Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6f78d89d-1d32-4176-8f3e-9966f674843e.roa
File: 6f78d89d-1d32-4176-8f3e-9966f674843e.roa (raw, json)
Hash identifier: cW8Aj4tQtSgrzQq2EB/p/JToq+e2I66CeK2q5oJcanU=
Subject key identifier: 3E:10:44:2D:07:8C:2C:EC:F3:0C:08:F8:9B:71:B5:E5:77:36:F1:35
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4876B07A3883023B55C33C44D8DCB5C7DCDB4613
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6f78d89d-1d32-4176-8f3e-9966f674843e.roa
Signing time: Tue 19 May 2026 05:01:12 +0000
ROA not before: Tue 19 May 2026 05:01:12 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:76:b0:7a:38:83:02:3b:55:c3:3c:44:d8:dc:b5:c7:dc:db:46:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:01:12 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=56c8fa9eff1f1a4d6a56a3300d925308b02e4cd479dade798ff0d5128ca814e1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:eb:dd:06:26:61:97:a3:d2:f0:2e:6d:9b:14:
8c:1b:20:d1:4f:45:89:8b:51:fe:bf:13:be:b7:d0:
8a:bb:e1:67:97:84:ce:df:78:30:38:0f:b7:06:ef:
a5:4a:70:36:fe:cd:3c:2f:7c:a7:c8:1e:5e:4c:2f:
ee:3f:a3:9d:ee:da:2e:4b:a9:49:3a:dc:22:4c:52:
56:b3:55:f7:08:ce:7c:43:ca:78:5d:a0:2e:98:e3:
9b:91:cb:94:bf:be:0c:d5:f3:00:59:ed:be:50:c4:
71:c8:a2:08:2f:08:6e:5e:bc:29:76:94:6a:01:76:
b8:27:10:b9:c6:5f:a9:9d:4e:10:28:c4:ce:42:92:
a4:b7:24:4e:a7:f6:ce:c0:9c:8f:e8:6d:4e:15:12:
e1:53:ed:d7:a4:f2:89:2e:4c:e3:97:99:e2:31:04:
28:df:bf:8b:43:e7:88:08:f2:a6:74:7e:6b:0d:59:
26:92:0a:0e:c0:39:c6:22:41:e2:99:6f:06:f1:c7:
1f:38:bf:80:98:ab:f5:c6:77:3b:92:5a:e6:2a:3c:
19:59:e1:44:d4:ea:90:33:c1:db:2f:3b:ef:90:e5:
b1:5c:d8:48:e4:13:45:a1:03:ca:d4:06:67:7c:07:
2a:92:3c:28:f3:f0:be:cd:fa:b7:1a:a3:31:e2:bb:
97:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:10:44:2D:07:8C:2C:EC:F3:0C:08:F8:9B:71:B5:E5:77:36:F1:35
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6f78d89d-1d32-4176-8f3e-9966f674843e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071::/32
Signature Algorithm: sha256WithRSAEncryption
92:e4:27:f4:2f:8c:5b:d6:87:cd:2b:a1:6b:a5:d9:34:1b:d0:
5a:89:9b:82:71:e5:2f:1e:33:d2:d4:8b:4e:8a:90:d4:37:f6:
f3:f1:88:6a:33:55:6d:57:52:6c:03:8c:dc:17:8e:da:9c:e3:
23:5a:b5:d1:a0:5c:db:85:94:3d:83:72:74:3a:6e:a2:00:dc:
10:72:08:cd:fa:7e:cb:1b:f4:de:d5:a3:c9:18:dd:a7:7c:a9:
7a:24:ea:d7:83:c7:fd:46:fc:c9:a1:e8:b9:a0:2e:e5:a3:16:
30:82:45:d2:29:87:4f:41:09:ac:27:1f:23:d4:97:b9:5f:0c:
e2:22:3e:1b:fd:fc:dc:39:7f:b1:89:59:5b:1b:be:66:3d:c4:
b2:01:33:fd:40:52:d1:22:d5:0a:b2:09:50:29:cd:ac:d7:b9:
9f:4a:cd:ec:51:cf:9d:96:3e:eb:63:43:4e:20:92:da:6b:13:
6b:f7:ec:4e:b9:ec:9b:2c:aa:dd:25:ea:2c:2e:4a:7e:c8:4a:
8d:ff:27:59:81:c0:74:54:ea:51:8b:1c:69:d2:7d:13:71:52:
3c:69:0a:12:ff:b6:d2:30:fc:b8:6a:9a:15:d3:48:3f:3c:bf:
e5:e9:e5:d9:04:33:26:03:84:6c:7f:05:4e:9e:3a:1b:73:47:
fc:52:e7:b0
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUSHawejiDAjtVwzxE2Ny1x9zbRhMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTAxMTJaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDU2YzhmYTllZmYxZjFhNGQ2YTU2YTMzMDBkOTI1MzA4YjAyZTRjZDQ3OWRh
ZGU3OThmZjBkNTEyOGNhODE0ZTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMnr3QYmYZej0vAubZsUjBsg0U9FiYtR/r8TvrfQirvhZ5eEzt94MDgPtwbv
pUpwNv7NPC98p8geXkwv7j+jne7aLkupSTrcIkxSVrNV9wjOfEPKeF2gLpjjm5HL
lL++DNXzAFntvlDEcciiCC8Ibl68KXaUagF2uCcQucZfqZ1OECjEzkKSpLckTqf2
zsCcj+htThUS4VPt16TyiS5M45eZ4jEEKN+/i0PniAjypnR+aw1ZJpIKDsA5xiJB
4plvBvHHHzi/gJir9cZ3O5Ja5io8GVnhRNTqkDPB2y8775DlsVzYSOQTRaEDytQG
Z3wHKpI8KPPwvs36txqjMeK7l98CAwEAAaOCAiIwggIeMB0GA1UdDgQWBBQ+EEQt
B4ws7PMMCPibcbXldzbxNTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmY3OGQ4OWQtMWQzMi00MTc2LThmM2UtOTk2NmY2NzQ4NDNlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0HEw
DQYJKoZIhvcNAQELBQADggEBAJLkJ/QvjFvWh80roWul2TQb0FqJm4Jx5S8eM9LU
i06KkNQ39vPxiGozVW1XUmwDjNwXjtqc4yNatdGgXNuFlD2DcnQ6bqIA3BByCM36
fssb9N7Vo8kY3ad8qXok6teDx/1G/Mmh6LmgLuWjFjCCRdIph09BCawnHyPUl7lf
DOIiPhv9/Nw5f7GJWVsbvmY9xLIBM/1AUtEi1QqyCVApzazXuZ9KzexRz52WPutj
Q04gktprE2v37E657Jssqt0l6iwuSn7ISo3/J1mBwHRU6lGLHGnSfRNxUjxpChL/
ttIw/LhqmhXTSD88v+Xp5dkEMyYDhGx/BU6eOhtzR/xS57A=
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:24:33 2026 by rpki-client