Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c40d116-3b5d-4e79-a735-a17b37f8ded2.roa
File: 4c40d116-3b5d-4e79-a735-a17b37f8ded2.roa (raw, json)
Hash identifier: o6RFhAJduhIEqiMEaSNZ+5UXDVfJRW5sWYFBm2wuUlI=
Subject key identifier: C7:4E:52:E4:1E:DA:A2:29:96:73:09:48:58:1B:CA:9A:DF:BC:47:69
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3B712F53F68B254C1BB4F6EC0E05E4454CD5B490
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c40d116-3b5d-4e79-a735-a17b37f8ded2.roa
Signing time: Fri 15 May 2026 02:20:11 +0000
ROA not before: Fri 15 May 2026 02:20:11 +0000
ROA not after: Thu 13 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06c:9000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:71:2f:53:f6:8b:25:4c:1b:b4:f6:ec:0e:05:e4:45:4c:d5:b4:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 15 02:20:11 2026 GMT
Not After : Aug 13 23:59:59 2026 GMT
Subject: serialNumber=ddfc7670decc646a64a3306b4dfc0322eb05cf1fc31996cfb2240312aa3ccf11, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:d8:91:32:98:4f:9a:63:4b:84:b6:d3:12:cb:
8e:0f:ab:af:7a:48:7f:66:62:66:da:a9:10:2f:1e:
66:02:02:e2:7b:5b:c5:50:7f:d3:5a:ce:04:bd:83:
c2:3e:71:39:56:16:d5:0d:95:cb:92:b2:41:02:3a:
c8:ed:59:79:d4:36:96:2b:76:d6:ac:fe:ec:c9:7c:
e9:44:9c:96:fd:21:a8:5a:bc:42:3b:7e:b3:27:9c:
c8:e3:5f:ab:23:65:ba:d0:b2:72:fd:59:f3:3e:82:
ef:93:1c:f2:29:b0:f0:aa:96:84:b0:7d:2f:ec:f7:
29:83:f7:e0:2d:1b:e3:6d:19:02:b0:44:81:fc:f1:
16:07:e7:27:43:fb:92:2d:5f:c4:01:51:eb:91:d3:
ef:9a:53:8b:53:44:04:37:ff:41:23:09:7f:4a:58:
70:4c:fd:85:b8:69:66:8e:55:18:27:a4:55:f2:e2:
fd:11:3c:90:84:f1:8a:d7:c0:34:1a:09:04:c8:94:
ac:98:93:33:8c:c5:e3:a2:71:86:c6:1f:9d:24:9c:
0e:15:e1:29:70:22:19:b9:c3:39:f1:71:a9:cf:63:
7d:66:3b:63:e1:ea:4d:b4:86:35:3a:ac:91:9c:9a:
72:ac:6c:b2:c8:10:ce:a2:fb:b9:b0:47:fb:12:fb:
92:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:4E:52:E4:1E:DA:A2:29:96:73:09:48:58:1B:CA:9A:DF:BC:47:69
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c40d116-3b5d-4e79-a735-a17b37f8ded2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06c:9000::/48
Signature Algorithm: sha256WithRSAEncryption
65:e7:f4:6a:c2:3d:9f:f5:fb:1c:5b:8b:06:f7:45:1e:e8:41:
80:83:e7:df:7b:b4:87:b6:06:b0:c2:ae:31:84:a0:d4:dc:d9:
ed:ea:19:9a:71:1a:51:0b:89:6c:96:a8:e1:6c:43:3c:be:e8:
29:02:7a:67:e5:b7:00:c8:26:8e:bd:a8:c8:b6:c5:43:c8:18:
3d:3a:e5:24:fe:ba:38:21:89:4a:34:4d:98:5e:a3:c1:c4:2a:
29:6a:a4:8f:4b:19:fc:52:7e:3b:f3:7f:f4:8a:40:44:ea:88:
7d:56:02:6e:6b:12:a0:26:1f:99:78:5b:e4:c6:36:74:6d:cd:
e6:c0:ad:97:80:60:00:8a:72:cf:d1:5f:b0:69:d2:2a:88:45:
35:86:63:cd:fb:94:9a:c0:f8:06:ca:f8:6c:23:3e:6c:b0:50:
d0:6e:b0:0f:2c:bb:8a:2b:ba:98:bd:d0:47:0b:d2:c5:a5:8d:
d0:fb:f7:4c:e1:4c:65:61:92:d0:05:48:bd:21:f9:ad:ed:2c:
e2:67:04:dc:de:b0:a2:6e:11:df:ef:ad:2e:e8:4d:4c:c2:89:
72:02:62:bb:d2:2f:5d:dc:2e:6d:48:9f:75:78:b9:a3:49:e4:
ae:d4:64:7b:ed:a7:a3:3b:d5:e5:b8:e7:e9:34:29:c5:7b:3e:
78:73:8f:28
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUO3EvU/aLJUwbtPbsDgXkRUzVtJAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTUwMjIwMTFaFw0yNjA4MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGRkZmM3NjcwZGVjYzY0NmE2NGEzMzA2YjRkZmMwMzIyZWIwNWNmMWZjMzE5
OTZjZmIyMjQwMzEyYWEzY2NmMTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALLYkTKYT5pjS4S20xLLjg+rr3pIf2ZiZtqpEC8eZgIC4ntbxVB/01rOBL2D
wj5xOVYW1Q2Vy5KyQQI6yO1ZedQ2lit21qz+7Ml86USclv0hqFq8Qjt+syecyONf
qyNlutCycv1Z8z6C75Mc8imw8KqWhLB9L+z3KYP34C0b420ZArBEgfzxFgfnJ0P7
ki1fxAFR65HT75pTi1NEBDf/QSMJf0pYcEz9hbhpZo5VGCekVfLi/RE8kITxitfA
NBoJBMiUrJiTM4zF46JxhsYfnSScDhXhKXAiGbnDOfFxqc9jfWY7Y+HqTbSGNTqs
kZyacqxsssgQzqL7ubBH+xL7khUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTHTlLk
HtqiKZZzCUhYG8qa37xHaTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGM0MGQxMTYtM2I1ZC00ZTc5LWE3MzUtYTE3YjM3ZjhkZWQyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0GyQ
ADANBgkqhkiG9w0BAQsFAAOCAQEAZef0asI9n/X7HFuLBvdFHuhBgIPn33u0h7YG
sMKuMYSg1NzZ7eoZmnEaUQuJbJao4WxDPL7oKQJ6Z+W3AMgmjr2oyLbFQ8gYPTrl
JP66OCGJSjRNmF6jwcQqKWqkj0sZ/FJ+O/N/9IpAROqIfVYCbmsSoCYfmXhb5MY2
dG3N5sCtl4BgAIpyz9FfsGnSKohFNYZjzfuUmsD4Bsr4bCM+bLBQ0G6wDyy7iiu6
mL3QRwvSxaWN0Pv3TOFMZWGS0AVIvSH5re0s4mcE3N6wom4R3++tLuhNTMKJcgJi
u9IvXdwubUifdXi5o0nkrtRke+2nozvV5bjn6TQpxXs+eHOPKA==
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:11:43 2026 by rpki-client