Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/76a60505-d74d-4741-a42e-97a09bb6b2a1.roa
File: 76a60505-d74d-4741-a42e-97a09bb6b2a1.roa (raw, json)
Hash identifier: IE4X0TYBlbuXycqqYECB9mjRWHr1vM9HPJK+MpQSovk=
Subject key identifier: DC:11:82:6A:38:7D:FF:8D:7C:35:95:5A:13:F0:99:B1:A8:76:36:7B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4059FA7EE713D8EB88F1E1DCD70BD0A0EC1EE7B5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/76a60505-d74d-4741-a42e-97a09bb6b2a1.roa
Signing time: Tue 19 May 2026 05:20:41 +0000
ROA not before: Tue 19 May 2026 05:20:41 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:8080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:59:fa:7e:e7:13:d8:eb:88:f1:e1:dc:d7:0b:d0:a0:ec:1e:e7:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:20:41 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=366bcea46f38c40b2ebf2ae87243cc99e434299504e7231582c3aa4e71ba81a7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:e1:b1:20:78:b5:63:bc:6b:44:a5:c1:ee:64:
be:d8:ef:f5:63:52:c1:01:23:f1:6b:05:e5:26:d9:
28:22:2e:f1:82:7f:5b:f4:40:d4:bf:36:41:93:4c:
52:3d:64:7b:1a:fa:e7:29:cd:8c:d1:2b:9d:ab:5e:
33:52:a0:13:78:a6:13:24:22:27:61:0d:53:48:a7:
2b:17:a6:b2:78:e0:83:23:9b:81:b2:16:38:12:84:
e2:5c:60:87:54:39:8e:bc:d2:68:8a:e3:89:10:34:
51:bf:ba:76:af:1f:21:b1:df:ca:47:44:e6:76:14:
0e:17:bf:96:fa:26:85:e4:d7:65:77:d3:84:6e:b1:
03:d8:b8:7c:ea:5e:1a:b7:12:7c:35:14:48:fb:83:
a3:9f:ec:a5:a5:64:e6:35:cb:28:9a:b4:99:d9:c5:
0d:a9:f1:d9:b1:5a:64:9d:9f:1e:6c:df:18:eb:be:
51:54:43:81:74:00:d3:ae:31:eb:b1:c5:a3:f3:9f:
02:f6:81:de:fe:89:e8:50:f3:c5:a9:34:f9:2f:bb:
4f:c4:06:cc:2e:a0:bb:45:ee:01:c2:6a:20:ff:87:
95:69:92:1d:9a:57:fe:7d:a1:7b:dc:13:5d:0c:81:
fa:94:35:ea:f0:30:2f:1f:87:11:ef:2f:38:73:57:
21:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:11:82:6A:38:7D:FF:8D:7C:35:95:5A:13:F0:99:B1:A8:76:36:7B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/76a60505-d74d-4741-a42e-97a09bb6b2a1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:8080::/48
Signature Algorithm: sha256WithRSAEncryption
78:45:6c:d2:96:11:35:f8:e7:25:a5:12:ee:51:d9:cf:11:de:
26:56:1f:ee:e4:d8:c2:df:1b:97:5f:5c:3b:0f:57:cc:b9:0d:
fe:23:4d:66:fe:03:b6:f3:4c:1d:d7:e3:38:0e:4d:63:b2:4e:
87:b4:ff:ff:94:4e:ee:c4:67:bb:71:cf:3a:e9:d2:3c:0a:79:
d4:00:3f:d2:f0:3a:41:ec:ba:cf:ef:a5:38:a4:50:52:31:23:
76:e8:e9:cb:c6:e8:af:d2:9a:74:b3:c1:75:fb:8a:1b:40:00:
0d:86:49:23:e3:90:84:ce:31:9d:10:5f:c6:22:bf:ab:f7:e8:
33:9e:5e:8b:58:5b:7c:6a:51:4c:90:62:c1:bb:60:2b:a1:0a:
a5:74:98:ac:10:ae:fc:9e:8b:cb:6f:62:f2:4b:d1:6b:cf:5f:
31:14:af:fa:ff:b1:7f:4c:2c:a7:b1:4a:93:f7:0a:26:dc:20:
16:a2:27:d9:e1:0e:bb:57:b7:b3:61:d1:89:a5:c9:9f:d7:ec:
d5:1a:e0:d5:ed:53:3c:6c:3d:a8:20:dd:d5:39:db:00:71:32:
84:46:a1:83:6f:32:0b:4b:6b:b6:e0:25:6a:cb:ea:c6:80:36:
3b:a9:78:fd:94:09:6d:f2:0e:11:f0:f5:f2:ac:b5:2f:04:d5:
11:d4:a1:8d
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUQFn6fucT2OuI8eHc1wvQoOwe57UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTIwNDFaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDM2NmJjZWE0NmYzOGM0MGIyZWJmMmFlODcyNDNjYzk5ZTQzNDI5OTUwNGU3
MjMxNTgyYzNhYTRlNzFiYTgxYTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ3hsSB4tWO8a0Slwe5kvtjv9WNSwQEj8WsF5SbZKCIu8YJ/W/RA1L82QZNM
Uj1kexr65ynNjNErnateM1KgE3imEyQiJ2ENU0inKxemsnjggyObgbIWOBKE4lxg
h1Q5jrzSaIrjiRA0Ub+6dq8fIbHfykdE5nYUDhe/lvomheTXZXfThG6xA9i4fOpe
GrcSfDUUSPuDo5/spaVk5jXLKJq0mdnFDanx2bFaZJ2fHmzfGOu+UVRDgXQA064x
67HFo/OfAvaB3v6J6FDzxak0+S+7T8QGzC6gu0XuAcJqIP+HlWmSHZpX/n2he9wT
XQyB+pQ16vAwLx+HEe8vOHNXIXUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTcEYJq
OH3/jXw1lVoT8JmxqHY2ezAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzZhNjA1MDUtZDc0ZC00NzQxLWE0MmUtOTdhMDliYjZiMmExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
gDANBgkqhkiG9w0BAQsFAAOCAQEAeEVs0pYRNfjnJaUS7lHZzxHeJlYf7uTYwt8b
l19cOw9XzLkN/iNNZv4DtvNMHdfjOA5NY7JOh7T//5RO7sRnu3HPOunSPAp51AA/
0vA6Qey6z++lOKRQUjEjdujpy8bor9KadLPBdfuKG0AADYZJI+OQhM4xnRBfxiK/
q/foM55ei1hbfGpRTJBiwbtgK6EKpXSYrBCu/J6Ly29i8kvRa89fMRSv+v+xf0ws
p7FKk/cKJtwgFqIn2eEOu1e3s2HRiaXJn9fs1Rrg1e1TPGw9qCDd1TnbAHEyhEah
g28yC0trtuAlasvqxoA2O6l4/ZQJbfIOEfD18qy1LwTVEdShjQ==
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:11:48 2026 by rpki-client