Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f5cc1ca-0dba-44a7-8bb3-efe848cc79ba.roa
File: 3f5cc1ca-0dba-44a7-8bb3-efe848cc79ba.roa (raw, json)
Hash identifier: AXO7vd5n+K41ORAnVPSbleo0C9GGCyobepmJ2aMR2Hc=
Subject key identifier: 1E:E5:06:DB:FB:BE:D3:25:A3:79:6E:41:4B:BE:E4:C1:6B:81:51:74
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6E4E162D07AAE28592F426F35BBAF70F2D83663B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f5cc1ca-0dba-44a7-8bb3-efe848cc79ba.roa
Signing time: Tue 19 May 2026 05:30:59 +0000
ROA not before: Tue 19 May 2026 05:30:59 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:8040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:4e:16:2d:07:aa:e2:85:92:f4:26:f3:5b:ba:f7:0f:2d:83:66:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:30:59 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=1e7df88363e99b86fbd5cfc67a0bd9b14f6c0a01ec0a8476de6b4a8b1d7ef117, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:18:0c:ba:98:a2:b0:0f:e3:9f:f5:66:fb:9d:
aa:1c:b5:5d:88:ac:5f:e2:62:ce:f1:b6:ff:e9:17:
96:c8:0a:70:5c:c6:aa:fc:c7:86:7f:20:85:12:66:
3d:bd:64:99:21:42:c8:f9:66:65:fd:af:bb:da:22:
e6:92:fa:2c:3d:9c:f3:d4:5d:fa:9f:f4:11:1a:b1:
05:97:b7:41:3f:d6:2b:67:21:22:e1:e0:71:9a:fa:
80:6c:35:b6:dc:51:57:90:51:01:04:03:d6:80:f7:
06:1a:c4:87:80:cf:af:16:9e:e1:f0:7f:0f:c4:57:
bb:56:09:c4:f1:96:da:26:d2:bb:42:8e:5e:c7:1c:
d1:8c:ae:53:e1:ee:c0:9e:c8:d5:b1:d4:b9:61:fe:
4c:58:27:74:b7:e8:81:a6:f8:cd:1a:0a:93:90:b5:
14:0d:1c:6f:25:6f:a1:83:63:b0:8b:b0:f8:a5:1c:
6b:43:53:d4:12:7d:3a:6c:c6:0c:72:d0:ec:b9:7d:
09:cd:0b:ac:57:c9:7e:fd:a2:59:f0:6b:80:38:f8:
44:e6:0f:3f:e5:1e:7b:55:63:05:8b:5d:b4:75:2f:
6f:26:aa:0a:b3:b2:2f:9f:4d:ad:6d:99:7d:d9:34:
ad:1c:fe:13:33:3e:54:0d:29:0b:b7:dd:b2:03:4f:
d3:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:E5:06:DB:FB:BE:D3:25:A3:79:6E:41:4B:BE:E4:C1:6B:81:51:74
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3f5cc1ca-0dba-44a7-8bb3-efe848cc79ba.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:8040::/48
Signature Algorithm: sha256WithRSAEncryption
bf:63:25:6d:08:c7:88:6e:4a:8b:13:a6:8f:32:af:69:0b:61:
c2:f8:3e:c2:84:f5:1e:84:95:36:20:72:5b:f6:6c:1c:c8:9e:
f2:4b:8b:e2:3a:d6:69:34:4f:da:39:fd:71:4b:dc:70:99:84:
a8:de:f5:3b:0a:f3:24:fd:07:37:ce:6d:7a:69:ac:bc:20:5d:
40:3f:f3:f1:76:4f:2a:d3:98:9e:a6:f9:83:18:77:b2:d3:3a:
99:35:36:ba:b1:03:1d:21:1a:2e:87:e5:ea:0f:97:32:21:de:
71:bd:a0:65:cc:ad:9b:78:ed:bf:4a:39:f9:1e:3f:b0:3d:58:
56:2a:8d:66:e6:24:a8:ae:97:e3:d6:5e:d6:d1:3c:1e:2a:6e:
43:6d:11:6d:75:89:ef:d8:3f:22:4d:5a:17:58:87:1d:a8:ef:
c9:7a:b9:8b:68:04:e5:c3:34:82:2d:71:97:72:f9:14:9d:e2:
7c:ab:b0:2d:26:8b:72:7d:49:62:55:d6:07:d2:71:ca:4c:bd:
9e:bd:cc:e4:83:b3:d5:0a:bd:ce:ee:66:81:d0:fd:cf:de:d4:
2c:04:76:42:b4:98:94:3d:c8:d7:d1:4f:09:2f:d8:a4:c4:89:
06:5e:6b:e3:4a:46:56:56:34:f5:08:59:d2:cc:21:13:d6:a6:
74:3e:01:12
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUbk4WLQeq4oWS9CbzW7r3Dy2DZjswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTMwNTlaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDFlN2RmODgzNjNlOTliODZmYmQ1Y2ZjNjdhMGJkOWIxNGY2YzBhMDFlYzBh
ODQ3NmRlNmI0YThiMWQ3ZWYxMTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALYYDLqYorAP45/1Zvudqhy1XYisX+JizvG2/+kXlsgKcFzGqvzHhn8ghRJm
Pb1kmSFCyPlmZf2vu9oi5pL6LD2c89Rd+p/0ERqxBZe3QT/WK2chIuHgcZr6gGw1
ttxRV5BRAQQD1oD3BhrEh4DPrxae4fB/D8RXu1YJxPGW2ibSu0KOXscc0YyuU+Hu
wJ7I1bHUuWH+TFgndLfogab4zRoKk5C1FA0cbyVvoYNjsIuw+KUca0NT1BJ9OmzG
DHLQ7Ll9Cc0LrFfJfv2iWfBrgDj4ROYPP+Uee1VjBYtdtHUvbyaqCrOyL59NrW2Z
fdk0rRz+EzM+VA0pC7fdsgNP06cCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQe5Qbb
+77TJaN5bkFLvuTBa4FRdDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2Y1Y2MxY2EtMGRiYS00NGE3LThiYjMtZWZlODQ4Y2M3OWJhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HKA
QDANBgkqhkiG9w0BAQsFAAOCAQEAv2MlbQjHiG5KixOmjzKvaQthwvg+woT1HoSV
NiByW/ZsHMie8kuL4jrWaTRP2jn9cUvccJmEqN71OwrzJP0HN85temmsvCBdQD/z
8XZPKtOYnqb5gxh3stM6mTU2urEDHSEaLofl6g+XMiHecb2gZcytm3jtv0o5+R4/
sD1YViqNZuYkqK6X49Ze1tE8HipuQ20RbXWJ79g/Ik1aF1iHHajvyXq5i2gE5cM0
gi1xl3L5FJ3ifKuwLSaLcn1JYlXWB9Jxyky9nr3M5IOz1Qq9zu5mgdD9z97ULAR2
QrSYlD3I19FPCS/YpMSJBl5r40pGVlY09QhZ0swhE9amdD4BEg==
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:11:56 2026 by rpki-client