +0000
ROA not before: Sun 31 May 2026 01:00:06 +0000
ROA not after: Sat 29 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d05a:4040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:b8:dc:f2:b6:f8:8a:48:96:5b:93:92:86:f3:64:68:ec:82:7a:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 31 01:00:06 2026 GMT
Not After : Aug 29 23:59:59 2026 GMT
Subject: serialNumber=b0d05f145dc6a7b304be07aba1a7becec463f3f352a5da1f88e4a0cd40aaa074, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:58:d6:54:2e:1a:ea:67:3c:b6:8a:3e:71:cb:
f2:70:b0:ee:c3:cb:14:26:32:e7:3c:45:92:dd:e5:
61:02:f1:64:07:b2:fa:b1:3e:26:1c:af:2d:87:40:
dc:bf:5d:b7:a0:bd:55:05:51:87:55:3d:ee:43:3e:
9d:1f:76:f7:bb:ac:d6:b1:3d:7e:12:a6:29:94:90:
66:1d:91:f0:36:cd:8f:2d:34:31:33:fa:bd:cd:2a:
76:12:59:c5:a2:ba:71:9e:2f:cd:e4:d1:6a:dd:ab:
31:84:95:76:09:66:ae:7f:e3:1b:f5:96:e4:dd:61:
a8:c2:dc:55:87:e7:47:4e:f5:96:e2:df:3a:8b:ec:
d8:cf:a7:56:a7:d9:ff:47:06:6f:10:74:3d:c0:b4:
3a:d5:fd:07:90:f4:6a:c0:43:79:6e:e1:a6:e6:18:
e7:3e:cf:67:d4:2c:48:72:7f:48:9f:5f:9f:32:c1:
73:9d:b9:77:aa:c5:08:88:04:86:af:e6:1e:d9:52:
7d:7a:60:74:e5:ec:13:ca:99:80:00:d4:6b:0b:d3:
92:54:4e:d1:36:a1:67:ff:33:82:76:9f:de:be:8f:
2d:09:ed:b2:50:b4:d8:32:7f:b5:38:e9:1d:d2:95:
0e:e1:55:71:75:99:13:aa:ad:fc:a2:bd:eb:f0:4a:
c2:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:57:47:A4:22:D0:F3:FE:06:C9:75:1A:38:7F:B4:04:F6:41:C3:A6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/34da2636-4c93-4f68-b95d-0279f3b48717.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d05a:4040::/48
Signature Algorithm: sha256WithRSAEncryption
6a:17:6f:62:84:93:92:f5:80:d2:09:99:ed:f9:12:01:82:58:
1e:dd:7f:b4:cc:60:50:2d:22:57:2e:97:61:e4:10:ff:f9:2d:
69:83:00:0a:50:8c:ec:4d:40:e6:5f:36:35:83:2a:de:7d:5b:
4e:d4:60:24:20:04:22:15:ef:f3:86:b0:ca:13:e0:0d:42:23:
d2:2c:67:8a:d0:a3:76:84:63:87:2b:ef:05:cf:95:45:d5:fe:
01:14:83:29:fe:e6:48:51:a4:2c:9b:09:67:7c:5f:38:98:d2:
ab:2c:74:a1:5b:28:04:1a:48:2c:77:55:a6:04:09:7d:9b:a6:
30:34:bc:31:b3:0c:0f:66:be:14:20:fa:c2:07:86:3c:09:91:
87:90:20:03:b3:54:b8:38:df:e7:e0:32:b9:dc:51:80:43:02:
6a:c8:1a:b5:0a:ab:49:a8:ed:47:ca:16:56:5f:68:6b:e6:f7:
9f:0f:cd:d0:e7:07:9a:04:64:1c:4f:9c:ec:9c:59:80:bb:c9:
c1:45:29:0a:d3:d5:5f:8b:cd:3e:38:c4:a8:cc:71:37:0e:c9:
4a:a1:20:c5:8c:de:0b:e1:bd:73:66:6b:a4:d9:dd:3b:bd:fb:
ab:72:4f:a1:09:d4:e7:ae:9b:e1:73:27:9f:fd:6c:61:e1:11:
06:b9:f1:ac
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUN7jc8rb4ikiWW5OShvNkaOyCevQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MzEwMTAwMDZaFw0yNjA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGIwZDA1ZjE0NWRjNmE3YjMwNGJlMDdhYmExYTdiZWNlYzQ2M2YzZjM1MmE1
ZGExZjg4ZTRhMGNkNDBhYWEwNzQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPFY1lQuGupnPLaKPnHL8nCw7sPLFCYy5zxFkt3lYQLxZAey+rE+JhyvLYdA
3L9dt6C9VQVRh1U97kM+nR9297us1rE9fhKmKZSQZh2R8DbNjy00MTP6vc0qdhJZ
xaK6cZ4vzeTRat2rMYSVdglmrn/jG/WW5N1hqMLcVYfnR071luLfOovs2M+nVqfZ
/0cGbxB0PcC0OtX9B5D0asBDeW7hpuYY5z7PZ9QsSHJ/SJ9fnzLBc525d6rFCIgE
hq/mHtlSfXpgdOXsE8qZgADUawvTklRO0TahZ/8zgnaf3r6PLQntslC02DJ/tTjp
HdKVDuFVcXWZE6qt/KK96/BKwvMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQnV0ek
ItDz/gbJdRo4f7QE9kHDpjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzRkYTI2MzYtNGM5My00ZjY4LWI5NWQtMDI3OWYzYjQ4NzE3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0FpA
QDANBgkqhkiG9w0BAQsFAAOCAQEAahdvYoSTkvWA0gmZ7fkSAYJYHt1/tMxgUC0i
Vy6XYeQQ//ktaYMAClCM7E1A5l82NYMq3n1bTtRgJCAEIhXv84awyhPgDUIj0ixn
itCjdoRjhyvvBc+VRdX+ARSDKf7mSFGkLJsJZ3xfOJjSqyx0oVsoBBpILHdVpgQJ
fZumMDS8MbMMD2a+FCD6wgeGPAmRh5AgA7NUuDjf5+AyudxRgEMCasgatQqrSajt
R8oWVl9oa+b3nw/N0OcHmgRkHE+c7JxZgLvJwUUpCtPVX4vNPjjEqMxxNw7JSqEg
xYzeC+G9c2ZrpNndO737q3JPoQnU566b4XMnn/1sYeERBrnxrA==
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:01:17 2026 by rpki-client