Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/543bc67d-08f9-4a99-bf5e-68100e034395.roa
File: 543bc67d-08f9-4a99-bf5e-68100e034395.roa (raw, json)
Hash identifier: kIRUihMa35f3oyxv+eOG61BYLaoWOxKY83a1yCrLCDs=
Subject key identifier: E6:A7:AF:CB:99:32:7A:37:54:46:25:13:4E:3C:12:0F:1F:29:42:73
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5DF6F6C28EA3C40AAD98AB10D9702FD12AD4C22F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/543bc67d-08f9-4a99-bf5e-68100e034395.roa
Signing time: Tue 19 May 2026 05:20:35 +0000
ROA not before: Tue 19 May 2026 05:20:35 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:4080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:f6:f6:c2:8e:a3:c4:0a:ad:98:ab:10:d9:70:2f:d1:2a:d4:c2:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:20:35 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=0378f86ea027730616ac895c6bfbc2aac68d6f146d7fa061056c0ce291692d0e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:73:f9:0a:11:3e:a4:8e:17:c4:6a:7a:f9:72:
65:8d:79:89:8f:dd:8c:16:62:84:2b:ee:3c:1c:0e:
15:95:45:55:7c:9b:a9:4d:31:77:c3:76:4e:c6:e8:
58:75:ec:2e:c4:6e:2b:56:d9:3d:67:9d:86:0e:32:
2a:d0:68:cc:1a:4f:81:34:6b:f8:36:26:5a:64:16:
f2:7b:a1:99:40:db:21:8f:25:78:ea:0a:9b:48:c1:
a4:2f:a6:14:74:b8:fd:fe:66:c1:56:5f:ea:d1:89:
df:c3:a5:49:35:0d:a1:6e:f4:cc:66:6b:e9:6f:92:
b7:e8:08:ac:a4:e9:fa:78:60:d7:d4:4d:b2:33:fb:
47:b5:13:ed:d8:31:81:3e:b9:62:b4:f3:20:6a:0b:
c0:fc:e2:07:01:ae:8f:84:1a:a7:b5:78:7d:c6:d1:
ed:f7:bd:a5:a0:be:40:d9:c6:d4:44:ea:f4:d7:37:
25:17:d1:4d:52:f4:60:7b:dc:7b:b5:2d:79:68:67:
37:1c:66:56:bd:3d:ea:38:f5:f3:1f:b7:4a:50:c9:
4e:c1:2d:9a:e1:31:9b:8b:0c:06:7e:d1:4c:c5:56:
e3:0b:e9:cc:54:71:1f:ac:ee:9a:cd:50:b5:4d:3e:
95:01:4c:77:16:78:87:1f:07:c3:e4:9b:69:75:14:
65:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:A7:AF:CB:99:32:7A:37:54:46:25:13:4E:3C:12:0F:1F:29:42:73
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/543bc67d-08f9-4a99-bf5e-68100e034395.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:4080::/48
Signature Algorithm: sha256WithRSAEncryption
41:b9:58:9a:ee:bc:23:5a:0c:3d:a5:a7:22:76:e2:07:15:a5:
2d:05:10:0b:74:6f:e5:91:65:3d:8e:3e:c3:ba:62:a9:6e:3d:
9a:a3:0c:9a:24:ba:fa:ba:1b:38:5d:5a:30:e8:75:01:ae:46:
2d:3d:b6:55:39:2d:be:64:51:26:67:1d:82:13:c0:95:d7:68:
89:4c:46:f1:2f:0d:21:75:13:ad:e6:0f:a6:2f:2d:16:49:97:
e4:33:d5:d3:5b:7a:5e:9f:80:98:17:cf:f3:eb:47:17:47:7f:
cd:bd:40:a8:70:7f:1b:c6:26:ce:d8:04:02:06:3f:78:fa:4d:
8a:3a:e5:c0:d1:22:d3:f5:0c:c7:d3:88:fc:5a:ed:f7:81:e6:
12:76:99:02:89:cb:e6:2f:ca:ee:4b:60:e6:b8:cf:d4:87:5f:
cd:9c:9f:ca:ed:be:b0:ba:bc:96:b1:7b:74:d8:9d:08:8d:d1:
1e:09:df:1d:0e:3a:bc:44:91:4c:bc:9d:4a:33:d1:10:3f:6d:
8e:7d:5d:e3:5b:30:5e:61:61:02:5e:3d:68:00:5d:9b:1b:a9:
07:e2:e1:51:be:8b:c9:3c:4e:76:32:35:ee:b7:d0:b2:ad:84:
49:9c:ae:ce:3a:6b:3f:f6:53:ed:7e:6b:ae:2d:c4:75:2c:04:
e3:16:74:e4
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUXfb2wo6jxAqtmKsQ2XAv0SrUwi8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTIwMzVaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDAzNzhmODZlYTAyNzczMDYxNmFjODk1YzZiZmJjMmFhYzY4ZDZmMTQ2ZDdm
YTA2MTA1NmMwY2UyOTE2OTJkMGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK9z+QoRPqSOF8RqevlyZY15iY/djBZihCvuPBwOFZVFVXybqU0xd8N2Tsbo
WHXsLsRuK1bZPWedhg4yKtBozBpPgTRr+DYmWmQW8nuhmUDbIY8leOoKm0jBpC+m
FHS4/f5mwVZf6tGJ38OlSTUNoW70zGZr6W+St+gIrKTp+nhg19RNsjP7R7UT7dgx
gT65YrTzIGoLwPziBwGuj4Qap7V4fcbR7fe9paC+QNnG1ETq9Nc3JRfRTVL0YHvc
e7UteWhnNxxmVr096jj18x+3SlDJTsEtmuExm4sMBn7RTMVW4wvpzFRxH6zums1Q
tU0+lQFMdxZ4hx8Hw+SbaXUUZVcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTmp6/L
mTJ6N1RGJRNOPBIPHylCczAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTQzYmM2N2QtMDhmOS00YTk5LWJmNWUtNjgxMDBlMDM0Mzk1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HJA
gDANBgkqhkiG9w0BAQsFAAOCAQEAQblYmu68I1oMPaWnInbiBxWlLQUQC3Rv5ZFl
PY4+w7piqW49mqMMmiS6+robOF1aMOh1Aa5GLT22VTktvmRRJmcdghPAlddoiUxG
8S8NIXUTreYPpi8tFkmX5DPV01t6Xp+AmBfP8+tHF0d/zb1AqHB/G8YmztgEAgY/
ePpNijrlwNEi0/UMx9OI/Frt94HmEnaZAonL5i/K7ktg5rjP1IdfzZyfyu2+sLq8
lrF7dNidCI3RHgnfHQ46vESRTLydSjPRED9tjn1d41swXmFhAl49aABdmxupB+Lh
Ub6LyTxOdjI17rfQsq2ESZyuzjprP/ZT7X5rri3EdSwE4xZ05A==
-----END CERTIFICATE-----
Generated at Sat Jun 13 12:42:26 2026 by rpki-client