Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/492ed8ca-efa4-4041-ac8d-b0a78ef05308.roa
File: 492ed8ca-efa4-4041-ac8d-b0a78ef05308.roa (raw, json)
Hash identifier: SkErLd/NrBn1UA3J/wRJRhc7GivQrEq8gKIRmePWWCQ=
Subject key identifier: D8:97:9E:03:D5:14:EE:4D:10:3D:F9:6E:6D:56:62:54:24:44:54:01
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 46725257BA9C7F210872125723174C01DDB217FC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/492ed8ca-efa4-4041-ac8d-b0a78ef05308.roa
Signing time: Tue 19 May 2026 05:20:20 +0000
ROA not before: Tue 19 May 2026 05:20:20 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06d:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:72:52:57:ba:9c:7f:21:08:72:12:57:23:17:4c:01:dd:b2:17:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:20:20 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=6028bd40c13aad07a2728607ccefe958e074f249095045243067111912f936cc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:81:55:6d:3d:cd:af:73:9d:fb:fd:8a:86:e4:
09:47:d2:07:a3:62:bd:6b:1a:eb:cc:1b:1d:d5:b0:
78:92:45:db:ab:7f:4f:41:28:9d:9a:50:00:ad:c0:
ba:fc:12:f2:4f:ba:a7:a7:ff:e8:0d:96:5e:d1:ab:
04:cc:09:4f:c0:34:7b:1d:c8:ac:3c:e5:22:80:6f:
5c:8a:65:b2:53:28:dd:c2:9e:3a:d5:7c:55:b3:aa:
ae:d9:5b:26:ea:89:df:96:9e:72:90:59:e9:3f:15:
50:3f:d3:5d:c6:0d:ef:e8:4d:c5:d1:15:bf:73:e3:
5f:7e:3b:e0:ff:4a:3a:aa:db:5d:19:55:12:79:21:
3e:d1:99:4e:9b:ba:84:3c:a6:80:5e:d9:e0:81:26:
d3:91:74:13:d3:a2:c0:5e:0a:28:3c:a5:9c:68:d9:
b3:c1:07:e0:1c:10:79:13:05:96:89:f6:8f:d6:5c:
c5:db:ed:03:85:26:4f:a7:53:eb:22:d5:50:96:93:
8e:e7:34:12:a8:7f:f4:f4:ad:5e:b9:52:ba:c2:10:
2f:de:37:46:76:5f:4a:cc:06:e9:08:d1:3b:cb:2d:
8b:db:80:dd:34:af:31:75:b7:dd:75:66:f4:4d:97:
13:aa:52:bd:42:23:26:98:60:0c:1c:83:fb:a7:69:
d4:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:97:9E:03:D5:14:EE:4D:10:3D:F9:6E:6D:56:62:54:24:44:54:01
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/492ed8ca-efa4-4041-ac8d-b0a78ef05308.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:4000::/40
Signature Algorithm: sha256WithRSAEncryption
59:aa:6c:bb:66:2e:ac:86:dc:5b:63:39:1e:6c:78:78:38:b3:
b1:10:73:7c:85:37:e6:1d:03:f2:4b:cc:50:7c:af:87:8d:1f:
d8:86:80:1c:6c:4c:49:c5:10:c3:06:71:92:6d:d0:84:5d:d1:
c1:91:bb:0f:69:f3:8c:c5:8a:1d:8f:ef:c3:de:22:bd:3d:8c:
48:57:80:c2:bd:83:88:f4:90:b5:00:47:2d:e3:c1:8d:21:26:
fa:47:33:c5:ea:be:4b:37:3b:6c:63:52:e6:b8:d0:e0:7c:65:
51:c3:28:bf:e3:8c:2e:a4:5d:fc:ed:d8:0a:e9:bf:a2:73:92:
e0:df:69:16:58:ce:b1:b1:7e:94:01:db:ff:65:9d:04:3c:ba:
f0:01:1a:7c:d9:5d:55:7b:6e:75:dc:3a:c7:82:16:b0:f4:62:
67:67:34:4f:38:3f:56:3a:7f:1d:1d:16:10:a4:3a:99:3f:c1:
35:1d:73:b8:be:af:a0:10:ff:64:12:b7:31:fc:18:fc:a7:ae:
91:8e:e9:94:26:46:3f:5b:f8:20:e5:72:f6:30:6f:9f:73:16:
96:72:af:10:97:e0:69:7b:29:7e:c4:f1:ed:54:ae:1b:0b:c7:
e3:d3:a1:9d:c9:7d:ba:52:75:d9:09:b9:43:e8:73:5f:9d:e5:
da:a6:cd:07
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURnJSV7qcfyEIchJXIxdMAd2yF/wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTIwMjBaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDYwMjhiZDQwYzEzYWFkMDdhMjcyODYwN2NjZWZlOTU4ZTA3NGYyNDkwOTUw
NDUyNDMwNjcxMTE5MTJmOTM2Y2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ2BVW09za9znfv9iobkCUfSB6NivWsa68wbHdWweJJF26t/T0EonZpQAK3A
uvwS8k+6p6f/6A2WXtGrBMwJT8A0ex3IrDzlIoBvXIplslMo3cKeOtV8VbOqrtlb
JuqJ35aecpBZ6T8VUD/TXcYN7+hNxdEVv3PjX3474P9KOqrbXRlVEnkhPtGZTpu6
hDymgF7Z4IEm05F0E9OiwF4KKDylnGjZs8EH4BwQeRMFlon2j9ZcxdvtA4UmT6dT
6yLVUJaTjuc0Eqh/9PStXrlSusIQL943RnZfSswG6QjRO8sti9uA3TSvMXW33XVm
9E2XE6pSvUIjJphgDByD+6dp1BsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTYl54D
1RTuTRA9+W5tVmJUJERUATAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDkyZWQ4Y2EtZWZhNC00MDQxLWFjOGQtYjBhNzhlZjA1MzA4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G1A
MA0GCSqGSIb3DQEBCwUAA4IBAQBZqmy7Zi6shtxbYzkebHh4OLOxEHN8hTfmHQPy
S8xQfK+HjR/YhoAcbExJxRDDBnGSbdCEXdHBkbsPafOMxYodj+/D3iK9PYxIV4DC
vYOI9JC1AEct48GNISb6RzPF6r5LNztsY1LmuNDgfGVRwyi/44wupF387dgK6b+i
c5Lg32kWWM6xsX6UAdv/ZZ0EPLrwARp82V1Ve2513DrHghaw9GJnZzRPOD9WOn8d
HRYQpDqZP8E1HXO4vq+gEP9kErcx/Bj8p66RjumUJkY/W/gg5XL2MG+fcxaWcq8Q
l+Bpeyl+xPHtVK4bC8fj06GdyX26UnXZCblD6HNfneXaps0H
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:11:41 2026 by rpki-client