Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6b2e0088-d64a-4b72-ab4f-8299ca986086.roa
File: 6b2e0088-d64a-4b72-ab4f-8299ca986086.roa (raw, json)
Hash identifier: ob/SqtwFxBSToowSGZPK2y9cMblezoPWGV2FghYA67U=
Subject key identifier: F4:60:EE:D1:8B:BE:38:9B:6D:1D:F0:63:E9:AB:83:10:C4:A7:5B:84
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 68CFD24F0FDE409F5B123A8C063B1E83EAB26557
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6b2e0088-d64a-4b72-ab4f-8299ca986086.roa
Signing time: Fri 03 Apr 2026 02:30:15 +0000
ROA not before: Fri 03 Apr 2026 02:30:15 +0000
ROA not after: Thu 02 Jul 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06b:a000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:cf:d2:4f:0f:de:40:9f:5b:12:3a:8c:06:3b:1e:83:ea:b2:65:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 3 02:30:15 2026 GMT
Not After : Jul 2 23:59:59 2026 GMT
Subject: serialNumber=ced9354a9f32459038db2599760392e13814a2eeea207c295cbb2d464bc5f78b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:b0:2c:c9:c3:23:19:9a:ec:54:8f:84:84:ac:
f9:77:e3:be:d3:8d:a4:84:01:79:87:3d:b2:9c:96:
4b:15:33:d5:57:2a:9d:04:b9:d7:48:1b:bc:ca:84:
07:ec:eb:7d:95:e4:04:db:35:8d:18:dd:fc:d9:42:
0b:a8:77:8a:e6:6c:3d:46:a8:9b:9d:82:b9:32:c9:
56:cc:54:7b:85:65:57:aa:54:73:65:b1:85:71:a0:
09:da:c0:b1:92:00:1f:fd:88:5e:d0:ba:7a:7b:fa:
f8:17:35:2d:38:84:74:ca:26:a5:28:50:6d:24:4c:
b5:42:e9:07:a3:09:ff:12:01:0a:a6:8d:0d:d7:b2:
40:89:cc:a2:ef:98:08:be:9f:d7:bb:cc:59:93:96:
9a:24:5e:70:c8:f9:ce:13:a0:a6:c8:2c:3d:68:e4:
73:94:13:f0:17:8c:74:8f:1c:ed:2d:f0:2e:e6:5d:
dd:9b:87:08:d3:03:01:33:8c:07:4b:36:1d:48:21:
61:57:9b:2d:04:d0:ce:19:6e:9d:e2:5c:81:7d:d6:
30:d5:73:39:fa:6a:53:57:3b:cb:58:09:e5:67:c0:
12:1e:99:cc:0b:25:12:0d:63:89:28:98:86:b4:a2:
94:f8:8d:7b:55:bf:fc:cd:c0:30:e1:c3:1f:80:84:
25:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:60:EE:D1:8B:BE:38:9B:6D:1D:F0:63:E9:AB:83:10:C4:A7:5B:84
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6b2e0088-d64a-4b72-ab4f-8299ca986086.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06b:a000::/40
Signature Algorithm: sha256WithRSAEncryption
0b:58:af:5a:d5:4d:10:53:b8:21:d7:71:88:31:c8:ea:30:f6:
98:32:12:94:49:d9:9e:d6:a3:d1:44:b4:e3:1c:a0:f3:ed:33:
47:df:8a:20:e8:27:a0:cc:06:78:7e:bb:c6:04:dd:6e:e0:d2:
31:d8:d0:f3:77:66:8c:6a:e2:73:75:c5:4d:34:5b:86:bf:d3:
c9:8a:95:1f:f9:13:6b:87:9f:c7:87:f4:03:ca:ee:5b:c2:4d:
28:8d:c8:55:c1:90:d5:03:45:e4:f2:7c:f9:ff:3a:85:d7:a0:
b9:94:49:eb:f7:17:50:9f:40:9f:6e:40:28:a2:4a:6c:c8:8f:
1b:80:26:25:48:55:e3:5f:fa:9e:54:50:c7:24:38:f2:4f:e7:
55:b9:63:11:24:8d:94:eb:1d:b9:5b:d0:76:f6:af:1a:34:c3:
4a:4f:6d:d7:c4:75:f5:29:71:a5:4d:f0:b3:34:86:86:8a:70:
4e:cb:c1:88:c0:44:94:8e:95:0e:73:d6:f7:84:72:e2:e5:f3:
ed:d8:97:56:f9:5c:cc:8e:37:92:d1:6b:da:fe:59:5c:d5:36:
97:be:49:46:ca:33:e4:dc:4b:b9:7a:f3:89:e6:a4:84:56:07:
62:d4:48:0e:ed:26:5b:c6:b2:e3:a5:12:dc:34:7c:b1:32:28:
26:6d:be:ac
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUaM/STw/eQJ9bEjqMBjseg+qyZVcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA0MDMwMjMwMTVaFw0yNjA3MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQGNlZDkzNTRhOWYzMjQ1OTAzOGRiMjU5OTc2MDM5MmUxMzgxNGEyZWVlYTIw
N2MyOTVjYmIyZDQ2NGJjNWY3OGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANuwLMnDIxma7FSPhISs+XfjvtONpIQBeYc9spyWSxUz1VcqnQS510gbvMqE
B+zrfZXkBNs1jRjd/NlCC6h3iuZsPUaom52CuTLJVsxUe4VlV6pUc2WxhXGgCdrA
sZIAH/2IXtC6env6+Bc1LTiEdMompShQbSRMtULpB6MJ/xIBCqaNDdeyQInMou+Y
CL6f17vMWZOWmiRecMj5zhOgpsgsPWjkc5QT8BeMdI8c7S3wLuZd3ZuHCNMDATOM
B0s2HUghYVebLQTQzhluneJcgX3WMNVzOfpqU1c7y1gJ5WfAEh6ZzAslEg1jiSiY
hrSilPiNe1W//M3AMOHDH4CEJZUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT0YO7R
i744m20d8GPpq4MQxKdbhDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmIyZTAwODgtZDY0YS00YjcyLWFiNGYtODI5OWNhOTg2MDg2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Gug
MA0GCSqGSIb3DQEBCwUAA4IBAQALWK9a1U0QU7gh13GIMcjqMPaYMhKUSdme1qPR
RLTjHKDz7TNH34og6CegzAZ4frvGBN1u4NIx2NDzd2aMauJzdcVNNFuGv9PJipUf
+RNrh5/Hh/QDyu5bwk0ojchVwZDVA0Xk8nz5/zqF16C5lEnr9xdQn0CfbkAookps
yI8bgCYlSFXjX/qeVFDHJDjyT+dVuWMRJI2U6x25W9B29q8aNMNKT23XxHX1KXGl
TfCzNIaGinBOy8GIwESUjpUOc9b3hHLi5fPt2JdW+VzMjjeS0Wva/llc1TaXvklG
yjPk3Eu5evOJ5qSEVgdi1EgO7SZbxrLjpRLcNHyxMigmbb6s
-----END CERTIFICATE-----
Generated at Fri Apr 17 05:44:28 2026 by rpki-client