Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/57b964c4-07ca-4501-bd01-5cb8936846cc.roa
File: 57b964c4-07ca-4501-bd01-5cb8936846cc.roa (raw, json)
Hash identifier: /EjtierUcPHGfRCa6d8Cg1B6EoR/3nxZDZ52cNWmi74=
Subject key identifier: 7B:A5:BD:60:6E:93:D1:38:16:64:0B:8E:C9:A6:C4:9D:46:95:E5:06
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2980230358377C5E4AB8843F2ACB389F49B240E4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/57b964c4-07ca-4501-bd01-5cb8936846cc.roa
Signing time: Tue 19 May 2026 05:20:07 +0000
ROA not before: Tue 19 May 2026 05:20:07 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d06f:b000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:80:23:03:58:37:7c:5e:4a:b8:84:3f:2a:cb:38:9f:49:b2:40:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:20:07 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=7e8fcb673a7b1a1b2ffcbb4f28ea652af898585272f0af4ae0ce5a02033947f6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:1b:23:ae:42:d4:bc:66:78:66:a5:29:97:74:
e4:aa:d8:a5:85:df:2d:89:eb:cf:41:7f:9d:14:a1:
4a:20:9d:c1:59:7a:03:e6:09:a4:f6:d8:b0:3e:8f:
1c:da:9e:ba:9a:3e:3d:45:a4:fa:b3:40:ac:b4:fb:
b0:9d:cc:a3:4f:5e:fe:55:30:04:af:33:19:fb:03:
24:03:98:41:d0:3a:73:f8:5e:3c:3c:64:dd:16:5b:
9f:91:f1:20:fb:7a:82:f7:bf:d4:38:55:12:03:29:
ce:52:92:03:d1:9c:a3:0a:c0:60:71:71:54:98:67:
4f:24:15:a2:8b:67:2e:2b:6c:14:e3:0b:a8:5a:cc:
95:81:7a:4e:7b:b9:95:09:2e:c5:ff:2f:db:2d:51:
f9:9e:d4:ee:c8:d3:16:0b:56:ef:88:5a:89:80:7f:
4a:1c:e9:eb:33:dc:3a:d4:c8:3d:6f:93:f3:93:16:
b2:8e:91:1c:a7:8c:37:0a:f6:6e:b3:a9:c4:3c:6b:
b7:0e:28:eb:8b:35:ff:5d:67:5b:01:dd:05:66:e8:
4c:0f:93:17:e9:ff:c0:4d:af:e2:c6:d1:68:fa:1d:
cd:5f:d9:94:f4:79:4b:0a:bd:6f:c5:53:6a:f4:18:
53:04:16:74:32:61:69:8a:58:7d:68:3e:ea:35:1b:
08:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:A5:BD:60:6E:93:D1:38:16:64:0B:8E:C9:A6:C4:9D:46:95:E5:06
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/57b964c4-07ca-4501-bd01-5cb8936846cc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:b000::/40
Signature Algorithm: sha256WithRSAEncryption
67:87:90:31:47:78:e7:8b:a7:57:5c:78:45:a0:6c:7f:5b:43:
2e:83:ea:b4:60:3a:fe:14:7f:2a:f4:a1:c9:0a:ea:f4:12:0e:
7b:28:6f:51:0e:57:29:6f:cb:cb:a5:16:fb:ac:e4:db:05:a0:
9b:cf:dc:af:eb:cd:8b:84:3c:33:4e:6e:c0:64:88:f7:df:48:
51:70:1d:3f:a5:5a:6b:9c:76:87:86:b0:ec:fe:cb:41:30:0c:
6d:94:a8:cf:11:f1:cc:54:db:10:d0:36:03:87:35:71:be:38:
aa:9d:ef:1a:87:01:3a:8c:a3:34:c6:a4:a8:9c:6d:4b:a7:58:
8b:27:9f:c6:e1:a2:92:7f:2e:34:e1:3b:a5:2c:31:59:b5:e0:
77:67:1c:82:c6:02:1d:16:47:fd:53:2e:84:cf:8a:d5:bb:16:
e2:35:10:6f:29:4d:57:37:20:3b:25:0d:f0:95:c1:8a:c8:a1:
0f:b2:df:29:55:49:64:96:d9:49:4e:40:97:72:15:db:fa:08:
1b:47:aa:bc:90:02:5f:17:f7:e3:0d:46:4f:34:4d:6c:cd:f2:
71:24:2e:0d:30:a5:38:46:f9:54:ed:51:22:69:28:ec:aa:8b:
62:f0:7a:63:f7:13:a7:63:07:97:03:6a:01:05:50:e4:9f:85:
db:9b:bf:d1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKYAjA1g3fF5KuIQ/Kss4n0myQOQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTIwMDdaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDdlOGZjYjY3M2E3YjFhMWIyZmZjYmI0ZjI4ZWE2NTJhZjg5ODU4NTI3MmYw
YWY0YWUwY2U1YTAyMDMzOTQ3ZjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANEbI65C1LxmeGalKZd05KrYpYXfLYnrz0F/nRShSiCdwVl6A+YJpPbYsD6P
HNqeupo+PUWk+rNArLT7sJ3Mo09e/lUwBK8zGfsDJAOYQdA6c/hePDxk3RZbn5Hx
IPt6gve/1DhVEgMpzlKSA9GcowrAYHFxVJhnTyQVootnLitsFOMLqFrMlYF6Tnu5
lQkuxf8v2y1R+Z7U7sjTFgtW74haiYB/Shzp6zPcOtTIPW+T85MWso6RHKeMNwr2
brOpxDxrtw4o64s1/11nWwHdBWboTA+TF+n/wE2v4sbRaPodzV/ZlPR5Swq9b8VT
avQYUwQWdDJhaYpYfWg+6jUbCOcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR7pb1g
bpPROBZkC47JpsSdRpXlBjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTdiOTY0YzQtMDdjYS00NTAxLWJkMDEtNWNiODkzNjg0NmNjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G+w
MA0GCSqGSIb3DQEBCwUAA4IBAQBnh5AxR3jni6dXXHhFoGx/W0Mug+q0YDr+FH8q
9KHJCur0Eg57KG9RDlcpb8vLpRb7rOTbBaCbz9yv682LhDwzTm7AZIj330hRcB0/
pVprnHaHhrDs/stBMAxtlKjPEfHMVNsQ0DYDhzVxvjiqne8ahwE6jKM0xqSonG1L
p1iLJ5/G4aKSfy404TulLDFZteB3ZxyCxgIdFkf9Uy6Ez4rVuxbiNRBvKU1XNyA7
JQ3wlcGKyKEPst8pVUlkltlJTkCXchXb+ggbR6q8kAJfF/fjDUZPNE1szfJxJC4N
MKU4RvlU7VEiaSjsqoti8Hpj9xOnYweXA2oBBVDkn4Xbm7/R
-----END CERTIFICATE-----
Generated at Sat Jun 13 07:59:54 2026 by rpki-client