Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/789b916e-f243-42f2-b85b-bd63213bae26.roa
File: 789b916e-f243-42f2-b85b-bd63213bae26.roa (raw, json)
Hash identifier: gg+L7XxlWcXTAQaMg/edwmEuY2qboraN9P00TGNZsjQ=
Subject key identifier: C4:46:BC:2E:14:84:46:9C:E7:50:94:B0:8C:D7:85:D1:65:A7:BD:B0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 263BF12F8FEC8B59720E9DD0340D081624E423D0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/789b916e-f243-42f2-b85b-bd63213bae26.roa
Signing time: Fri 22 May 2026 16:01:54 +0000
ROA not before: Fri 22 May 2026 16:01:54 +0000
ROA not after: Thu 20 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d062:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:3b:f1:2f:8f:ec:8b:59:72:0e:9d:d0:34:0d:08:16:24:e4:23:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 22 16:01:54 2026 GMT
Not After : Aug 20 23:59:59 2026 GMT
Subject: serialNumber=08abbdd86d2f878901af2a94e09d5da6818aa71cb256a5d5b933712ac10c0234, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:6a:44:f1:8d:63:4b:3f:2d:f4:c1:51:6b:be:
66:a5:73:f0:e9:96:f4:38:75:ee:73:41:00:8d:a5:
ae:a1:90:82:ab:fc:62:c6:af:26:97:06:56:c5:39:
73:5f:87:a1:a4:35:be:5c:7c:30:1c:ce:96:d4:a7:
eb:4a:c4:84:57:22:69:6f:a5:61:75:d4:cf:ff:01:
59:19:72:47:d0:b8:99:17:3c:bd:c6:9a:ad:07:2e:
66:7a:5c:2e:22:9b:39:13:5d:d4:d1:af:27:5b:dd:
89:82:b8:db:db:53:53:21:e5:03:11:4c:96:94:74:
12:01:b0:36:63:3e:da:e6:fb:b2:ab:99:aa:c0:39:
4c:8c:b2:5b:70:5d:00:a3:85:9c:5f:ad:05:bc:dc:
fc:6d:82:0e:cb:7b:34:21:8b:b7:50:3b:48:06:bd:
f1:f3:de:0b:1c:29:53:3d:eb:ad:08:cf:b9:c1:4d:
11:82:f5:7c:c7:a2:3f:96:cb:c3:1f:9e:6e:70:ac:
f1:0a:18:98:b9:76:8b:d4:f6:af:8c:df:ed:06:22:
ac:0a:bb:38:ee:e3:6f:30:a9:d9:1a:73:0a:f8:bd:
ed:28:bb:75:8b:80:e9:f8:e2:96:80:1e:db:ca:ae:
26:a7:4b:f0:45:ef:27:bc:c6:ce:95:a0:34:30:b7:
f4:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:46:BC:2E:14:84:46:9C:E7:50:94:B0:8C:D7:85:D1:65:A7:BD:B0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/789b916e-f243-42f2-b85b-bd63213bae26.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d062:1000::/40
Signature Algorithm: sha256WithRSAEncryption
c0:41:70:46:fa:f7:a7:27:53:85:33:d4:c0:65:aa:e1:ae:6a:
48:e1:4a:08:a9:38:8a:1d:83:c6:da:7b:02:cf:27:b1:17:91:
1b:87:d5:50:81:05:33:7c:c5:e5:8d:09:be:45:86:bf:9d:0d:
68:af:67:9e:28:2d:92:37:f2:7d:7f:42:57:70:be:76:17:32:
47:97:eb:dd:bb:da:0f:2c:4d:57:28:4e:97:9b:cd:0d:7c:6e:
a0:10:9b:11:9b:e7:fa:52:5d:08:13:55:76:09:a9:43:3a:4c:
be:fd:f9:11:fc:e5:9b:3e:7f:78:7c:fd:64:ea:15:fe:9e:89:
cc:6a:d6:79:88:24:6e:13:53:1b:4d:9d:11:ab:b8:8b:48:ae:
a8:68:87:41:df:fc:8d:56:3c:fa:5a:b8:0d:fb:7c:80:8b:4e:
56:9d:31:5e:c8:a5:4f:04:c2:c3:02:a1:a4:d0:4c:a8:8c:d8:
51:40:70:77:a2:ab:65:d6:ab:57:4c:f3:2f:aa:76:94:58:30:
17:8e:a1:70:c4:96:24:d7:bf:2f:1a:ba:4f:7b:09:76:9d:05:
19:09:e2:61:b6:55:6b:73:3c:7a:40:56:31:4b:2a:3c:e0:e7:
23:6b:65:65:aa:d1:59:a3:18:90:e2:57:e3:7b:a7:50:c2:57:
45:7e:5d:9c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJjvxL4/si1lyDp3QNA0IFiTkI9AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MjIxNjAxNTRaFw0yNjA4MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDA4YWJiZGQ4NmQyZjg3ODkwMWFmMmE5NGUwOWQ1ZGE2ODE4YWE3MWNiMjU2
YTVkNWI5MzM3MTJhYzEwYzAyMzQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALFqRPGNY0s/LfTBUWu+ZqVz8OmW9Dh17nNBAI2lrqGQgqv8YsavJpcGVsU5
c1+HoaQ1vlx8MBzOltSn60rEhFciaW+lYXXUz/8BWRlyR9C4mRc8vcaarQcuZnpc
LiKbORNd1NGvJ1vdiYK429tTUyHlAxFMlpR0EgGwNmM+2ub7squZqsA5TIyyW3Bd
AKOFnF+tBbzc/G2CDst7NCGLt1A7SAa98fPeCxwpUz3rrQjPucFNEYL1fMeiP5bL
wx+ebnCs8QoYmLl2i9T2r4zf7QYirAq7OO7jbzCp2RpzCvi97Si7dYuA6fjiloAe
28quJqdL8EXvJ7zGzpWgNDC39NsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTERrwu
FIRGnOdQlLCM14XRZae9sDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Nzg5YjkxNmUtZjI0My00MmYyLWI4NWItYmQ2MzIxM2JhZTI2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0GIQ
MA0GCSqGSIb3DQEBCwUAA4IBAQDAQXBG+venJ1OFM9TAZarhrmpI4UoIqTiKHYPG
2nsCzyexF5Ebh9VQgQUzfMXljQm+RYa/nQ1or2eeKC2SN/J9f0JXcL52FzJHl+vd
u9oPLE1XKE6Xm80NfG6gEJsRm+f6Ul0IE1V2CalDOky+/fkR/OWbPn94fP1k6hX+
nonMatZ5iCRuE1MbTZ0Rq7iLSK6oaIdB3/yNVjz6WrgN+3yAi05WnTFeyKVPBMLD
AqGk0EyojNhRQHB3oqtl1qtXTPMvqnaUWDAXjqFwxJYk178vGrpPewl2nQUZCeJh
tlVrczx6QFYxSyo84Ocja2VlqtFZoxiQ4lfje6dQwldFfl2c
-----END CERTIFICATE-----
Generated at Sat Jun 13 11:28:55 2026 by rpki-client