Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/60c499a8-e470-4a76-9095-20d8554a426a.roa
File: 60c499a8-e470-4a76-9095-20d8554a426a.roa (raw, json)
Hash identifier: IAlRsPJgDrwSjmWtkhOA6/xJY0ExWCS286CIU2hMFJo=
Subject key identifier: 37:AA:E9:3E:09:93:D9:6B:56:10:4E:BF:EF:E8:28:74:D3:EE:43:9E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 74C98A9EDD9C1DA2B62445AB61F8B93885F509C7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/60c499a8-e470-4a76-9095-20d8554a426a.roa
Signing time: Tue 19 May 2026 05:21:00 +0000
ROA not before: Tue 19 May 2026 05:21:00 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d018:c00::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:c9:8a:9e:dd:9c:1d:a2:b6:24:45:ab:61:f8:b9:38:85:f5:09:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:21:00 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=e5a98c80e392662e4029d8f2f5b0f96b29000f34d91b608fa94eeecf2b4c325d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:ff:6f:fc:22:5c:76:e7:e0:3b:6b:db:61:01:
53:f4:4c:bc:2c:32:be:ed:13:b6:05:5e:2c:3e:f9:
90:04:1f:31:9f:ce:ae:6d:0f:08:fa:ba:ed:61:95:
ed:86:6d:88:7b:0b:2b:db:a9:52:0a:19:78:9e:09:
9f:c0:9e:01:62:b3:b7:dd:da:53:2c:d4:f4:6f:17:
67:05:ae:54:23:f9:64:c7:e1:bc:9b:48:c9:12:6f:
72:cc:e2:4d:56:b9:6c:58:3b:2e:ee:02:92:b8:55:
a1:6f:b2:fd:d8:6e:fc:0f:ae:35:57:85:ab:5c:49:
31:1d:e4:e4:0a:95:fc:be:08:2c:83:3b:25:89:7c:
ba:d6:d9:9c:3e:64:35:ca:03:b8:15:f7:a8:71:4f:
8a:bb:2c:ae:d2:64:87:2d:f4:ea:1f:2f:ca:b8:8f:
58:43:ad:23:76:9f:0a:93:4a:d8:15:3d:50:47:1d:
f0:c7:2f:d2:c4:56:62:ea:f3:39:fb:1c:24:1b:46:
26:24:14:d4:9c:71:da:7e:83:7c:ab:88:c0:22:57:
a9:14:08:91:d6:5e:ad:9a:22:6f:8a:a1:e7:a8:23:
7c:65:56:2f:13:bd:7e:9c:d4:25:6e:c3:3a:45:37:
f7:ca:fe:62:5b:e8:e4:5d:46:f8:e4:20:80:67:19:
4a:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:AA:E9:3E:09:93:D9:6B:56:10:4E:BF:EF:E8:28:74:D3:EE:43:9E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/60c499a8-e470-4a76-9095-20d8554a426a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d018:c00::/38
Signature Algorithm: sha256WithRSAEncryption
2c:db:fd:fa:8e:aa:c3:cc:0e:a8:65:bd:a6:17:1a:25:a2:06:
97:a3:89:36:38:dc:f0:d7:e3:5c:14:c7:f0:82:3f:9c:e6:12:
31:27:88:1b:3e:4b:b7:75:e7:f7:d1:ed:20:0a:77:7b:07:4d:
05:d8:5a:d4:d1:1b:4a:c3:b2:57:c7:2a:5a:d1:c1:16:6e:c7:
84:dd:3e:f1:9c:ff:1e:e8:72:12:24:09:84:b4:f1:b4:63:d0:
66:a5:58:6c:0a:33:82:d3:39:81:67:47:f8:c6:bb:72:b3:fa:
6a:d2:37:8c:3b:cc:c6:3c:96:1d:4d:27:ad:94:88:31:9e:d8:
c8:23:4d:af:e2:d3:36:4a:90:2e:7d:b4:dd:77:05:66:6b:88:
b2:f5:72:fe:40:c8:fa:5f:6d:43:57:a6:14:dc:76:c9:ff:0a:
b3:0a:8c:08:16:92:29:af:fb:1c:9e:a2:d8:69:d0:a2:fa:7b:
fa:3b:4e:ae:03:24:72:6a:81:85:62:7d:46:8f:3e:75:ba:ce:
ca:13:fd:7e:75:1a:de:80:e1:6e:a5:fa:0c:9f:bf:a0:66:f6:
ad:de:8f:31:28:5f:87:c5:ba:63:78:cf:74:69:44:7e:8c:0c:
db:a8:42:cb:ef:95:dc:81:df:ed:5a:e0:25:ba:00:3b:89:bb:
ff:8b:0f:83
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdMmKnt2cHaK2JEWrYfi5OIX1CccwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTIxMDBaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGU1YTk4YzgwZTM5MjY2MmU0MDI5ZDhmMmY1YjBmOTZiMjkwMDBmMzRkOTFi
NjA4ZmE5NGVlZWNmMmI0YzMyNWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMn/b/wiXHbn4Dtr22EBU/RMvCwyvu0TtgVeLD75kAQfMZ/Orm0PCPq67WGV
7YZtiHsLK9upUgoZeJ4Jn8CeAWKzt93aUyzU9G8XZwWuVCP5ZMfhvJtIyRJvcszi
TVa5bFg7Lu4CkrhVoW+y/dhu/A+uNVeFq1xJMR3k5AqV/L4ILIM7JYl8utbZnD5k
NcoDuBX3qHFPirssrtJkhy306h8vyriPWEOtI3afCpNK2BU9UEcd8Mcv0sRWYurz
OfscJBtGJiQU1Jxx2n6DfKuIwCJXqRQIkdZerZoib4qh56gjfGVWLxO9fpzUJW7D
OkU398r+Ylvo5F1G+OQggGcZSrkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ3quk+
CZPZa1YQTr/v6Ch00+5DnjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjBjNDk5YTgtZTQ3MC00YTc2LTkwOTUtMjBkODU1NGE0MjZhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BgM
MA0GCSqGSIb3DQEBCwUAA4IBAQAs2/36jqrDzA6oZb2mFxologaXo4k2ONzw1+Nc
FMfwgj+c5hIxJ4gbPku3def30e0gCnd7B00F2FrU0RtKw7JXxypa0cEWbseE3T7x
nP8e6HISJAmEtPG0Y9BmpVhsCjOC0zmBZ0f4xrtys/pq0jeMO8zGPJYdTSetlIgx
ntjII02v4tM2SpAufbTddwVma4iy9XL+QMj6X21DV6YU3HbJ/wqzCowIFpIpr/sc
nqLYadCi+nv6O06uAyRyaoGFYn1Gjz51us7KE/1+dRregOFupfoMn7+gZvat3o8x
KF+HxbpjeM90aUR+jAzbqELL75Xcgd/tWuAlugA7ibv/iw+D
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:12:32 2026 by rpki-client