Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/493f1269-3ba4-4dea-829a-985dda6749ee.roa
File: 493f1269-3ba4-4dea-829a-985dda6749ee.roa (raw, json)
Hash identifier: qPnXMd3u1RLlGeB9eNRRkDN/V6y3aivjqtn2sjhG6B0=
Subject key identifier: 8D:21:F5:5A:B2:86:88:57:6E:A2:EE:AD:8F:DC:59:19:C5:08:F7:BD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 177CE3784E6F6B23CF0E029BB269CC0BF8A02543
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/493f1269-3ba4-4dea-829a-985dda6749ee.roa
Signing time: Tue 19 May 2026 04:40:59 +0000
ROA not before: Tue 19 May 2026 04:40:59 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d075::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:7c:e3:78:4e:6f:6b:23:cf:0e:02:9b:b2:69:cc:0b:f8:a0:25:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:40:59 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=fae4d2875246b74b7e2a27713a4f1915013ab3749123b862af0bd990a72906f1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:1b:15:76:92:5e:fc:1d:1c:15:53:ae:59:d6:
68:9c:e2:5c:c7:3a:23:36:66:90:9a:fe:4a:9f:ff:
f7:64:58:f8:62:e2:01:3d:e0:69:97:ef:5b:ac:4a:
d5:92:2c:63:05:60:5c:0b:54:91:13:1e:af:e2:ac:
43:fc:44:8e:e3:f6:72:78:c6:9a:21:52:c2:ca:c2:
90:88:6c:40:6c:70:1b:d2:42:a1:0a:5a:3b:db:ca:
2b:9b:1f:fd:f3:5d:1e:1c:88:16:e8:13:51:53:80:
f7:88:33:e8:dd:36:d7:75:81:61:24:c4:30:e6:4d:
5e:17:44:02:c2:4d:86:fb:0a:f5:96:7f:59:a3:b9:
dc:0b:5f:da:63:04:af:7c:10:fa:c7:85:71:ad:9a:
10:ff:07:1a:c4:c5:f5:8d:94:f7:e4:5b:a2:30:71:
1c:80:78:e0:f0:ad:fd:51:23:e5:e0:e5:6c:83:59:
e1:58:c1:b0:32:46:dd:68:b2:f6:76:40:c6:48:3e:
d2:82:f0:35:46:72:97:e8:f9:86:c6:60:21:4e:a5:
29:70:79:e0:00:00:c0:3b:26:f3:78:f6:29:c6:0a:
ca:82:bb:b9:f1:12:9c:e0:25:c8:57:f7:22:87:fb:
26:41:e7:46:97:1d:18:0b:07:da:05:f8:d7:91:bf:
db:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:21:F5:5A:B2:86:88:57:6E:A2:EE:AD:8F:DC:59:19:C5:08:F7:BD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/493f1269-3ba4-4dea-829a-985dda6749ee.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d075::/32
Signature Algorithm: sha256WithRSAEncryption
9f:79:c6:0c:9e:b5:96:34:3d:2e:83:3f:2b:73:a8:da:c8:e0:
b9:73:e1:06:df:a8:1f:48:a7:4a:cb:24:68:e7:73:fd:a4:28:
35:fa:39:6e:65:b2:ac:2c:9a:9a:d5:61:0e:6b:6b:d1:c7:aa:
f3:e9:25:88:db:92:28:44:1e:4e:71:82:74:6a:bc:74:a0:a6:
00:7a:05:90:28:f4:a9:17:2e:bb:24:8b:64:54:60:78:3a:47:
80:3e:d1:99:4d:2d:8f:a8:3b:2d:b9:a5:61:7e:fa:1b:20:ee:
87:7a:a3:7a:1f:27:0a:9d:ee:d8:54:ac:80:8f:c7:d4:3b:d8:
52:73:95:23:bb:a9:5c:fe:72:88:b8:3c:5d:e6:3a:9e:5b:e4:
c2:3d:fb:b1:6f:c7:20:02:60:90:cb:07:2c:2f:c0:d9:8d:71:
e2:ba:b6:c1:5d:2c:db:98:69:b2:ce:07:96:b5:b4:fd:76:05:
b4:4e:ca:ea:2a:b4:75:e0:d5:07:50:1d:d3:0e:c6:a3:c2:99:
31:17:6a:57:56:f1:a9:fe:e8:c2:62:ce:42:90:19:cc:b7:30:
1d:dc:62:23:6d:cb:86:38:b8:49:f9:37:54:ed:22:fe:bb:ff:
b2:ed:7f:a4:09:6a:bf:1d:65:df:54:7d:ba:36:bf:be:0c:fa:
8c:13:75:b4
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUF3zjeE5vayPPDgKbsmnMC/igJUMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDQwNTlaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGZhZTRkMjg3NTI0NmI3NGI3ZTJhMjc3MTNhNGYxOTE1MDEzYWIzNzQ5MTIz
Yjg2MmFmMGJkOTkwYTcyOTA2ZjExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIwbFXaSXvwdHBVTrlnWaJziXMc6IzZmkJr+Sp//92RY+GLiAT3gaZfvW6xK
1ZIsYwVgXAtUkRMer+KsQ/xEjuP2cnjGmiFSwsrCkIhsQGxwG9JCoQpaO9vKK5sf
/fNdHhyIFugTUVOA94gz6N0213WBYSTEMOZNXhdEAsJNhvsK9ZZ/WaO53Atf2mME
r3wQ+seFca2aEP8HGsTF9Y2U9+RbojBxHIB44PCt/VEj5eDlbINZ4VjBsDJG3Wiy
9nZAxkg+0oLwNUZyl+j5hsZgIU6lKXB54AAAwDsm83j2KcYKyoK7ufESnOAlyFf3
Iof7JkHnRpcdGAsH2gX415G/21ECAwEAAaOCAiIwggIeMB0GA1UdDgQWBBSNIfVa
soaIV26i7q2P3FkZxQj3vTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDkzZjEyNjktM2JhNC00ZGVhLTgyOWEtOTg1ZGRhNjc0OWVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0HUw
DQYJKoZIhvcNAQELBQADggEBAJ95xgyetZY0PS6DPytzqNrI4Llz4QbfqB9Ip0rL
JGjnc/2kKDX6OW5lsqwsmprVYQ5ra9HHqvPpJYjbkihEHk5xgnRqvHSgpgB6BZAo
9KkXLrski2RUYHg6R4A+0ZlNLY+oOy25pWF++hsg7od6o3ofJwqd7thUrICPx9Q7
2FJzlSO7qVz+coi4PF3mOp5b5MI9+7FvxyACYJDLBywvwNmNceK6tsFdLNuYabLO
B5a1tP12BbROyuoqtHXg1QdQHdMOxqPCmTEXaldW8an+6MJizkKQGcy3MB3cYiNt
y4Y4uEn5N1TtIv67/7Ltf6QJar8dZd9Ufbo2v74M+owTdbQ=
-----END CERTIFICATE-----
Generated at Sat Jun 13 11:34:13 2026 by rpki-client