Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/88800f9f-48fd-4442-a6f6-7a504e1cb3b1.roa
File: 88800f9f-48fd-4442-a6f6-7a504e1cb3b1.roa (raw, json)
Hash identifier: LJVh5brQ5dqBmNpTIeS+e+PEdfawwX2qWh8G465NwIo=
Subject key identifier: EA:A6:36:21:0B:62:10:FD:80:52:1E:71:89:88:49:C2:23:21:EA:C9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: F81DCF2A486D26810F5571B768B6FF2C335159
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/88800f9f-48fd-4442-a6f6-7a504e1cb3b1.roa
Signing time: Tue 19 May 2026 04:50:07 +0000
ROA not before: Tue 19 May 2026 04:50:07 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d012:c00::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
f8:1d:cf:2a:48:6d:26:81:0f:55:71:b7:68:b6:ff:2c:33:51:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:50:07 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=9f19c7799c5292f45ec7e2de46ebb757ece417a0d662ba05375e007562056fc3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:9e:13:93:7b:fe:6a:74:ba:a6:48:d7:0f:d0:
6a:9c:e7:39:4a:7b:68:26:59:07:8e:50:04:a2:47:
1a:27:51:de:65:5f:cc:c7:ad:fe:83:bc:55:d0:5b:
90:eb:44:ea:a3:da:60:37:9f:3f:49:fd:1d:de:8a:
98:e9:84:40:26:9d:05:1f:16:d3:6a:48:a0:a3:46:
ab:a6:63:3c:b8:bb:f1:1e:ca:65:b4:1b:09:ec:85:
3e:47:1f:f5:89:48:0e:59:86:35:47:70:ed:6c:3a:
1f:e4:9c:a5:46:df:97:f4:21:e7:32:29:8b:16:75:
2e:85:80:90:ab:9d:55:a6:61:2c:85:6e:1f:89:68:
9b:b1:03:d0:2d:e9:0e:55:46:80:5a:77:88:a1:6e:
b7:30:71:98:5c:f1:bf:d6:b2:48:f0:58:12:77:78:
d3:05:88:4b:aa:d7:17:05:f4:dc:fe:58:b0:f3:20:
62:8a:b0:0e:60:c1:c5:97:12:65:96:01:60:b1:bf:
84:a4:4b:b9:fb:f2:16:f7:2a:00:c4:4a:56:24:2b:
1f:a3:4f:80:93:a8:fd:00:cc:30:3c:6d:1d:bc:f0:
8a:84:75:a1:06:c8:12:d9:40:f9:09:db:eb:56:f1:
54:ea:59:4c:6a:dc:12:cd:e8:e1:73:b6:0b:b0:82:
79:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:A6:36:21:0B:62:10:FD:80:52:1E:71:89:88:49:C2:23:21:EA:C9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/88800f9f-48fd-4442-a6f6-7a504e1cb3b1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d012:c00::/38
Signature Algorithm: sha256WithRSAEncryption
3f:07:b8:19:0d:da:24:da:30:09:ab:a9:3e:8c:c2:da:fa:fe:
61:64:4b:32:2c:0c:3b:ba:bd:76:97:cb:74:d5:ed:4b:7b:08:
4b:7b:ab:28:b4:79:96:12:3f:2c:57:51:6a:20:c1:73:c4:8b:
07:42:36:1a:3e:42:e2:d1:70:ad:48:c8:2c:27:e3:35:26:42:
63:1e:80:10:2f:9f:5c:4e:a6:67:48:c8:46:a3:11:a6:7b:73:
64:62:69:ac:55:ed:7e:d4:19:62:6b:7c:d9:d1:0e:22:d1:1b:
59:17:37:16:ca:fe:aa:31:92:eb:48:f8:91:49:0b:4a:26:b5:
ab:bf:89:80:9c:b6:63:fe:99:00:05:87:77:5e:9b:ec:47:c6:
c8:c5:bf:56:d5:6d:7a:a7:7c:d9:d4:3b:aa:53:7d:4d:29:b5:
0c:f1:6e:4c:42:51:20:59:8a:58:34:80:df:1d:db:7e:af:ee:
d7:12:aa:a8:42:70:34:82:59:85:32:9c:3e:d1:68:1b:98:2e:
ae:df:07:da:89:a1:2c:e3:12:74:49:29:87:a6:55:d1:b9:5c:
f1:ae:06:26:d1:b8:60:19:68:68:5a:e1:f3:73:d6:57:77:b8:
76:f0:53:23:cd:5b:9f:a3:4d:63:c4:d6:13:7c:03:cc:04:dd:
62:86:19:2f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUAPgdzypIbSaBD1Vxt2i2/ywzUVkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDUwMDdaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDlmMTljNzc5OWM1MjkyZjQ1ZWM3ZTJkZTQ2ZWJiNzU3ZWNlNDE3YTBkNjYy
YmEwNTM3NWUwMDc1NjIwNTZmYzMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALeeE5N7/mp0uqZI1w/QapznOUp7aCZZB45QBKJHGidR3mVfzMet/oO8VdBb
kOtE6qPaYDefP0n9Hd6KmOmEQCadBR8W02pIoKNGq6ZjPLi78R7KZbQbCeyFPkcf
9YlIDlmGNUdw7Ww6H+ScpUbfl/Qh5zIpixZ1LoWAkKudVaZhLIVuH4lom7ED0C3p
DlVGgFp3iKFutzBxmFzxv9aySPBYEnd40wWIS6rXFwX03P5YsPMgYoqwDmDBxZcS
ZZYBYLG/hKRLufvyFvcqAMRKViQrH6NPgJOo/QDMMDxtHbzwioR1oQbIEtlA+Qnb
61bxVOpZTGrcEs3o4XO2C7CCeSUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTqpjYh
C2IQ/YBSHnGJiEnCIyHqyTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODg4MDBmOWYtNDhmZC00NDQyLWE2ZjYtN2E1MDRlMWNiM2IxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BIM
MA0GCSqGSIb3DQEBCwUAA4IBAQA/B7gZDdok2jAJq6k+jMLa+v5hZEsyLAw7ur12
l8t01e1LewhLe6sotHmWEj8sV1FqIMFzxIsHQjYaPkLi0XCtSMgsJ+M1JkJjHoAQ
L59cTqZnSMhGoxGme3NkYmmsVe1+1Blia3zZ0Q4i0RtZFzcWyv6qMZLrSPiRSQtK
JrWrv4mAnLZj/pkABYd3XpvsR8bIxb9W1W16p3zZ1DuqU31NKbUM8W5MQlEgWYpY
NIDfHdt+r+7XEqqoQnA0glmFMpw+0WgbmC6u3wfaiaEs4xJ0SSmHplXRuVzxrgYm
0bhgGWhoWuHzc9ZXd7h28FMjzVufo01jxNYTfAPMBN1ihhkv
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:25:39 2026 by rpki-client