Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35ae0aa1-bb4f-48d3-9926-1e5852d54c6d.roa
File: 35ae0aa1-bb4f-48d3-9926-1e5852d54c6d.roa (raw, json)
Hash identifier: tgSz3UBKpNQRGIjeQG2WnKWShQcZrHZU+sk+IMEevV0=
Subject key identifier: 3D:A5:A3:1C:28:8B:0A:6F:A5:C5:1B:D9:5C:4B:01:0E:E8:D4:55:2B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0F1AC1567DCBBEFF3EDFB8B65B9D6D8E0691AD11
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35ae0aa1-bb4f-48d3-9926-1e5852d54c6d.roa
Signing time: Tue 19 May 2026 04:50:41 +0000
ROA not before: Tue 19 May 2026 04:50:41 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:40a0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:1a:c1:56:7d:cb:be:ff:3e:df:b8:b6:5b:9d:6d:8e:06:91:ad:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:50:41 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=d35be08c3ab3ca354cdf4c630c33cf9ef352388a5941f744a1439a2e90c6e1a0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:83:ac:57:73:33:dd:a6:97:49:c2:45:e7:da:
25:95:22:e4:de:61:26:ef:8d:82:01:1c:8b:3d:24:
8c:a0:42:a9:8c:51:4f:a9:bd:ae:e4:97:9a:68:d2:
d2:25:22:5a:69:de:41:75:10:19:9d:26:ba:eb:f4:
6a:90:49:95:f6:4c:6f:df:4b:ef:0d:55:e7:9f:10:
07:9c:07:16:f7:f1:67:9a:81:37:ed:e7:ab:aa:e6:
43:30:d9:f4:a0:ae:cc:f0:98:91:77:19:eb:03:ab:
25:f2:7c:eb:37:16:38:e7:23:5f:ad:ea:eb:d5:0a:
81:34:f6:00:3b:53:f5:4b:66:e0:d5:ae:36:62:bc:
af:44:3b:ed:34:6d:24:fa:fb:e4:f6:3b:af:32:44:
06:48:60:63:8f:fc:3e:3f:80:8d:85:d3:e0:81:85:
91:42:ff:bb:13:e7:2f:f4:6e:f6:ba:13:53:04:89:
71:be:15:13:8e:a5:01:f3:c5:40:cb:77:f6:88:3d:
6b:0c:8c:5e:14:d2:a9:ff:22:df:95:0a:f7:dd:81:
2f:b6:3e:f9:3c:c5:b0:2d:84:0c:52:91:26:c4:aa:
1b:46:ba:dc:2b:85:0f:fb:bb:5e:99:0a:80:4a:93:
33:49:69:91:d2:31:e5:67:33:5d:07:ae:22:d3:60:
a7:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:A5:A3:1C:28:8B:0A:6F:A5:C5:1B:D9:5C:4B:01:0E:E8:D4:55:2B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35ae0aa1-bb4f-48d3-9926-1e5852d54c6d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:40a0::/48
Signature Algorithm: sha256WithRSAEncryption
2e:61:9d:6d:a7:e9:4f:6e:df:74:0d:a0:75:c8:af:04:97:25:
28:af:2e:49:07:4c:2d:95:0e:7b:b5:59:12:a1:6c:db:27:2e:
2f:5f:bc:5f:6c:98:cc:97:eb:fa:6b:d4:70:ad:df:03:34:01:
b2:23:c3:a4:a5:16:bd:18:61:d0:3f:c6:46:bb:41:09:31:3a:
e2:95:09:fe:6f:2d:85:b9:9c:c0:9f:f8:94:dc:b5:6a:27:e0:
d7:ee:88:e6:cd:8e:13:fa:51:1c:0c:9f:8d:8b:97:8a:5b:32:
d1:19:c6:26:ec:d6:24:53:67:f9:b4:d4:77:0e:4a:4f:26:a5:
f2:83:f2:23:a4:35:21:fc:41:8c:72:a9:cc:18:7d:43:80:fe:
6e:ab:a0:e6:68:b4:5f:ac:69:27:af:3e:1e:ab:f8:c2:60:56:
82:7c:24:b4:56:70:b1:64:4d:da:2c:3b:b6:cf:95:b4:8c:9e:
62:16:01:03:8d:a0:a3:f2:48:bf:52:fe:52:ce:1c:5b:3b:ac:
13:a6:82:50:9b:eb:7b:a0:95:78:c3:31:73:21:00:12:ab:c2:
94:98:31:eb:d9:ce:3a:fb:26:85:54:66:00:ad:8c:74:67:94:
19:a9:b4:fd:41:e6:5b:49:58:2f:97:ca:65:20:42:e6:cc:e5:
ae:ff:0e:39
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUDxrBVn3Lvv8+37i2W51tjgaRrREwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDUwNDFaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGQzNWJlMDhjM2FiM2NhMzU0Y2RmNGM2MzBjMzNjZjllZjM1MjM4OGE1OTQx
Zjc0NGExNDM5YTJlOTBjNmUxYTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALeDrFdzM92ml0nCRefaJZUi5N5hJu+NggEciz0kjKBCqYxRT6m9ruSXmmjS
0iUiWmneQXUQGZ0muuv0apBJlfZMb99L7w1V558QB5wHFvfxZ5qBN+3nq6rmQzDZ
9KCuzPCYkXcZ6wOrJfJ86zcWOOcjX63q69UKgTT2ADtT9Utm4NWuNmK8r0Q77TRt
JPr75PY7rzJEBkhgY4/8Pj+AjYXT4IGFkUL/uxPnL/Ru9roTUwSJcb4VE46lAfPF
QMt39og9awyMXhTSqf8i35UK992BL7Y++TzFsC2EDFKRJsSqG0a63CuFD/u7XpkK
gEqTM0lpkdIx5WczXQeuItNgpwUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQ9paMc
KIsKb6XFG9lcSwEO6NRVKzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzVhZTBhYTEtYmI0Zi00OGQzLTk5MjYtMWU1ODUyZDU0YzZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9A
oDANBgkqhkiG9w0BAQsFAAOCAQEALmGdbafpT27fdA2gdcivBJclKK8uSQdMLZUO
e7VZEqFs2ycuL1+8X2yYzJfr+mvUcK3fAzQBsiPDpKUWvRhh0D/GRrtBCTE64pUJ
/m8thbmcwJ/4lNy1aifg1+6I5s2OE/pRHAyfjYuXilsy0RnGJuzWJFNn+bTUdw5K
Tyal8oPyI6Q1IfxBjHKpzBh9Q4D+bqug5mi0X6xpJ68+Hqv4wmBWgnwktFZwsWRN
2iw7ts+VtIyeYhYBA42go/JIv1L+Us4cWzusE6aCUJvre6CVeMMxcyEAEqvClJgx
69nOOvsmhVRmAK2MdGeUGam0/UHmW0lYL5fKZSBC5szlrv8OOQ==
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:00:15 2026 by rpki-client