Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/404ef1af-e052-41b8-a0bf-70e3fa0aa052.roa
File: 404ef1af-e052-41b8-a0bf-70e3fa0aa052.roa (raw, json)
Hash identifier: rAmrmdonOdK5ZJo5WdNpckf2hciBj/kLzFvLnV9tRxg=
Subject key identifier: 3A:F6:51:34:BA:58:D8:60:15:4B:6D:28:4A:6A:05:88:91:C5:29:A3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 17859EBB99EA431C86E31FC23DF6603973B89CE1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/404ef1af-e052-41b8-a0bf-70e3fa0aa052.roa
Signing time: Tue 19 May 2026 05:20:24 +0000
ROA not before: Tue 19 May 2026 05:20:24 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d017::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:85:9e:bb:99:ea:43:1c:86:e3:1f:c2:3d:f6:60:39:73:b8:9c:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:20:24 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=657bdfa049e33953b0b1213e1b7dc6938facea1eeac489ebb0b0f1b8d0d9359e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:ce:ec:8c:4a:48:60:90:c1:c1:25:60:55:c4:
6c:a1:b9:c5:48:e9:40:fe:90:df:33:0f:64:70:52:
f9:21:33:06:83:cf:1e:b8:b7:3f:5f:71:2b:61:7c:
75:2e:d4:c9:68:9d:55:b1:a3:1d:eb:4e:0b:83:99:
a0:7d:be:33:cc:cb:b3:e3:64:3c:15:75:3d:91:26:
21:84:24:65:df:9e:99:89:ad:02:d5:07:ac:7a:33:
dc:8e:a0:10:4f:aa:f1:f0:a4:68:ff:77:ba:c7:73:
a6:a9:72:90:06:81:ad:92:56:e3:e2:c6:28:50:31:
18:eb:34:3e:2e:10:cd:ea:e5:58:c6:d4:b0:2a:c4:
20:83:89:ef:af:43:5c:cb:19:7b:12:85:20:8e:1a:
9d:03:6f:a3:1d:82:4b:5b:5b:34:b9:6c:91:16:36:
a0:cc:5e:d7:97:e0:61:0e:bb:bb:da:52:5c:71:57:
3f:5d:8b:86:ed:5f:94:05:e4:94:13:1b:55:ec:be:
af:3b:bc:2e:55:a4:fd:86:ad:fb:87:c7:1d:2e:dc:
05:2b:14:70:18:c9:9b:e6:43:42:bf:c0:b8:d6:fc:
09:3c:31:47:07:41:c7:00:5b:03:9c:7a:3d:5f:a5:
ee:74:9c:8e:e0:5f:22:9b:5e:0f:cc:f5:04:56:c1:
c8:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:F6:51:34:BA:58:D8:60:15:4B:6D:28:4A:6A:05:88:91:C5:29:A3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/404ef1af-e052-41b8-a0bf-70e3fa0aa052.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d017::/36
Signature Algorithm: sha256WithRSAEncryption
80:b7:15:b0:ab:f6:98:a2:44:1d:62:37:94:c9:d2:b3:b5:e8:
2c:b4:4f:44:ff:5e:88:ad:d1:cb:7a:a7:d8:9b:b6:b4:10:b0:
91:07:5b:cc:63:a4:13:48:54:9f:71:2b:0a:22:9d:97:ad:e9:
53:54:60:23:b0:a6:2f:f3:09:72:ad:8d:da:66:87:bf:e9:8f:
fb:02:da:3f:1a:bc:b9:47:a9:f0:9a:8b:c9:5f:59:28:ff:49:
a7:59:09:ee:0c:d1:f1:1f:56:4b:ea:ec:2e:3f:6b:76:6c:7f:
37:41:45:eb:cd:ef:43:f7:6f:21:80:5c:1d:73:2c:ce:cb:f6:
e5:c2:58:db:4b:03:d3:8b:f5:c1:12:8a:55:7f:0f:eb:11:09:
e4:30:cd:38:63:fd:14:29:ee:41:9a:7e:ae:48:df:9d:d9:03:
df:32:be:4d:e5:ab:c9:27:c1:2c:2a:93:99:fe:58:a9:3b:96:
98:09:d3:6d:c8:6b:f0:aa:b5:9c:48:bf:fc:03:31:6c:d5:ae:
2a:9f:d6:bc:4f:e0:d2:b2:a4:71:ec:80:fc:f5:ea:da:d2:6a:
ae:d1:e6:ce:cf:5b:3d:25:4a:e1:7f:86:c8:50:37:5d:7e:9c:
8f:f6:17:cd:53:86:e3:3a:38:61:57:84:d4:e6:6a:5b:23:c6:
99:c6:e1:1b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUF4Weu5nqQxyG4x/CPfZgOXO4nOEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTIwMjRaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDY1N2JkZmEwNDllMzM5NTNiMGIxMjEzZTFiN2RjNjkzOGZhY2VhMWVlYWM0
ODllYmIwYjBmMWI4ZDBkOTM1OWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKfO7IxKSGCQwcElYFXEbKG5xUjpQP6Q3zMPZHBS+SEzBoPPHri3P19xK2F8
dS7UyWidVbGjHetOC4OZoH2+M8zLs+NkPBV1PZEmIYQkZd+emYmtAtUHrHoz3I6g
EE+q8fCkaP93usdzpqlykAaBrZJW4+LGKFAxGOs0Pi4QzerlWMbUsCrEIIOJ769D
XMsZexKFII4anQNvox2CS1tbNLlskRY2oMxe15fgYQ67u9pSXHFXP12Lhu1flAXk
lBMbVey+rzu8LlWk/Yat+4fHHS7cBSsUcBjJm+ZDQr/AuNb8CTwxRwdBxwBbA5x6
PV+l7nScjuBfIpteD8z1BFbByI0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ69lE0
uljYYBVLbShKagWIkcUpozAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDA0ZWYxYWYtZTA1Mi00MWI4LWEwYmYtNzBlM2ZhMGFhMDUyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BcA
MA0GCSqGSIb3DQEBCwUAA4IBAQCAtxWwq/aYokQdYjeUydKztegstE9E/16IrdHL
eqfYm7a0ELCRB1vMY6QTSFSfcSsKIp2XrelTVGAjsKYv8wlyrY3aZoe/6Y/7Ato/
Gry5R6nwmovJX1ko/0mnWQnuDNHxH1ZL6uwuP2t2bH83QUXrze9D928hgFwdcyzO
y/blwljbSwPTi/XBEopVfw/rEQnkMM04Y/0UKe5Bmn6uSN+d2QPfMr5N5avJJ8Es
KpOZ/lipO5aYCdNtyGvwqrWcSL/8AzFs1a4qn9a8T+DSsqRx7ID89era0mqu0ebO
z1s9JUrhf4bIUDddfpyP9hfNU4bjOjhhV4TU5mpbI8aZxuEb
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:11:09 2026 by rpki-client