Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8015fdc4-e79d-4400-a786-c70ab3f10d2d.roa
File: 8015fdc4-e79d-4400-a786-c70ab3f10d2d.roa (raw, json)
Hash identifier: XDHnH9hwUBYRHgwtFLH1Oyrg7r128YU2N0q3miC2aSQ=
Subject key identifier: 51:A8:04:91:FB:55:AC:A0:FD:C7:B9:0E:00:9E:BC:2E:9F:EF:97:40
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 410D9BFD82FF19294C0CB300255B91B5D0A2A13F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8015fdc4-e79d-4400-a786-c70ab3f10d2d.roa
Signing time: Tue 19 May 2026 05:00:06 +0000
ROA not before: Tue 19 May 2026 05:00:06 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d028::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:0d:9b:fd:82:ff:19:29:4c:0c:b3:00:25:5b:91:b5:d0:a2:a1:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:00:06 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=f9f6f7f76b99dbfb223d85afeaad0e5f962b4397c29738d89151b0e305833bf6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:da:80:15:3b:3f:66:64:ab:e6:dc:0a:a9:91:
09:77:6f:14:1a:a4:84:8d:d0:97:1e:98:1a:cb:bf:
32:ee:60:98:d6:5e:c9:7f:b8:27:50:7c:f2:d4:ec:
13:5c:dd:c8:74:cb:90:86:f1:ce:30:7b:e2:ba:90:
99:47:96:03:33:53:bf:67:e8:10:38:72:77:01:48:
1d:d6:23:44:17:cc:c6:a4:83:bb:96:a7:5f:55:00:
94:72:60:d7:f2:99:a8:81:23:07:ff:fd:68:6a:d2:
13:18:29:ec:c1:16:5d:76:7c:93:f5:ff:81:fd:16:
36:02:30:95:a1:27:0f:6d:08:f2:2e:13:93:9d:ee:
af:27:33:e6:79:7a:02:82:c9:7d:ff:d9:85:04:5c:
fc:03:db:bd:6a:5e:8f:79:9d:aa:74:85:d2:fb:db:
c3:55:b0:fb:e3:cb:9b:a9:35:66:4e:8c:de:62:79:
1b:d8:94:4d:2e:9c:35:11:9d:b3:5d:19:57:27:c2:
1c:39:fd:d7:ce:75:5f:80:b1:73:d9:22:6c:6b:55:
b7:cd:c8:35:c8:92:db:03:64:be:ec:fe:9b:6a:3b:
52:de:39:6e:72:7d:ae:cd:cc:ab:32:3a:92:1e:fc:
c9:a6:c0:a0:a1:99:3a:df:95:66:28:c1:c8:19:58:
f4:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:A8:04:91:FB:55:AC:A0:FD:C7:B9:0E:00:9E:BC:2E:9F:EF:97:40
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8015fdc4-e79d-4400-a786-c70ab3f10d2d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d028::/36
Signature Algorithm: sha256WithRSAEncryption
10:06:52:d4:1c:b9:a0:00:eb:fb:b4:03:fc:75:35:d4:8c:0b:
1d:a1:78:91:d2:ca:4c:eb:32:36:eb:6e:65:9f:17:b8:fe:2c:
d3:ad:e8:da:6e:31:03:51:cb:ff:26:31:1f:44:34:fd:cb:c4:
62:36:b5:85:1d:b8:a1:99:82:7a:f8:67:fe:c4:a3:72:1f:0b:
0b:c3:4a:72:41:20:a7:47:0c:a0:18:fa:47:05:cd:09:16:41:
06:4f:19:9d:95:28:3c:80:4a:ee:cd:82:78:3c:0f:e5:67:f6:
83:71:1d:8c:ea:c8:1a:8b:e2:4b:5d:31:8f:b4:82:d5:dd:c8:
eb:6e:fa:ba:7a:91:1f:e4:72:b9:da:5f:98:9b:f0:4a:e1:dd:
49:dc:c0:6f:ee:63:84:97:1b:4e:6e:d4:ed:92:3e:9a:96:7d:
ff:e3:c9:70:84:d0:82:72:11:b7:be:f4:db:2c:30:87:a6:00:
ec:d9:b9:f6:a5:6e:60:95:d1:a3:17:99:fc:4a:67:48:2c:d4:
72:96:d7:17:5b:20:96:9f:a1:33:27:f5:3e:17:c6:9b:5f:27:
3c:4b:f5:0c:2e:b5:a6:fb:d4:74:90:21:00:92:81:a8:b9:10:
58:4a:91:52:69:93:5a:54:1d:53:2b:c2:ad:a0:af:33:89:b8:
fe:dc:37:4c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQQ2b/YL/GSlMDLMAJVuRtdCioT8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTAwMDZaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGY5ZjZmN2Y3NmI5OWRiZmIyMjNkODVhZmVhYWQwZTVmOTYyYjQzOTdjMjk3
MzhkODkxNTFiMGUzMDU4MzNiZjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKragBU7P2Zkq+bcCqmRCXdvFBqkhI3Qlx6YGsu/Mu5gmNZeyX+4J1B88tTs
E1zdyHTLkIbxzjB74rqQmUeWAzNTv2foEDhydwFIHdYjRBfMxqSDu5anX1UAlHJg
1/KZqIEjB//9aGrSExgp7MEWXXZ8k/X/gf0WNgIwlaEnD20I8i4Tk53urycz5nl6
AoLJff/ZhQRc/APbvWpej3mdqnSF0vvbw1Ww++PLm6k1Zk6M3mJ5G9iUTS6cNRGd
s10ZVyfCHDn91851X4Cxc9kibGtVt83INciS2wNkvuz+m2o7Ut45bnJ9rs3MqzI6
kh78yabAoKGZOt+VZijByBlY9NUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRRqASR
+1WsoP3HuQ4Anrwun++XQDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODAxNWZkYzQtZTc5ZC00NDAwLWE3ODYtYzcwYWIzZjEwZDJkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CgA
MA0GCSqGSIb3DQEBCwUAA4IBAQAQBlLUHLmgAOv7tAP8dTXUjAsdoXiR0spM6zI2
625lnxe4/izTrejabjEDUcv/JjEfRDT9y8RiNrWFHbihmYJ6+Gf+xKNyHwsLw0py
QSCnRwygGPpHBc0JFkEGTxmdlSg8gEruzYJ4PA/lZ/aDcR2M6sgai+JLXTGPtILV
3cjrbvq6epEf5HK52l+Ym/BK4d1J3MBv7mOElxtObtTtkj6aln3/48lwhNCCchG3
vvTbLDCHpgDs2bn2pW5gldGjF5n8SmdILNRyltcXWyCWn6EzJ/U+F8abXyc8S/UM
LrWm+9R0kCEAkoGouRBYSpFSaZNaVB1TK8KtoK8zibj+3DdM
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:11:59 2026 by rpki-client