Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/408fc879-4db9-446c-bdb3-37bf4ee28c97.roa
File: 408fc879-4db9-446c-bdb3-37bf4ee28c97.roa (raw, json)
Hash identifier: /bUCnX8IruAWsu17cAqgAGIn6jUT+3s1pBidUCodGxs=
Subject key identifier: F6:BC:69:8B:EC:30:18:F2:2E:42:C8:99:27:17:78:DF:7B:F8:77:DC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2D763733F5E070A5F09F1570F7C6E5F41B0B1542
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/408fc879-4db9-446c-bdb3-37bf4ee28c97.roa
Signing time: Tue 19 May 2026 05:00:04 +0000
ROA not before: Tue 19 May 2026 05:00:04 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07a:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:76:37:33:f5:e0:70:a5:f0:9f:15:70:f7:c6:e5:f4:1b:0b:15:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:00:04 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=409cf1e317d42fc5e46009edd2c4b23806618b84e51951d53b7f8675e4ea3501, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:6d:bc:c4:db:52:64:74:da:d6:ca:b1:ce:34:
ea:68:d0:32:f8:53:19:d3:46:a5:e5:c8:dd:bf:39:
99:7f:60:1e:1f:6d:dc:16:44:7e:81:1d:bc:b4:62:
04:09:fd:7c:98:40:23:1b:e4:c0:37:34:28:d7:71:
be:28:34:45:3f:69:69:e2:61:e6:10:70:d7:1b:78:
82:e5:00:6c:30:c2:8a:5c:7e:5d:07:8d:86:b7:a0:
9d:43:14:8a:f5:79:1e:4e:a9:b6:b4:ff:7c:d4:5d:
24:54:fd:82:3e:9f:c9:05:d6:c1:51:b3:3d:de:fd:
c2:31:c7:6b:6d:05:c0:9a:34:fd:ea:44:4e:cc:40:
54:2a:e1:7a:40:42:fd:37:f5:bf:80:5c:2c:ac:8e:
59:90:3b:ac:c2:c7:96:1f:33:72:4c:bf:55:cc:18:
aa:60:42:e6:0e:28:8c:d6:f3:82:d4:49:cf:6d:ce:
3b:83:45:cc:78:68:94:0b:ce:9c:48:64:c0:20:7f:
e4:f4:72:90:c1:82:7c:83:2b:f2:84:ce:7f:34:5e:
a5:07:b2:f2:db:f4:9b:b4:a7:6c:36:b9:41:c4:04:
1a:33:6a:a0:40:95:00:7f:44:20:99:a5:a1:d0:78:
8d:1b:97:92:22:a6:19:d7:35:22:75:52:3d:95:7a:
67:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:BC:69:8B:EC:30:18:F2:2E:42:C8:99:27:17:78:DF:7B:F8:77:DC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/408fc879-4db9-446c-bdb3-37bf4ee28c97.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07a:a000::/40
Signature Algorithm: sha256WithRSAEncryption
86:91:9e:58:e1:2c:fb:97:8c:aa:0e:0f:ca:30:29:07:bf:47:
6a:07:8e:20:e4:ad:f4:a6:33:cc:1e:6c:fa:7a:e4:31:5f:a9:
5b:fd:07:6d:8e:fb:14:6d:90:d3:65:4f:74:63:31:6f:0d:ab:
3a:12:48:91:d0:81:74:32:4a:20:7c:fd:a2:d2:78:58:32:9f:
36:50:ea:be:33:1b:e6:7f:e9:5d:38:6b:2e:61:b7:83:80:14:
c2:bd:eb:16:db:41:b3:b6:98:15:6f:d5:6d:b3:62:2a:ce:ca:
fa:42:b5:37:91:28:08:b4:e8:ea:b7:1d:e8:15:dc:0d:46:af:
21:6c:42:39:55:0c:49:d2:62:4e:bd:0c:18:8c:c6:53:94:ab:
80:27:f2:f7:a5:b9:39:04:63:6f:69:ea:aa:8c:1f:fa:c8:86:
81:f4:ac:a4:21:66:75:9f:de:4f:97:23:3c:3a:c7:ad:08:16:
96:5d:96:7b:e5:fb:3d:88:a9:c9:19:a1:fe:b7:c9:54:47:fa:
9d:4e:97:ff:83:fd:9b:b1:5f:3f:ca:d2:d7:3f:06:34:0c:e6:
38:0b:c7:47:b5:8f:ba:5b:b9:49:38:89:4b:6c:b4:a9:d6:a4:
d1:74:01:24:c7:cd:d5:68:22:0a:70:92:9b:54:54:0d:74:3b:
f2:cb:8f:8c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULXY3M/XgcKXwnxVw98bl9BsLFUIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTAwMDRaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDQwOWNmMWUzMTdkNDJmYzVlNDYwMDllZGQyYzRiMjM4MDY2MThiODRlNTE5
NTFkNTNiN2Y4Njc1ZTRlYTM1MDExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMttvMTbUmR02tbKsc406mjQMvhTGdNGpeXI3b85mX9gHh9t3BZEfoEdvLRi
BAn9fJhAIxvkwDc0KNdxvig0RT9paeJh5hBw1xt4guUAbDDCilx+XQeNhregnUMU
ivV5Hk6ptrT/fNRdJFT9gj6fyQXWwVGzPd79wjHHa20FwJo0/epETsxAVCrhekBC
/Tf1v4BcLKyOWZA7rMLHlh8zcky/VcwYqmBC5g4ojNbzgtRJz23OO4NFzHholAvO
nEhkwCB/5PRykMGCfIMr8oTOfzRepQey8tv0m7SnbDa5QcQEGjNqoECVAH9EIJml
odB4jRuXkiKmGdc1InVSPZV6Z/cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT2vGmL
7DAY8i5CyJknF3jfe/h33DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDA4ZmM4NzktNGRiOS00NDZjLWJkYjMtMzdiZjRlZTI4Yzk3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hqg
MA0GCSqGSIb3DQEBCwUAA4IBAQCGkZ5Y4Sz7l4yqDg/KMCkHv0dqB44g5K30pjPM
Hmz6euQxX6lb/QdtjvsUbZDTZU90YzFvDas6EkiR0IF0MkogfP2i0nhYMp82UOq+
Mxvmf+ldOGsuYbeDgBTCvesW20GztpgVb9Vts2Iqzsr6QrU3kSgItOjqtx3oFdwN
Rq8hbEI5VQxJ0mJOvQwYjMZTlKuAJ/L3pbk5BGNvaeqqjB/6yIaB9KykIWZ1n95P
lyM8OsetCBaWXZZ75fs9iKnJGaH+t8lUR/qdTpf/g/2bsV8/ytLXPwY0DOY4C8dH
tY+6W7lJOIlLbLSp1qTRdAEkx83VaCIKcJKbVFQNdDvyy4+M
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:11:45 2026 by rpki-client