Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/357c6622-9161-44d7-ab13-6ea6e0bed2e9.roa
File: 357c6622-9161-44d7-ab13-6ea6e0bed2e9.roa (raw, json)
Hash identifier: +Y703UA1ONrk+fEJUYAVe1wVOcVDSQRcpy8kw5dd50k=
Subject key identifier: E5:91:1E:88:66:61:09:47:21:0A:BD:45:62:51:55:33:6C:16:AE:1D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0953350E023EF485FFDD83C55C0B4FFB259704C5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/357c6622-9161-44d7-ab13-6ea6e0bed2e9.roa
Signing time: Tue 19 May 2026 05:20:06 +0000
ROA not before: Tue 19 May 2026 05:20:06 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:1000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:53:35:0e:02:3e:f4:85:ff:dd:83:c5:5c:0b:4f:fb:25:97:04:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:20:06 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=fa21d656fc4d59846157af95e9ea10e1ae6acc8fd3458d46f4de9973bbd33ff5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:6a:17:be:d1:11:ab:c9:55:56:67:be:84:72:
09:de:8d:19:c0:2d:40:90:3c:01:bc:fd:58:93:65:
f4:fa:03:49:5d:e7:4f:97:60:ca:10:ac:f4:96:42:
71:c5:28:5d:e8:4a:58:cc:66:2e:be:ac:65:0b:22:
3b:f1:82:ea:ef:42:9b:83:75:a2:78:ed:a2:11:97:
e5:c4:05:7b:41:23:c4:7b:9b:ef:2f:e4:01:e4:71:
51:fd:c6:dd:9e:1f:28:3f:1d:ab:17:52:3e:2a:bb:
38:0e:ca:69:e2:8d:b2:25:05:f5:52:f3:96:93:50:
4b:49:f5:50:1d:1d:f8:16:ba:86:ef:c2:1a:bb:40:
30:f8:d7:be:d8:25:c6:3d:9c:2e:24:81:bd:8e:3f:
7c:74:89:5c:c9:c2:4e:7a:fc:3b:4b:90:1c:53:14:
d7:8f:5b:23:d3:3b:7b:ac:57:ce:24:cf:c6:df:0a:
db:62:48:43:e3:9e:05:77:c4:aa:73:5a:46:af:54:
42:3d:37:03:5e:57:f8:80:18:05:fb:92:23:4a:9a:
33:74:6a:9a:48:af:04:b8:13:5a:8b:85:bb:6b:57:
71:59:be:d8:28:b7:ed:07:34:0e:1e:75:fc:20:50:
3b:3f:cc:fb:b7:3d:13:65:64:f0:87:73:6c:e0:1f:
1a:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:91:1E:88:66:61:09:47:21:0A:BD:45:62:51:55:33:6C:16:AE:1D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/357c6622-9161-44d7-ab13-6ea6e0bed2e9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:1000::/40
Signature Algorithm: sha256WithRSAEncryption
7d:48:e6:4c:ee:9b:86:7e:cb:b6:ad:a8:18:74:03:3b:b3:2b:
b2:06:e6:5b:30:6c:6e:9a:88:b3:56:13:cd:88:37:a3:05:5d:
6b:0e:3a:f9:9d:71:4d:c4:09:cb:54:ab:0a:33:8f:0e:2f:66:
2b:ad:03:99:22:3e:da:89:70:0e:57:f6:28:d5:84:db:e0:e4:
27:5c:e8:b9:f2:1f:9e:2c:06:1e:7e:de:b8:96:d3:2c:3a:fc:
37:84:a9:ed:c3:d7:ac:60:6c:46:e0:ce:a7:58:4d:b1:49:5e:
dd:b1:f8:da:70:b5:ca:e8:f2:df:a8:e7:ed:e0:54:f8:a2:9f:
21:0f:0f:86:95:b6:2c:6b:89:d6:c6:21:d2:4d:9f:ec:ae:cf:
49:b7:b3:e7:cf:bf:37:72:fb:69:9c:eb:09:7c:e3:d0:65:ea:
64:dc:06:37:ec:a7:9c:2a:61:6f:05:d0:c1:95:73:d1:a0:7f:
9d:88:e3:73:3c:0f:f0:4f:8a:9a:73:4d:c6:47:68:a7:a6:c4:
5a:c2:1e:7f:65:6c:6b:00:0c:ce:35:50:1b:2c:ee:4c:83:42:
6c:0d:97:88:13:04:86:93:99:0e:53:71:dc:dc:fd:55:ce:dd:
42:11:67:4a:25:8c:3a:7d:0b:8b:9a:38:c1:bb:ff:79:63:a3:
85:04:39:85
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCVM1DgI+9IX/3YPFXAtP+yWXBMUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTIwMDZaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGZhMjFkNjU2ZmM0ZDU5ODQ2MTU3YWY5NWU5ZWExMGUxYWU2YWNjOGZkMzQ1
OGQ0NmY0ZGU5OTczYmJkMzNmZjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI5qF77REavJVVZnvoRyCd6NGcAtQJA8Abz9WJNl9PoDSV3nT5dgyhCs9JZC
ccUoXehKWMxmLr6sZQsiO/GC6u9Cm4N1onjtohGX5cQFe0EjxHub7y/kAeRxUf3G
3Z4fKD8dqxdSPiq7OA7KaeKNsiUF9VLzlpNQS0n1UB0d+Ba6hu/CGrtAMPjXvtgl
xj2cLiSBvY4/fHSJXMnCTnr8O0uQHFMU149bI9M7e6xXziTPxt8K22JIQ+OeBXfE
qnNaRq9UQj03A15X+IAYBfuSI0qaM3RqmkivBLgTWouFu2tXcVm+2Ci37Qc0Dh51
/CBQOz/M+7c9E2Vk8IdzbOAfGpkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTlkR6I
ZmEJRyEKvUViUVUzbBauHTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzU3YzY2MjItOTE2MS00NGQ3LWFiMTMtNmVhNmUwYmVkMmU5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HIQ
MA0GCSqGSIb3DQEBCwUAA4IBAQB9SOZM7puGfsu2ragYdAM7syuyBuZbMGxumoiz
VhPNiDejBV1rDjr5nXFNxAnLVKsKM48OL2YrrQOZIj7aiXAOV/Yo1YTb4OQnXOi5
8h+eLAYeft64ltMsOvw3hKntw9esYGxG4M6nWE2xSV7dsfjacLXK6PLfqOft4FT4
op8hDw+GlbYsa4nWxiHSTZ/srs9Jt7Pnz783cvtpnOsJfOPQZepk3AY37KecKmFv
BdDBlXPRoH+diONzPA/wT4qac03GR2inpsRawh5/ZWxrAAzONVAbLO5Mg0JsDZeI
EwSGk5kOU3Hc3P1Vzt1CEWdKJYw6fQuLmjjBu/95Y6OFBDmF
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:01:29 2026 by rpki-client