Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/613f885a-7f25-486b-9eff-fdd6b2c05b65.roa
File: 613f885a-7f25-486b-9eff-fdd6b2c05b65.roa (raw, json)
Hash identifier: UiNKSm0CX5WI8/WyHYlMCGNb2ziSS0d3a5ZIr/kGe30=
Subject key identifier: A1:9E:CA:3F:0A:BB:5A:FC:7F:82:F9:59:ED:98:DD:0A:85:60:AC:E2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3000721FD93E4D50B71C0AD4652A71ACED77F81B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/613f885a-7f25-486b-9eff-fdd6b2c05b65.roa
Signing time: Tue 19 May 2026 05:40:03 +0000
ROA not before: Tue 19 May 2026 05:40:03 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:4080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:00:72:1f:d9:3e:4d:50:b7:1c:0a:d4:65:2a:71:ac:ed:77:f8:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:40:03 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=252b61967d472d12fd15de712ca8447fa509da460cbf659574e8736471a0444b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:ff:f1:39:32:b8:11:9f:0e:be:ab:05:41:76:
b4:01:be:e2:22:fe:fb:a2:bf:ef:5a:00:53:90:d0:
af:00:a3:5a:0c:49:6c:a6:56:3d:27:56:b5:51:f4:
54:74:7d:42:ad:2e:a9:6b:99:66:8e:f2:e5:c4:99:
53:b6:6d:0e:1d:7b:e6:f8:c6:6a:29:7e:9c:60:16:
4e:bf:51:dc:5a:55:ef:18:62:62:0b:3d:6a:cf:3a:
63:69:9c:84:52:7c:16:39:48:ce:4c:67:a9:45:33:
ab:a0:af:0f:00:91:a9:58:01:c0:e4:74:01:c3:9c:
73:f3:74:77:fb:1c:c3:46:ee:6b:d2:26:b5:d3:14:
f8:d5:64:ca:a7:90:b6:1e:80:80:5b:30:6e:1e:f3:
7e:27:b1:35:55:33:88:53:e1:b0:d4:42:48:d0:39:
a8:2d:8f:e0:47:ba:45:91:81:3c:85:2e:66:03:fb:
cc:e4:c2:08:82:77:ce:1e:e9:c4:73:37:7e:80:cf:
23:27:d1:c8:eb:77:8f:93:a1:54:5c:01:d2:b0:80:
fd:68:c1:c7:d1:d8:3a:d9:d4:0a:4d:52:08:84:65:
a3:c2:24:a9:d5:33:a0:ab:6f:df:43:e5:c4:b6:a4:
3a:00:36:a4:22:6c:53:61:02:b1:a3:ad:78:42:fb:
50:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:9E:CA:3F:0A:BB:5A:FC:7F:82:F9:59:ED:98:DD:0A:85:60:AC:E2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/613f885a-7f25-486b-9eff-fdd6b2c05b65.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:4080::/48
Signature Algorithm: sha256WithRSAEncryption
0d:9a:4a:f9:99:57:4d:7f:e1:03:d8:bc:83:2e:b6:e3:52:72:
ce:2b:d7:7b:06:0f:d4:8f:92:0b:e4:3a:4b:9b:1d:24:3c:d5:
0c:75:f9:95:79:2f:3a:04:09:9a:fd:9f:32:43:08:e0:52:d5:
1c:42:a1:2d:50:03:72:5f:bc:a2:46:d9:bd:9a:a2:52:47:0a:
51:65:31:1a:7e:94:0c:bf:f6:dd:79:65:66:43:d9:ab:7f:4d:
32:ed:63:1b:a3:1e:62:71:bf:6b:d1:ee:56:49:e7:a1:3a:23:
ed:72:f3:d1:41:cd:da:89:ae:66:cd:68:ee:38:23:d4:bb:d6:
d0:7b:84:3c:7a:68:c4:99:78:a1:dc:01:6a:16:88:5a:e3:e0:
d2:6c:33:f8:a5:3e:aa:e6:9e:b1:59:17:88:b6:1d:b4:3f:b4:
a9:28:f2:b2:f8:7a:91:38:1d:bb:68:35:57:ba:cd:82:39:ef:
9b:7c:12:2f:13:f1:e9:c3:f2:87:6c:39:71:9f:ce:4c:a5:88:
bb:ce:31:b8:db:cf:a4:19:98:93:82:7a:6f:d3:44:b5:56:e9:
fd:86:1a:e4:f0:67:22:3f:74:a1:be:a2:7a:3a:c4:96:73:27:
91:70:92:ad:6f:60:c2:d4:e2:d4:76:4a:f4:67:b0:4c:32:e2:
ef:9b:5f:9b
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUMAByH9k+TVC3HArUZSpxrO13+BswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTQwMDNaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDI1MmI2MTk2N2Q0NzJkMTJmZDE1ZGU3MTJjYTg0NDdmYTUwOWRhNDYwY2Jm
NjU5NTc0ZTg3MzY0NzFhMDQ0NGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ3/8TkyuBGfDr6rBUF2tAG+4iL++6K/71oAU5DQrwCjWgxJbKZWPSdWtVH0
VHR9Qq0uqWuZZo7y5cSZU7ZtDh175vjGail+nGAWTr9R3FpV7xhiYgs9as86Y2mc
hFJ8FjlIzkxnqUUzq6CvDwCRqVgBwOR0AcOcc/N0d/scw0bua9ImtdMU+NVkyqeQ
th6AgFswbh7zfiexNVUziFPhsNRCSNA5qC2P4Ee6RZGBPIUuZgP7zOTCCIJ3zh7p
xHM3foDPIyfRyOt3j5OhVFwB0rCA/WjBx9HYOtnUCk1SCIRlo8IkqdUzoKtv30Pl
xLakOgA2pCJsU2ECsaOteEL7UC0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBShnso/
Crta/H+C+VntmN0KhWCs4jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjEzZjg4NWEtN2YyNS00ODZiLTllZmYtZmRkNmIyYzA1YjY1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABA
gDANBgkqhkiG9w0BAQsFAAOCAQEADZpK+ZlXTX/hA9i8gy6241JyzivXewYP1I+S
C+Q6S5sdJDzVDHX5lXkvOgQJmv2fMkMI4FLVHEKhLVADcl+8okbZvZqiUkcKUWUx
Gn6UDL/23XllZkPZq39NMu1jG6MeYnG/a9HuVknnoToj7XLz0UHN2omuZs1o7jgj
1LvW0HuEPHpoxJl4odwBahaIWuPg0mwz+KU+quaesVkXiLYdtD+0qSjysvh6kTgd
u2g1V7rNgjnvm3wSLxPx6cPyh2w5cZ/OTKWIu84xuNvPpBmYk4J6b9NEtVbp/YYa
5PBnIj90ob6iejrElnMnkXCSrW9gwtTi1HZK9GewTDLi75tfmw==
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:01:57 2026 by rpki-client