Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b6a7c0a-3e4a-4737-b92b-fac22de8757f.roa
File: 4b6a7c0a-3e4a-4737-b92b-fac22de8757f.roa (raw, json)
Hash identifier: Qkb+W26s3B/gXWjfbvzFX2ztwxSP16kxc/TLXJ1AhvI=
Subject key identifier: 9D:35:9D:BC:D9:C5:0A:9E:0B:7D:92:A7:E5:6C:75:43:27:AB:64:9B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 61981F87B24EA0116E71AF8643ED1D36CBA18B23
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b6a7c0a-3e4a-4737-b92b-fac22de8757f.roa
Signing time: Sun 17 May 2026 02:00:04 +0000
ROA not before: Sun 17 May 2026 02:00:04 +0000
ROA not after: Sat 15 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:8c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:98:1f:87:b2:4e:a0:11:6e:71:af:86:43:ed:1d:36:cb:a1:8b:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 17 02:00:04 2026 GMT
Not After : Aug 15 23:59:59 2026 GMT
Subject: serialNumber=99396471669913005ebc185fc1b5deb8cee3792bd330ddc0fd34422da3487056, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:7b:35:f1:86:8e:70:67:30:5d:5b:be:e0:f4:
e0:ba:38:c0:f5:b7:a1:60:62:b6:da:95:1b:25:10:
b2:71:89:a1:b6:5c:30:5b:1f:12:6b:79:23:d0:42:
c3:75:72:48:24:e9:aa:e1:1b:83:32:f4:d8:0d:7d:
f1:83:a2:10:8c:6f:86:ca:23:80:a1:6e:2b:01:bc:
b8:bd:92:7a:83:b0:2a:66:d1:32:10:43:dd:a5:fb:
51:c4:45:36:e7:00:e4:2c:c6:a0:1e:21:bb:9f:6e:
93:df:72:8e:9e:bc:85:75:d3:fe:c0:70:43:cd:07:
b5:88:07:65:de:8d:63:b2:2b:20:89:3f:1b:1a:1e:
db:ce:71:0a:9d:f9:56:6e:0d:95:6d:6e:d7:99:01:
a6:9c:68:bd:18:eb:25:99:62:6e:9d:17:36:60:9e:
8b:fd:74:71:1b:e9:31:41:ed:42:3f:ab:75:f2:22:
fa:44:fc:9e:ba:bc:b4:2d:5f:9d:12:a7:fc:1c:74:
71:f9:7b:f8:cd:84:1c:ec:d8:ec:64:ad:3d:52:47:
a5:74:8b:13:ce:03:55:cd:8e:99:f5:23:91:13:c9:
19:fe:e1:71:99:3a:a6:3d:e0:2e:72:67:1a:c3:b0:
dd:1a:c6:4c:7b:a5:46:27:db:e5:75:35:1d:c7:c0:
1e:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:35:9D:BC:D9:C5:0A:9E:0B:7D:92:A7:E5:6C:75:43:27:AB:64:9B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4b6a7c0a-3e4a-4737-b92b-fac22de8757f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:8c0::/48
Signature Algorithm: sha256WithRSAEncryption
81:af:e9:fa:b9:9d:e7:e8:5a:ab:90:2a:8f:d7:8b:ee:bd:e5:
cb:e3:62:06:47:a1:30:6f:13:a8:11:6e:2a:d2:c3:85:1b:db:
c0:34:5a:f3:cd:90:a3:bb:1b:dd:03:36:e7:45:84:b5:72:8c:
6f:78:b0:13:83:19:13:84:6a:6f:01:5e:4d:ba:ce:4f:44:c2:
1e:b4:1d:5a:43:c6:24:e0:50:b1:82:fd:53:e3:6a:3c:01:eb:
f9:c7:fe:6f:6c:e1:17:f7:f5:a2:24:2c:29:61:10:85:ca:7c:
41:15:63:23:94:b2:7d:40:fc:28:c7:e8:90:d0:d0:11:be:55:
b5:1c:1c:59:f7:4e:1e:31:18:63:7d:93:16:85:99:6e:19:36:
f0:91:5f:42:90:f0:e1:ed:e5:97:94:84:66:80:21:70:e4:39:
b2:12:a1:b1:e2:71:e8:61:15:1b:21:ae:ba:61:48:e6:9b:40:
bf:cd:e6:9c:ce:c1:0d:32:ed:43:1c:60:fc:d3:a3:24:c5:60:
26:78:5a:04:3a:d8:27:f1:4a:cc:f0:5d:f0:b9:2e:12:65:f0:
e9:b8:d0:41:35:1b:ad:97:67:98:d1:7d:7b:c9:e1:1d:42:46:
79:ce:ee:f0:dd:4b:e3:fd:cd:7e:9a:94:4a:9a:46:8a:6f:4c:
a6:96:2f:0c
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUYZgfh7JOoBFuca+GQ+0dNsuhiyMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTcwMjAwMDRaFw0yNjA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDk5Mzk2NDcxNjY5OTEzMDA1ZWJjMTg1ZmMxYjVkZWI4Y2VlMzc5MmJkMzMw
ZGRjMGZkMzQ0MjJkYTM0ODcwNTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALp7NfGGjnBnMF1bvuD04Lo4wPW3oWBittqVGyUQsnGJobZcMFsfEmt5I9BC
w3VySCTpquEbgzL02A198YOiEIxvhsojgKFuKwG8uL2SeoOwKmbRMhBD3aX7UcRF
NucA5CzGoB4hu59uk99yjp68hXXT/sBwQ80HtYgHZd6NY7IrIIk/Gxoe285xCp35
Vm4NlW1u15kBppxovRjrJZlibp0XNmCei/10cRvpMUHtQj+rdfIi+kT8nrq8tC1f
nRKn/Bx0cfl7+M2EHOzY7GStPVJHpXSLE84DVc2OmfUjkRPJGf7hcZk6pj3gLnJn
GsOw3RrGTHulRifb5XU1HcfAHn0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSdNZ28
2cUKngt9kqflbHVDJ6tkmzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGI2YTdjMGEtM2U0YS00NzM3LWI5MmItZmFjMjJkZTg3NTdmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DgI
wDANBgkqhkiG9w0BAQsFAAOCAQEAga/p+rmd5+haq5Aqj9eL7r3ly+NiBkehMG8T
qBFuKtLDhRvbwDRa882Qo7sb3QM250WEtXKMb3iwE4MZE4RqbwFeTbrOT0TCHrQd
WkPGJOBQsYL9U+NqPAHr+cf+b2zhF/f1oiQsKWEQhcp8QRVjI5SyfUD8KMfokNDQ
Eb5VtRwcWfdOHjEYY32TFoWZbhk28JFfQpDw4e3ll5SEZoAhcOQ5shKhseJx6GEV
GyGuumFI5ptAv83mnM7BDTLtQxxg/NOjJMVgJnhaBDrYJ/FKzPBd8LkuEmXw6bjQ
QTUbrZdnmNF9e8nhHUJGec7u8N1L4/3NfpqUSppGim9MppYvDA==
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:12:23 2026 by rpki-client