Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/546828d4-9f43-44c2-bff8-aafeddca4e25.roa
File: 546828d4-9f43-44c2-bff8-aafeddca4e25.roa (raw, json)
Hash identifier: Cbj0IKjlmaV/aJ+ZtN2ZlZ9OUqGRAhTEFCxI4VGroek=
Subject key identifier: 65:C1:3A:A9:D1:76:4E:DC:C4:AD:20:9D:9A:83:7B:0C:09:3B:45:A5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0824077110311BA0D01C7886E467D46C9B3BF0E3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/546828d4-9f43-44c2-bff8-aafeddca4e25.roa
Signing time: Tue 19 May 2026 05:30:57 +0000
ROA not before: Tue 19 May 2026 05:30:57 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:e040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:24:07:71:10:31:1b:a0:d0:1c:78:86:e4:67:d4:6c:9b:3b:f0:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:30:57 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=7657cd0a236ae856ae24b15c12b1502d6f9eee8397a9d9f9b8fb5c8d4e080090, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:51:ff:fa:c0:05:9b:84:0b:1d:97:53:c4:64:
3a:0a:32:db:d7:1a:10:8e:b0:63:ea:56:3c:29:39:
7f:ef:48:7a:5f:fa:79:69:c2:f3:6d:f0:70:ca:4c:
22:46:00:fc:f3:7c:1c:2e:c2:17:51:13:df:29:c3:
76:91:4e:6e:c8:9f:3b:f5:b7:62:13:dc:2d:c7:eb:
68:dc:07:03:60:99:43:73:ef:dc:12:63:e7:38:30:
61:6a:18:fa:de:ce:ce:fe:0c:d8:fd:0b:e9:b9:85:
1b:bb:c8:dc:18:47:d1:ac:45:62:68:b2:ec:ea:6d:
4c:be:11:da:59:4e:e3:60:1f:79:72:24:ab:2e:e1:
bd:9a:1f:f2:b3:cb:e9:6c:fc:59:6e:ed:71:dd:5f:
36:f9:59:44:25:ed:62:c2:51:17:45:17:f3:f8:eb:
ec:39:c2:45:32:da:9d:1b:0a:1c:a8:d8:53:bb:00:
5c:0e:e4:8d:f8:1c:a7:cd:e1:14:61:f3:85:5a:98:
2d:ab:d3:86:b8:65:a5:2f:d0:5f:9a:eb:68:f9:7f:
7a:73:05:93:10:ad:1a:07:ca:d3:d6:48:75:b0:dd:
37:19:71:e9:ef:2b:5a:3d:66:e6:fa:c3:dc:5e:9c:
f9:ed:0d:bd:95:53:15:7c:c6:54:8d:f4:4b:86:83:
a5:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:C1:3A:A9:D1:76:4E:DC:C4:AD:20:9D:9A:83:7B:0C:09:3B:45:A5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/546828d4-9f43-44c2-bff8-aafeddca4e25.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:e040::/48
Signature Algorithm: sha256WithRSAEncryption
c7:c4:33:3a:2d:b7:4e:1d:36:bc:fa:24:4c:62:61:be:b3:4c:
84:a3:64:24:18:e4:3c:56:c4:08:f7:66:ed:b7:0c:71:59:6a:
aa:c9:3e:b9:f9:90:29:34:46:89:23:2e:7d:07:b5:57:54:65:
53:68:35:da:de:86:a2:f9:68:2d:00:dd:37:74:2e:bb:f8:f7:
c2:ee:81:07:4f:96:7c:b9:b7:d7:96:f0:e2:2c:c4:ef:c1:e8:
0d:c2:c3:7d:c5:ca:72:8d:a6:f0:4b:62:fd:05:f1:57:50:96:
1c:0d:3c:5c:81:c7:0e:e2:90:7c:5e:1c:34:08:fa:a3:7f:e5:
24:19:cc:b2:77:f6:7c:de:4b:91:bd:02:b0:b8:2e:96:f0:ad:
37:46:be:46:e4:6f:f5:cd:d6:aa:02:36:23:03:ce:46:26:4a:
a5:b8:9e:b0:f7:c4:59:fd:cd:ca:e4:58:b6:20:9f:2d:15:a5:
4e:67:ff:64:50:88:73:f5:d7:2b:f2:fd:ab:6f:ef:75:58:2f:
56:da:22:d3:d4:f7:96:67:a1:b5:26:51:fe:02:34:c4:d0:40:
e9:85:66:b8:4f:5d:90:0a:8b:f2:79:49:90:c6:c3:74:24:1c:
d2:2c:08:66:c0:f4:34:bc:73:52:8c:78:a4:87:c9:fa:de:fc:
8d:64:3d:11
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUCCQHcRAxG6DQHHiG5GfUbJs78OMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTMwNTdaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDc2NTdjZDBhMjM2YWU4NTZhZTI0YjE1YzEyYjE1MDJkNmY5ZWVlODM5N2E5
ZDlmOWI4ZmI1YzhkNGUwODAwOTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKpR//rABZuECx2XU8RkOgoy29caEI6wY+pWPCk5f+9Iel/6eWnC823wcMpM
IkYA/PN8HC7CF1ET3ynDdpFObsifO/W3YhPcLcfraNwHA2CZQ3Pv3BJj5zgwYWoY
+t7Ozv4M2P0L6bmFG7vI3BhH0axFYmiy7OptTL4R2llO42AfeXIkqy7hvZof8rPL
6Wz8WW7tcd1fNvlZRCXtYsJRF0UX8/jr7DnCRTLanRsKHKjYU7sAXA7kjfgcp83h
FGHzhVqYLavThrhlpS/QX5rraPl/enMFkxCtGgfK09ZIdbDdNxlx6e8rWj1m5vrD
3F6c+e0NvZVTFXzGVI30S4aDpfMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRlwTqp
0XZO3MStIJ2ag3sMCTtFpTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTQ2ODI4ZDQtOWY0My00NGMyLWJmZjgtYWFmZWRkY2E0ZTI1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ADg
QDANBgkqhkiG9w0BAQsFAAOCAQEAx8QzOi23Th02vPokTGJhvrNMhKNkJBjkPFbE
CPdm7bcMcVlqqsk+ufmQKTRGiSMufQe1V1RlU2g12t6GovloLQDdN3Quu/j3wu6B
B0+WfLm315bw4izE78HoDcLDfcXKco2m8Eti/QXxV1CWHA08XIHHDuKQfF4cNAj6
o3/lJBnMsnf2fN5Lkb0CsLgulvCtN0a+RuRv9c3WqgI2IwPORiZKpbiesPfEWf3N
yuRYtiCfLRWlTmf/ZFCIc/XXK/L9q2/vdVgvVtoi09T3lmehtSZR/gI0xNBA6YVm
uE9dkAqL8nlJkMbDdCQc0iwIZsD0NLxzUox4pIfJ+t78jWQ9EQ==
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:44:11 2026 by rpki-client