Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/834ff2b2-55b6-4011-9d9b-451a7311335d.roa
File: 834ff2b2-55b6-4011-9d9b-451a7311335d.roa (raw, json)
Hash identifier: rFZBGYN0JJG5mlcN/UWhKlHRFWtcLIX0oes4WudG5Vo=
Subject key identifier: FA:91:88:CC:4B:B3:A5:4B:AE:22:D8:5B:2E:82:16:C8:EF:0A:04:DB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3D46CF5FAB71726F75519C0B12C71B437A6492AB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/834ff2b2-55b6-4011-9d9b-451a7311335d.roa
Signing time: Tue 19 May 2026 04:40:45 +0000
ROA not before: Tue 19 May 2026 04:40:45 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:b000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:46:cf:5f:ab:71:72:6f:75:51:9c:0b:12:c7:1b:43:7a:64:92:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:40:45 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=23d8419b18c649f36b04115b12ba1a1e7abc12ee33c33df8e58e01f076d71110, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:5d:9f:a5:92:c3:0d:67:24:c7:13:fe:63:a5:
df:42:bc:50:9a:08:46:43:5a:69:fd:b1:82:1a:c0:
87:14:b1:09:73:ab:2f:00:10:b6:a6:de:b1:d8:fd:
31:65:57:5b:f3:97:95:ff:e3:35:4b:81:65:2c:7f:
d5:f5:d1:93:9d:ad:a3:d0:92:e4:ff:71:00:c6:a5:
a0:0f:50:06:a1:f8:04:d4:74:91:36:ad:d3:e5:02:
fe:a5:74:93:35:05:70:89:10:6c:4d:42:c1:fe:98:
33:75:6b:e7:cd:d5:45:e0:2e:52:e8:c2:08:53:2a:
01:4d:35:66:3a:88:08:24:d1:2f:55:2b:1d:3e:f1:
01:f1:8c:02:5d:21:38:5f:e8:1e:bd:f0:8e:ae:da:
22:57:1a:d7:e5:2d:2b:48:31:fd:13:3d:2b:b6:23:
a7:ac:6c:41:28:1d:97:9d:6f:31:85:86:b7:64:e3:
87:7b:9a:b7:cf:ad:2e:12:f8:96:82:3a:39:d8:54:
c9:a4:e3:02:03:2e:e8:1c:4d:bd:92:a7:2c:03:b1:
74:a2:7a:3b:1c:b5:6f:d4:8d:e5:d1:4d:10:15:5e:
09:a4:b4:5b:2f:1e:21:3a:ae:59:e4:3e:d8:f5:28:
df:67:fa:0c:10:c2:87:f7:d1:38:d2:73:4f:b0:0f:
00:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:91:88:CC:4B:B3:A5:4B:AE:22:D8:5B:2E:82:16:C8:EF:0A:04:DB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/834ff2b2-55b6-4011-9d9b-451a7311335d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:b000::/40
Signature Algorithm: sha256WithRSAEncryption
2c:85:b2:a6:f4:50:fd:e6:e5:fc:25:6f:0b:d3:82:2b:61:24:
f0:4c:1c:c2:3b:f9:0c:75:51:83:5a:cb:8a:09:1b:ed:f6:66:
84:52:b2:15:7b:9c:f1:16:ac:56:f6:cd:95:49:1b:10:87:4f:
ab:64:0c:f7:3d:ef:1e:36:1d:8b:d1:61:cb:02:22:96:ee:39:
62:25:fc:5e:7c:16:98:12:57:89:a1:35:d8:aa:11:96:98:df:
ae:44:b2:55:f3:53:b4:57:8d:ad:af:ad:70:ef:e7:66:d7:4b:
ef:c5:a5:37:ce:60:40:40:0d:8e:36:18:31:bd:3e:07:7e:50:
8d:b1:49:d0:30:84:1e:87:be:76:7c:32:7f:13:d7:7b:e0:0c:
79:6f:e5:f5:22:07:3a:7d:92:70:98:1c:0c:12:6a:62:19:5f:
b9:d8:47:b0:11:68:2c:19:e9:cb:f6:cc:37:93:20:6e:9c:1f:
18:4a:44:48:61:0f:97:2c:77:ae:9c:ca:f2:1a:0f:7a:4e:6e:
87:5f:aa:f7:92:5c:96:4f:a9:fd:1b:96:c8:d1:e9:9f:7e:30:
01:e7:95:94:08:33:e0:3c:66:77:d5:5b:28:ca:e2:27:c2:c2:
5c:02:fd:e5:e2:58:af:be:9e:1e:94:af:9e:de:17:38:14:f6:
bf:5b:67:26
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUPUbPX6txcm91UZwLEscbQ3pkkqswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDQwNDVaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDIzZDg0MTliMThjNjQ5ZjM2YjA0MTE1YjEyYmExYTFlN2FiYzEyZWUzM2Mz
M2RmOGU1OGUwMWYwNzZkNzExMTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJRdn6WSww1nJMcT/mOl30K8UJoIRkNaaf2xghrAhxSxCXOrLwAQtqbesdj9
MWVXW/OXlf/jNUuBZSx/1fXRk52to9CS5P9xAMaloA9QBqH4BNR0kTat0+UC/qV0
kzUFcIkQbE1Cwf6YM3Vr583VReAuUujCCFMqAU01ZjqICCTRL1UrHT7xAfGMAl0h
OF/oHr3wjq7aIlca1+UtK0gx/RM9K7Yjp6xsQSgdl51vMYWGt2Tjh3uat8+tLhL4
loI6OdhUyaTjAgMu6BxNvZKnLAOxdKJ6Oxy1b9SN5dFNEBVeCaS0Wy8eITquWeQ+
2PUo32f6DBDCh/fRONJzT7APAO0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT6kYjM
S7OlS64i2FsughbI7woE2zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODM0ZmYyYjItNTViNi00MDExLTlkOWItNDUxYTczMTEzMzVkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Daw
MA0GCSqGSIb3DQEBCwUAA4IBAQAshbKm9FD95uX8JW8L04IrYSTwTBzCO/kMdVGD
WsuKCRvt9maEUrIVe5zxFqxW9s2VSRsQh0+rZAz3Pe8eNh2L0WHLAiKW7jliJfxe
fBaYEleJoTXYqhGWmN+uRLJV81O0V42tr61w7+dm10vvxaU3zmBAQA2ONhgxvT4H
flCNsUnQMIQeh752fDJ/E9d74Ax5b+X1Igc6fZJwmBwMEmpiGV+52EewEWgsGenL
9sw3kyBunB8YSkRIYQ+XLHeunMryGg96Tm6HX6r3klyWT6n9G5bI0emffjAB55WU
CDPgPGZ31VsoyuInwsJcAv3l4livvp4elK+e3hc4FPa/W2cm
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:12:16 2026 by rpki-client