Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3ef5e7b8-24ad-41af-8334-2eff292a769d.roa
File: 3ef5e7b8-24ad-41af-8334-2eff292a769d.roa (raw, json)
Hash identifier: 84lWEJJ7PuZ59kxFwsh1jUhs9aoZIbgLhzP5cTd/fks=
Subject key identifier: 7F:A4:29:3A:D4:EF:4A:59:43:E9:08:6F:23:0F:BC:CA:90:85:07:AD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2CC358C782C889C04EF12DA80A22E3E9E6E4F35E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3ef5e7b8-24ad-41af-8334-2eff292a769d.roa
Signing time: Tue 19 May 2026 05:20:20 +0000
ROA not before: Tue 19 May 2026 05:20:20 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:60c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:c3:58:c7:82:c8:89:c0:4e:f1:2d:a8:0a:22:e3:e9:e6:e4:f3:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:20:20 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=80c1d5f549dcb26fbca2029e90ff1e857a05eb8f6bced332a9fe5958db475b42, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:21:6b:c0:7d:c2:e6:bf:68:01:11:80:6b:4c:
f4:25:38:a9:37:b4:33:f9:13:05:5c:92:3c:b0:5c:
f7:87:bb:38:69:94:b5:72:df:05:5c:bd:94:3a:c7:
bc:ad:e4:9c:16:f3:f8:1e:b1:76:fd:5c:49:6f:f2:
71:e7:09:a7:03:5f:5f:63:b9:16:4a:c0:a6:ea:4d:
91:c3:f4:b2:f7:61:ec:3b:c1:f4:70:c0:50:5d:96:
c2:a0:c2:96:0e:bc:60:d5:1a:65:eb:db:ef:78:0c:
48:cb:5a:74:e8:5f:a5:08:42:9e:1e:3c:96:10:b2:
e1:6d:3c:ff:ef:ca:08:2e:6c:00:d5:fc:b2:be:d7:
84:f6:88:f0:07:94:d5:ee:20:84:f2:d8:84:d4:27:
aa:05:67:8f:e4:8d:c6:ec:0e:43:66:54:e1:1d:06:
d7:d9:c0:42:13:72:e8:6d:ef:69:66:47:99:be:88:
54:f0:3a:12:b5:98:48:b5:52:19:31:bf:51:11:f6:
0e:38:86:92:0e:98:e5:fc:68:5b:07:64:78:00:e1:
75:c9:5b:9f:08:10:a1:c3:8a:36:95:38:b3:d8:e1:
90:ee:1f:3c:6f:cf:37:1b:86:44:96:7f:67:12:60:
40:a4:35:69:8a:42:14:17:4e:f1:d2:c6:1e:ee:5b:
c8:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:A4:29:3A:D4:EF:4A:59:43:E9:08:6F:23:0F:BC:CA:90:85:07:AD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3ef5e7b8-24ad-41af-8334-2eff292a769d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:60c0::/48
Signature Algorithm: sha256WithRSAEncryption
99:71:43:07:15:c1:ed:98:42:2c:ac:c4:c2:c0:78:ae:7a:9d:
bb:2a:5f:8d:12:bd:ac:c7:e1:f7:1f:27:9f:eb:43:dd:30:27:
79:9a:79:c0:d9:40:86:02:0c:9b:2a:e8:31:19:93:ed:c9:f6:
5c:90:6a:9e:ba:bc:2d:73:4f:1d:9f:ea:b6:b9:7d:1c:13:f0:
53:6f:7b:d6:b0:ba:1e:2a:22:ed:2a:3a:77:72:8a:ed:e5:b6:
13:50:ff:47:ae:13:21:4c:58:33:34:e7:c7:08:03:db:82:2e:
59:3d:93:e0:b8:7b:95:b1:0c:91:b2:a7:dd:80:ad:f1:45:7b:
ca:ea:a4:50:37:a0:61:5d:ed:83:56:34:27:18:75:82:8a:19:
ec:ea:d3:ef:c2:43:ca:3b:3a:0f:6e:e3:54:79:16:34:2a:57:
f4:05:fe:f5:8b:50:14:fa:60:58:da:db:e7:f7:a6:ea:09:7b:
cc:ff:e0:25:74:b6:01:7a:70:19:7a:54:ca:cc:88:b1:59:4b:
fe:ca:ae:2f:bb:7c:7a:cf:4d:68:6d:26:d3:a6:fa:89:16:ac:
2a:16:34:4c:ae:10:f5:8a:19:eb:c2:49:fb:ce:60:34:59:f0:
27:ed:11:ae:83:96:60:78:88:02:2d:46:54:c4:75:e2:c3:77:
49:8c:ff:30
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIULMNYx4LIicBO8S2oCiLj6ebk814wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTIwMjBaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDgwYzFkNWY1NDlkY2IyNmZiY2EyMDI5ZTkwZmYxZTg1N2EwNWViOGY2YmNl
ZDMzMmE5ZmU1OTU4ZGI0NzViNDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKkha8B9wua/aAERgGtM9CU4qTe0M/kTBVySPLBc94e7OGmUtXLfBVy9lDrH
vK3knBbz+B6xdv1cSW/ycecJpwNfX2O5FkrApupNkcP0svdh7DvB9HDAUF2WwqDC
lg68YNUaZevb73gMSMtadOhfpQhCnh48lhCy4W08/+/KCC5sANX8sr7XhPaI8AeU
1e4ghPLYhNQnqgVnj+SNxuwOQ2ZU4R0G19nAQhNy6G3vaWZHmb6IVPA6ErWYSLVS
GTG/URH2DjiGkg6Y5fxoWwdkeADhdclbnwgQocOKNpU4s9jhkO4fPG/PNxuGRJZ/
ZxJgQKQ1aYpCFBdO8dLGHu5byOsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR/pCk6
1O9KWUPpCG8jD7zKkIUHrTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2VmNWU3YjgtMjRhZC00MWFmLTgzMzQtMmVmZjI5MmE3NjlkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9g
wDANBgkqhkiG9w0BAQsFAAOCAQEAmXFDBxXB7ZhCLKzEwsB4rnqduypfjRK9rMfh
9x8nn+tD3TAneZp5wNlAhgIMmyroMRmT7cn2XJBqnrq8LXNPHZ/qtrl9HBPwU297
1rC6Hioi7So6d3KK7eW2E1D/R64TIUxYMzTnxwgD24IuWT2T4Lh7lbEMkbKn3YCt
8UV7yuqkUDegYV3tg1Y0Jxh1gooZ7OrT78JDyjs6D27jVHkWNCpX9AX+9YtQFPpg
WNrb5/em6gl7zP/gJXS2AXpwGXpUysyIsVlL/squL7t8es9NaG0m06b6iRasKhY0
TK4Q9YoZ68JJ+85gNFnwJ+0RroOWYHiIAi1GVMR14sN3SYz/MA==
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:00:11 2026 by rpki-client