Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/70d9b32d-6db3-4971-bdb4-e5dd251f6705.roa
File: 70d9b32d-6db3-4971-bdb4-e5dd251f6705.roa (raw, json)
Hash identifier: v5Jxj4c+ipFjWPFofsZulb7B2FIKndHY+Ry8I3Khtw4=
Subject key identifier: B7:05:C0:D9:6D:95:50:D3:32:7A:56:B0:5A:9F:A2:EE:29:9C:EA:72
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2EAEEA52BD7D8B977619753FF46782B210BFDDF6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/70d9b32d-6db3-4971-bdb4-e5dd251f6705.roa
Signing time: Tue 19 May 2026 04:50:53 +0000
ROA not before: Tue 19 May 2026 04:50:53 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d075:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:ae:ea:52:bd:7d:8b:97:76:19:75:3f:f4:67:82:b2:10:bf:dd:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:50:53 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=2f05eb5a8caf7d4021a7491590a10a14b8addb92fa47987066f221780459755c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:8f:24:ef:0a:59:50:75:1f:a2:7c:5c:4c:42:
b1:63:c0:83:af:ea:4c:35:19:0d:f6:1e:0e:a7:8e:
12:fc:99:0d:3f:7c:d6:2b:90:c0:56:0a:97:6d:5d:
5f:e6:4c:ed:25:2e:d6:68:46:4e:f6:08:2e:2e:47:
53:df:ef:f2:6a:c4:d3:29:a6:67:65:8e:5a:a4:72:
93:e3:14:cd:f8:4b:8a:26:ef:5c:06:f2:d1:c8:c2:
67:f3:d5:36:b0:86:02:f2:bd:2d:40:04:a5:c8:0f:
49:88:c4:12:b5:02:e7:f0:4a:22:2b:d4:25:e6:14:
47:e4:ac:27:cd:b9:9a:12:93:ef:8e:3f:fb:a8:e3:
18:ee:ac:15:65:8a:c5:23:3c:f4:e3:e2:c9:30:37:
7d:7f:e5:ae:c0:97:0c:56:bb:24:e7:8d:27:8a:48:
42:75:a5:86:85:95:81:bd:16:d1:db:2a:3b:7e:89:
ad:ac:a1:9e:b6:7c:0e:98:a4:8d:d6:f2:be:f5:83:
3b:f0:23:53:77:78:4b:bd:af:8c:1d:9b:9f:06:bb:
5e:86:61:2e:04:2d:4c:3a:67:4c:72:30:8c:12:55:
2e:5b:a8:f8:d0:da:78:35:95:07:4a:37:c4:f6:e6:
e9:8b:0f:11:b6:ce:3b:90:29:cb:7f:17:21:1a:8b:
dc:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:05:C0:D9:6D:95:50:D3:32:7A:56:B0:5A:9F:A2:EE:29:9C:EA:72
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/70d9b32d-6db3-4971-bdb4-e5dd251f6705.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d075:5000::/40
Signature Algorithm: sha256WithRSAEncryption
07:24:6f:a4:7a:09:96:78:3f:98:95:37:45:e6:f1:9f:81:cd:
71:0f:b3:71:25:71:16:d9:97:9d:77:6b:24:00:6e:2e:05:4a:
37:2b:4f:25:fb:46:3b:05:c6:40:66:85:35:89:81:64:dc:d5:
a4:a3:16:b0:0e:23:b7:f7:cc:9a:12:99:f5:42:e9:d1:f2:3e:
7e:48:ff:97:a1:d2:9f:3e:56:0b:6d:7d:96:79:4f:a0:80:99:
de:f8:24:51:99:6f:99:aa:c8:6f:2d:28:54:8f:f0:c3:70:14:
66:e8:77:33:03:12:2f:be:31:82:dc:ba:b9:49:e4:72:bf:d7:
eb:85:4e:86:5b:19:78:b2:f9:c1:f1:93:d1:4a:e7:0b:1e:1e:
14:65:91:f7:00:83:8e:54:4e:22:17:84:12:0d:e1:b2:f1:1c:
df:b2:89:36:ba:43:d1:29:7c:2a:16:71:42:f7:fe:08:aa:70:
ee:c8:a5:79:1d:3e:07:6f:24:15:26:e9:f0:bf:95:7d:fe:bd:
54:ed:48:64:87:72:42:27:2c:4e:2f:2c:35:86:7e:fe:2f:bc:
ca:36:79:19:c8:30:e1:86:2f:f6:dc:3d:a2:ab:3d:aa:e5:ab:
f0:18:54:72:5b:9f:a3:09:3a:c6:3c:da:fa:d2:f5:10:d2:fa:
d4:13:47:7a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULq7qUr19i5d2GXU/9GeCshC/3fYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDUwNTNaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDJmMDVlYjVhOGNhZjdkNDAyMWE3NDkxNTkwYTEwYTE0YjhhZGRiOTJmYTQ3
OTg3MDY2ZjIyMTc4MDQ1OTc1NWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJePJO8KWVB1H6J8XExCsWPAg6/qTDUZDfYeDqeOEvyZDT981iuQwFYKl21d
X+ZM7SUu1mhGTvYILi5HU9/v8mrE0ymmZ2WOWqRyk+MUzfhLiibvXAby0cjCZ/PV
NrCGAvK9LUAEpcgPSYjEErUC5/BKIivUJeYUR+SsJ825mhKT744/+6jjGO6sFWWK
xSM89OPiyTA3fX/lrsCXDFa7JOeNJ4pIQnWlhoWVgb0W0dsqO36JrayhnrZ8Dpik
jdbyvvWDO/AjU3d4S72vjB2bnwa7XoZhLgQtTDpnTHIwjBJVLluo+NDaeDWVB0o3
xPbm6YsPEbbOO5Apy38XIRqL3EkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS3BcDZ
bZVQ0zJ6VrBan6LuKZzqcjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzBkOWIzMmQtNmRiMy00OTcxLWJkYjQtZTVkZDI1MWY2NzA1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HVQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAHJG+kegmWeD+YlTdF5vGfgc1xD7NxJXEW2Zed
d2skAG4uBUo3K08l+0Y7BcZAZoU1iYFk3NWkoxawDiO398yaEpn1QunR8j5+SP+X
odKfPlYLbX2WeU+ggJne+CRRmW+ZqshvLShUj/DDcBRm6HczAxIvvjGC3Lq5SeRy
v9frhU6GWxl4svnB8ZPRSucLHh4UZZH3AIOOVE4iF4QSDeGy8Rzfsok2ukPRKXwq
FnFC9/4IqnDuyKV5HT4HbyQVJunwv5V9/r1U7Uhkh3JCJyxOLyw1hn7+L7zKNnkZ
yDDhhi/23D2iqz2q5avwGFRyW5+jCTrGPNr60vUQ0vrUE0d6
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:12:04 2026 by rpki-client