Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/60e6a684-7f6a-4f3f-8ca5-0d566c2a7875.roa
File: 60e6a684-7f6a-4f3f-8ca5-0d566c2a7875.roa (raw, json)
Hash identifier: HUpnmfThAz49PYA06e7uZW/2+l1AD0CKMEkUVI9H1vs=
Subject key identifier: 80:09:8E:AC:FB:2D:50:E3:8B:00:35:4C:16:CE:14:35:E0:A9:07:33
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 71AD425CFB480DA6AC03D3C2F868322C17562E85
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/60e6a684-7f6a-4f3f-8ca5-0d566c2a7875.roa
Signing time: Sun 31 May 2026 01:11:04 +0000
ROA not before: Sun 31 May 2026 01:11:04 +0000
ROA not after: Sat 29 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d05a:50c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:ad:42:5c:fb:48:0d:a6:ac:03:d3:c2:f8:68:32:2c:17:56:2e:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 31 01:11:04 2026 GMT
Not After : Aug 29 23:59:59 2026 GMT
Subject: serialNumber=72c2bf8cea6cafbe019d803efe0c5df56e6683b40856460b7ffbbeb6befb4152, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:ef:d3:a6:8d:59:55:bd:5a:2c:04:e2:1d:e7:
7a:c1:9b:ad:b6:7c:d7:5d:03:6c:88:47:9f:bf:f3:
2c:e4:56:30:64:c7:56:10:8b:85:7e:38:05:80:bb:
cd:f5:b1:ed:02:32:b6:1c:5f:e3:4e:cf:68:7e:15:
ba:7c:bc:fd:90:11:a5:90:d7:a7:f8:b9:3a:6d:68:
0c:2d:42:64:e1:07:1e:6c:bf:67:b3:e3:39:7a:a8:
12:37:62:21:06:c2:61:67:d6:64:c5:2c:be:cb:81:
1a:f7:eb:cb:51:0d:c9:15:a3:cf:30:d5:48:3f:f6:
1f:00:9c:17:f8:66:16:5c:f0:89:6f:5f:1f:67:85:
0f:63:32:23:63:f1:8a:65:21:1a:98:c1:86:ad:6d:
c8:b1:f8:9f:dd:5e:d2:46:76:9d:da:b4:a4:34:e3:
a8:6e:22:53:48:99:86:c1:f8:42:6b:86:4d:1b:19:
fb:3d:bb:fb:0a:cb:ad:c2:46:75:25:73:43:31:c5:
d0:3a:82:f0:41:dc:99:c5:7b:ec:30:fb:f3:37:82:
a0:74:33:4c:a7:13:81:d1:a6:be:92:0f:06:64:a6:
ec:3d:51:d9:bc:39:e4:e1:3e:f4:57:e5:7b:a5:4a:
52:ff:16:2c:ba:1b:19:ff:01:61:0f:bc:dc:4d:b9:
a2:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:09:8E:AC:FB:2D:50:E3:8B:00:35:4C:16:CE:14:35:E0:A9:07:33
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/60e6a684-7f6a-4f3f-8ca5-0d566c2a7875.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d05a:50c0::/48
Signature Algorithm: sha256WithRSAEncryption
21:ab:57:21:b2:9f:ef:fc:74:74:37:b9:cd:bc:20:a6:e9:4f:
c3:fc:a7:dc:74:4f:0c:38:e4:f5:19:bf:70:e8:a4:72:1b:40:
0f:72:b3:22:fa:a9:f3:66:3b:a4:b7:e4:7e:7d:d5:d0:6c:f3:
10:d9:eb:70:0b:8e:27:b5:75:7e:bd:aa:be:b5:48:3d:ee:62:
70:58:be:17:7f:db:fc:53:be:33:a1:10:df:23:2f:f2:8d:d4:
0a:51:05:0a:dc:43:41:6d:dc:e0:e3:1c:bd:26:87:ce:98:00:
ad:c8:c0:33:8c:35:12:64:7c:0e:85:2a:25:e8:b8:dc:3b:db:
5c:89:9e:16:a6:95:ef:11:10:6d:9c:3c:da:23:6c:7d:b0:3d:
70:f5:24:5a:81:9b:a8:2e:c3:40:d2:05:f3:a2:f1:75:77:08:
9a:c1:95:5d:0e:0b:9a:f8:af:81:db:7d:a7:1a:19:7d:6f:8a:
47:43:29:c0:91:38:e5:19:a3:08:a4:04:53:31:ae:ce:96:15:
27:14:98:b3:56:85:a3:89:2a:f5:1c:64:af:b3:c5:9f:4c:d5:
fa:6a:d7:e7:d1:48:77:e3:45:2c:90:e0:7b:18:21:a1:7f:32:
46:8a:04:4f:49:2d:cd:d7:5b:7e:94:8d:e7:99:84:d5:7c:a6:
ad:c2:be:8d
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUca1CXPtIDaasA9PC+GgyLBdWLoUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MzEwMTExMDRaFw0yNjA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDcyYzJiZjhjZWE2Y2FmYmUwMTlkODAzZWZlMGM1ZGY1NmU2NjgzYjQwODU2
NDYwYjdmZmJiZWI2YmVmYjQxNTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALzv06aNWVW9WiwE4h3nesGbrbZ8110DbIhHn7/zLORWMGTHVhCLhX44BYC7
zfWx7QIythxf407PaH4Vuny8/ZARpZDXp/i5Om1oDC1CZOEHHmy/Z7PjOXqoEjdi
IQbCYWfWZMUsvsuBGvfry1ENyRWjzzDVSD/2HwCcF/hmFlzwiW9fH2eFD2MyI2Px
imUhGpjBhq1tyLH4n91e0kZ2ndq0pDTjqG4iU0iZhsH4QmuGTRsZ+z27+wrLrcJG
dSVzQzHF0DqC8EHcmcV77DD78zeCoHQzTKcTgdGmvpIPBmSm7D1R2bw55OE+9Ffl
e6VKUv8WLLobGf8BYQ+83E25or8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSACY6s
+y1Q44sANUwWzhQ14KkHMzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjBlNmE2ODQtN2Y2YS00ZjNmLThjYTUtMGQ1NjZjMmE3ODc1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0FpQ
wDANBgkqhkiG9w0BAQsFAAOCAQEAIatXIbKf7/x0dDe5zbwgpulPw/yn3HRPDDjk
9Rm/cOikchtAD3KzIvqp82Y7pLfkfn3V0GzzENnrcAuOJ7V1fr2qvrVIPe5icFi+
F3/b/FO+M6EQ3yMv8o3UClEFCtxDQW3c4OMcvSaHzpgArcjAM4w1EmR8DoUqJei4
3DvbXImeFqaV7xEQbZw82iNsfbA9cPUkWoGbqC7DQNIF86LxdXcImsGVXQ4Lmviv
gdt9pxoZfW+KR0MpwJE45RmjCKQEUzGuzpYVJxSYs1aFo4kq9Rxkr7PFn0zV+mrX
59FId+NFLJDgexghoX8yRooET0ktzddbfpSN55mE1XymrcK+jQ==
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:00:05 2026 by rpki-client