Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/67362d1f-2bfd-40d7-a59b-8f1fca2c63fc.roa
File: 67362d1f-2bfd-40d7-a59b-8f1fca2c63fc.roa (raw, json)
Hash identifier: hs0i2pUPrQfqHJMqbKQ5cyB6pY8075kaAP8/OvuUc9w=
Subject key identifier: DD:A0:59:00:6D:5E:7F:A4:CE:3E:E6:FE:EE:56:2C:43:B9:E9:4A:31
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 640F28FACAF614E4F1969F131F26B64BBC30577A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/67362d1f-2bfd-40d7-a59b-8f1fca2c63fc.roa
Signing time: Sun 31 May 2026 00:30:20 +0000
ROA not before: Sun 31 May 2026 00:30:20 +0000
ROA not after: Sat 29 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d05a:4020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:0f:28:fa:ca:f6:14:e4:f1:96:9f:13:1f:26:b6:4b:bc:30:57:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 31 00:30:20 2026 GMT
Not After : Aug 29 23:59:59 2026 GMT
Subject: serialNumber=3468e5b20d9ade1928877f7b2dba667366174645cfae2e9301aaec9301871cd2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:7f:a1:23:62:57:1a:36:b9:b7:5d:d3:97:76:
68:cf:6d:b0:d6:81:50:59:0b:6a:27:b5:d7:32:99:
de:03:56:d0:6e:cc:03:1f:d7:99:f7:4c:49:a3:ce:
b3:a4:f2:8e:aa:e9:76:7a:94:7a:e3:be:7c:16:94:
33:bf:d9:2f:89:9b:7c:17:4b:8f:76:3c:84:a2:7b:
ac:b2:09:25:80:16:dc:d1:d3:1b:5c:ae:59:77:ce:
a7:df:86:75:e3:78:4d:37:2a:5c:7c:ed:07:63:cf:
0c:cd:92:6e:27:d0:a9:ec:d4:04:dd:7e:3a:d7:3d:
8d:29:b2:4f:e6:a8:3a:bd:f6:9f:3a:66:5a:f0:bd:
19:58:57:d2:76:0d:cc:01:a6:e5:56:e1:59:fc:0a:
b8:29:57:4a:1f:fb:76:a5:5a:51:73:95:55:3b:bf:
5f:e0:3d:a0:0f:ef:2f:98:11:36:96:99:6c:7f:40:
69:93:18:5b:27:40:d7:72:b3:3b:72:9f:7d:f6:41:
54:df:5a:2f:63:c0:40:36:cb:07:dd:d6:d8:ce:c2:
51:87:a2:d0:c9:5e:65:74:e1:73:54:12:72:26:5a:
fe:3a:6a:85:b3:cd:3c:f4:d7:b4:8d:36:30:9a:bb:
74:2c:cd:aa:e2:94:c3:f8:3f:d5:36:04:27:22:24:
8a:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:A0:59:00:6D:5E:7F:A4:CE:3E:E6:FE:EE:56:2C:43:B9:E9:4A:31
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/67362d1f-2bfd-40d7-a59b-8f1fca2c63fc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d05a:4020::/48
Signature Algorithm: sha256WithRSAEncryption
23:f7:12:b3:d9:1a:05:7b:e9:7e:bc:12:a2:6e:53:cb:fd:cf:
08:1e:7e:51:bd:0b:dd:db:f2:8e:1f:70:3d:5b:9a:ce:81:5d:
8d:c9:d1:57:46:72:62:7f:e0:a9:4b:3f:2c:02:aa:74:d8:ea:
cc:cc:48:05:d7:0b:11:29:ca:2a:c2:e4:3c:ac:81:2a:34:7c:
9d:50:4f:63:b5:ee:5c:55:33:31:d3:4a:41:49:80:2f:85:4c:
36:c4:88:ce:9c:f7:3c:ac:f3:a6:90:28:8a:43:bf:a9:29:18:
d4:4a:03:73:bc:8f:09:fa:00:a8:02:64:a4:e0:5f:b7:d5:a3:
74:6c:ce:14:7b:23:ed:da:a4:a8:48:38:50:11:f2:70:e4:99:
c5:6c:65:38:15:e3:3d:ec:d5:23:39:7a:88:de:b0:d7:21:62:
d8:92:6b:fa:a1:b0:26:cb:8e:25:ba:0d:19:a1:1b:fa:a0:f6:
e1:8c:c6:d9:36:60:ff:6f:0b:8d:c2:0d:5e:ad:9b:7a:3d:b9:
1b:33:31:bd:2a:ce:cc:ea:88:c8:18:e7:91:26:48:9b:2d:5b:
d0:d2:56:b4:9c:59:49:d6:7a:89:fc:05:db:73:2b:20:aa:a9:
80:6f:3f:18:40:1e:cd:c5:bd:51:07:47:72:6b:75:77:08:aa:
83:32:98:17
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUZA8o+sr2FOTxlp8THya2S7wwV3owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MzEwMDMwMjBaFw0yNjA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDM0NjhlNWIyMGQ5YWRlMTkyODg3N2Y3YjJkYmE2NjczNjYxNzQ2NDVjZmFl
MmU5MzAxYWFlYzkzMDE4NzFjZDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIV/oSNiVxo2ubdd05d2aM9tsNaBUFkLaie11zKZ3gNW0G7MAx/XmfdMSaPO
s6TyjqrpdnqUeuO+fBaUM7/ZL4mbfBdLj3Y8hKJ7rLIJJYAW3NHTG1yuWXfOp9+G
deN4TTcqXHztB2PPDM2SbifQqezUBN1+Otc9jSmyT+aoOr32nzpmWvC9GVhX0nYN
zAGm5VbhWfwKuClXSh/7dqVaUXOVVTu/X+A9oA/vL5gRNpaZbH9AaZMYWydA13Kz
O3KfffZBVN9aL2PAQDbLB93W2M7CUYei0MleZXThc1QSciZa/jpqhbPNPPTXtI02
MJq7dCzNquKUw/g/1TYEJyIkirMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTdoFkA
bV5/pM4+5v7uVixDuelKMTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjczNjJkMWYtMmJmZC00MGQ3LWE1OWItOGYxZmNhMmM2M2ZjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0FpA
IDANBgkqhkiG9w0BAQsFAAOCAQEAI/cSs9kaBXvpfrwSom5Ty/3PCB5+Ub0L3dvy
jh9wPVuazoFdjcnRV0ZyYn/gqUs/LAKqdNjqzMxIBdcLESnKKsLkPKyBKjR8nVBP
Y7XuXFUzMdNKQUmAL4VMNsSIzpz3PKzzppAoikO/qSkY1EoDc7yPCfoAqAJkpOBf
t9WjdGzOFHsj7dqkqEg4UBHycOSZxWxlOBXjPezVIzl6iN6w1yFi2JJr+qGwJsuO
JboNGaEb+qD24YzG2TZg/28LjcINXq2bej25GzMxvSrOzOqIyBjnkSZImy1b0NJW
tJxZSdZ6ifwF23MrIKqpgG8/GEAezcW9UQdHcmt1dwiqgzKYFw==
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:12:02 2026 by rpki-client