Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/44d8b686-7db5-4309-8f09-3af611be3753.roa
File: 44d8b686-7db5-4309-8f09-3af611be3753.roa (raw, json)
Hash identifier: 2NPrVjQq4pD83mV1pueljpANh+Vk4pAoCF/qBezMGpY=
Subject key identifier: A9:39:5C:56:91:2F:C9:53:2F:B4:E7:C2:35:67:90:87:AE:F0:33:DE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6C2E16358DBE53AD7A42AE3EEE73BAB4F49F0E67
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/44d8b686-7db5-4309-8f09-3af611be3753.roa
Signing time: Tue 19 May 2026 04:30:29 +0000
ROA not before: Tue 19 May 2026 04:30:29 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07a:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:2e:16:35:8d:be:53:ad:7a:42:ae:3e:ee:73:ba:b4:f4:9f:0e:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:30:29 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=fc51a6637e14d2fa545902c08bfb5f16467c4c001bfd2eabd6ba15e3aa9ac689, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:0e:07:b8:e6:77:23:29:e2:3d:76:c8:66:2c:
62:32:0a:fe:9a:2f:55:c7:dc:59:53:71:d5:ba:09:
37:a6:5d:84:81:8b:46:fb:95:85:5a:74:aa:8b:57:
30:1e:58:36:07:90:fa:99:ab:ac:61:6d:50:05:93:
d5:7b:f0:88:69:7e:bf:aa:b7:76:84:bf:20:41:11:
8b:db:25:b3:8c:99:6a:cb:f9:05:9a:6c:b0:55:d4:
02:ec:c3:b3:4e:62:b3:4b:bb:30:7e:0e:1a:ac:0f:
a5:a6:a2:6f:47:ca:2b:c1:de:e9:d7:3f:a4:56:0a:
a6:6e:54:3c:7b:0a:50:18:21:55:2b:e9:02:95:ab:
07:ea:ff:b9:76:4d:fb:21:47:28:8b:37:79:de:26:
10:e9:64:86:18:f0:bd:a8:b6:99:82:7b:ab:eb:8c:
e7:1b:1b:47:e7:4e:80:74:fe:5f:b6:cb:d7:3a:59:
4e:45:1a:cf:8e:ef:c7:f8:ec:9e:d9:9b:8d:0d:b7:
ec:0d:35:75:c8:93:fc:cf:4a:ea:d8:9c:4a:c6:24:
e3:7a:de:48:3b:21:95:fd:3a:60:3e:95:22:b8:f4:
e1:40:67:c4:93:82:f9:9c:b9:cc:58:a1:95:3a:07:
66:14:c4:c3:b3:a7:39:b0:c2:b3:dd:63:3b:29:cc:
9f:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:39:5C:56:91:2F:C9:53:2F:B4:E7:C2:35:67:90:87:AE:F0:33:DE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/44d8b686-7db5-4309-8f09-3af611be3753.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07a:c000::/40
Signature Algorithm: sha256WithRSAEncryption
3b:fd:21:36:02:fd:07:8f:50:49:df:6e:9e:e4:2e:93:ca:62:
39:6d:95:b5:4d:8b:c7:d6:c8:b5:1e:5a:bb:49:3a:f9:83:36:
1c:63:b1:ec:ff:d9:28:42:43:6b:a7:b6:66:b4:29:b7:ab:8d:
e7:dc:33:e2:c3:6b:f2:54:e2:1a:ab:99:e5:9f:8d:03:9c:f5:
62:92:1a:4b:fd:0b:d5:13:ec:d3:4b:54:39:33:b1:9c:05:c2:
27:1e:cb:4c:3e:3a:3f:6e:79:b6:92:5c:3c:f3:52:93:5a:c4:
e2:9f:8a:9b:8a:00:4f:0a:c0:09:e8:a5:0a:57:b6:71:30:e6:
30:28:cf:8a:51:85:4a:96:39:7f:8e:f9:3d:d7:d7:69:4f:58:
65:7a:44:56:55:fb:be:88:80:b0:fe:3d:06:a5:7c:e0:5d:26:
35:3c:80:5f:d2:ee:28:52:c1:93:95:1b:7a:fa:0e:67:22:ac:
a1:29:bd:74:db:c9:55:c0:99:4f:5f:45:7c:f7:4a:a4:f0:c3:
fe:66:01:85:e5:49:71:de:b0:71:80:9e:e8:4a:07:3d:6d:99:
67:bb:69:3f:7c:6b:73:95:3f:de:c4:13:07:c6:ed:df:ac:43:
07:ab:75:75:de:71:7a:4f:7a:63:f4:45:36:4e:5a:9a:83:db:
0e:43:fd:26
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbC4WNY2+U616Qq4+7nO6tPSfDmcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDMwMjlaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGZjNTFhNjYzN2UxNGQyZmE1NDU5MDJjMDhiZmI1ZjE2NDY3YzRjMDAxYmZk
MmVhYmQ2YmExNWUzYWE5YWM2ODkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMUOB7jmdyMp4j12yGYsYjIK/povVcfcWVNx1boJN6ZdhIGLRvuVhVp0qotX
MB5YNgeQ+pmrrGFtUAWT1XvwiGl+v6q3doS/IEERi9sls4yZasv5BZpssFXUAuzD
s05is0u7MH4OGqwPpaaib0fKK8He6dc/pFYKpm5UPHsKUBghVSvpApWrB+r/uXZN
+yFHKIs3ed4mEOlkhhjwvai2mYJ7q+uM5xsbR+dOgHT+X7bL1zpZTkUaz47vx/js
ntmbjQ237A01dciT/M9K6ticSsYk43reSDshlf06YD6VIrj04UBnxJOC+Zy5zFih
lToHZhTEw7OnObDCs91jOynMn3UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSpOVxW
kS/JUy+058I1Z5CHrvAz3jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDRkOGI2ODYtN2RiNS00MzA5LThmMDktM2FmNjExYmUzNzUzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HrA
MA0GCSqGSIb3DQEBCwUAA4IBAQA7/SE2Av0Hj1BJ326e5C6TymI5bZW1TYvH1si1
Hlq7STr5gzYcY7Hs/9koQkNrp7ZmtCm3q43n3DPiw2vyVOIaq5nln40DnPVikhpL
/QvVE+zTS1Q5M7GcBcInHstMPjo/bnm2klw881KTWsTin4qbigBPCsAJ6KUKV7Zx
MOYwKM+KUYVKljl/jvk919dpT1hlekRWVfu+iICw/j0GpXzgXSY1PIBf0u4oUsGT
lRt6+g5nIqyhKb1028lVwJlPX0V890qk8MP+ZgGF5Ulx3rBxgJ7oSgc9bZlnu2k/
fGtzlT/exBMHxu3frEMHq3V13nF6T3pj9EU2Tlqag9sOQ/0m
-----END CERTIFICATE-----
Generated at Sat Jun 13 11:35:47 2026 by rpki-client