Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8bd0f638-6a0d-4a86-aec3-8e2fef4e514f.roa
File: 8bd0f638-6a0d-4a86-aec3-8e2fef4e514f.roa (raw, json)
Hash identifier: lN09q5leQbi2dN6IYvSyUN4aZXFjdaEzJU9rvCLQFeA=
Subject key identifier: E7:B3:C2:7C:BF:01:5E:7A:35:B4:21:34:C2:77:93:4D:D7:C9:E4:17
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6AED50CF5D065608C0FA7CB0B8673A6EAD07919D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8bd0f638-6a0d-4a86-aec3-8e2fef4e514f.roa
Signing time: Fri 22 May 2026 16:01:58 +0000
ROA not before: Fri 22 May 2026 16:01:58 +0000
ROA not after: Thu 20 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d062:b000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:ed:50:cf:5d:06:56:08:c0:fa:7c:b0:b8:67:3a:6e:ad:07:91:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 22 16:01:58 2026 GMT
Not After : Aug 20 23:59:59 2026 GMT
Subject: serialNumber=59669f155b056cdef4bc57fe87d12088f155847228b4b6e93067d6d50ad2c944, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:47:af:c1:86:31:53:37:8b:20:90:c8:36:42:
5a:81:2e:13:27:66:46:b8:7c:c7:c6:49:fd:70:a5:
32:f0:29:d9:3b:68:55:42:a3:41:b3:01:fd:2c:1a:
09:d6:27:90:b8:c5:be:42:4b:12:4b:50:6d:db:b4:
4b:34:23:90:2a:46:a5:ae:4f:74:c9:79:83:50:b5:
4c:9a:a5:09:aa:33:d3:08:cc:7d:51:7d:6a:da:18:
e7:9a:f4:49:8f:b2:0a:d5:3d:d3:d7:28:1b:a6:21:
3b:44:20:55:07:8a:69:8a:92:9a:9f:03:79:00:99:
fa:ee:d4:b7:9f:83:26:e2:66:68:f1:14:0d:74:43:
d8:52:4f:e7:9d:a5:e1:d0:d6:e0:ee:2d:7e:c2:48:
8f:28:2d:3f:7c:d1:5d:4a:4d:06:b0:e8:e3:f5:56:
e5:7b:39:51:1f:31:8e:39:3e:a6:b7:2c:74:45:79:
03:6b:a6:70:90:2c:c2:b0:ed:66:5a:c9:1e:45:21:
9a:ae:cc:a0:84:23:7f:bc:ae:c3:7a:10:6b:80:10:
02:1e:f5:7c:67:80:ae:24:44:b7:25:9c:d4:59:d4:
3b:7c:12:fa:d7:27:77:be:b2:a6:cd:e5:e6:ad:b6:
78:47:83:d5:30:3f:ad:f2:c5:dd:ba:2f:40:93:a4:
74:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:B3:C2:7C:BF:01:5E:7A:35:B4:21:34:C2:77:93:4D:D7:C9:E4:17
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8bd0f638-6a0d-4a86-aec3-8e2fef4e514f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d062:b000::/40
Signature Algorithm: sha256WithRSAEncryption
3b:bd:85:53:74:8a:7c:4a:3f:67:60:03:98:d8:3d:21:23:77:
78:66:c6:05:8a:9d:72:59:4b:19:6c:a9:c4:a3:b0:10:19:f6:
0e:00:ef:d9:ce:cd:8d:13:ae:6a:3a:03:97:6d:b2:2e:4f:00:
9f:87:37:d8:d3:cb:9a:62:f6:6c:b9:5d:e7:46:42:31:b2:0b:
1f:3c:eb:be:37:dd:0e:f3:d0:18:4a:a2:0a:ac:e6:87:3a:3d:
6c:6d:54:e2:54:9e:b4:26:5e:b4:2b:db:c2:a3:98:eb:74:7b:
3c:30:78:65:8d:58:df:b8:3a:ca:6d:82:05:33:31:b2:9a:d4:
06:10:1e:13:ab:90:47:83:d0:57:62:51:2d:9d:05:bc:e9:b6:
47:e7:ba:46:32:b9:76:c8:13:26:16:66:c1:9a:ae:0d:61:8a:
d3:57:63:b3:1d:a1:4f:73:f6:ca:fb:93:5c:77:b3:4e:b7:04:
8f:2f:15:ed:3c:ab:a7:56:58:fa:f8:da:31:ab:ef:83:9f:ea:
75:9c:32:ef:bb:d9:a2:bd:17:e4:87:ae:72:1b:a9:d7:66:4a:
4e:91:35:35:6f:1e:5e:cb:6f:1c:a5:cb:b2:29:78:45:a9:8b:
d0:91:ab:58:4a:99:a8:07:34:4c:3f:4d:ca:b4:9f:f3:24:41:
bc:c0:a4:1f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUau1Qz10GVgjA+nywuGc6bq0HkZ0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MjIxNjAxNThaFw0yNjA4MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDU5NjY5ZjE1NWIwNTZjZGVmNGJjNTdmZTg3ZDEyMDg4ZjE1NTg0NzIyOGI0
YjZlOTMwNjdkNmQ1MGFkMmM5NDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJRHr8GGMVM3iyCQyDZCWoEuEydmRrh8x8ZJ/XClMvAp2TtoVUKjQbMB/Swa
CdYnkLjFvkJLEktQbdu0SzQjkCpGpa5PdMl5g1C1TJqlCaoz0wjMfVF9atoY55r0
SY+yCtU909coG6YhO0QgVQeKaYqSmp8DeQCZ+u7Ut5+DJuJmaPEUDXRD2FJP552l
4dDW4O4tfsJIjygtP3zRXUpNBrDo4/VW5Xs5UR8xjjk+prcsdEV5A2umcJAswrDt
ZlrJHkUhmq7MoIQjf7yuw3oQa4AQAh71fGeAriREtyWc1FnUO3wS+tcnd76yps3l
5q22eEeD1TA/rfLF3bovQJOkdIECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTns8J8
vwFeejW0ITTCd5NN18nkFzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGJkMGY2MzgtNmEwZC00YTg2LWFlYzMtOGUyZmVmNGU1MTRmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0GKw
MA0GCSqGSIb3DQEBCwUAA4IBAQA7vYVTdIp8Sj9nYAOY2D0hI3d4ZsYFip1yWUsZ
bKnEo7AQGfYOAO/Zzs2NE65qOgOXbbIuTwCfhzfY08uaYvZsuV3nRkIxsgsfPOu+
N90O89AYSqIKrOaHOj1sbVTiVJ60Jl60K9vCo5jrdHs8MHhljVjfuDrKbYIFMzGy
mtQGEB4Tq5BHg9BXYlEtnQW86bZH57pGMrl2yBMmFmbBmq4NYYrTV2OzHaFPc/bK
+5Ncd7NOtwSPLxXtPKunVlj6+Noxq++Dn+p1nDLvu9mivRfkh65yG6nXZkpOkTU1
bx5ey28cpcuyKXhFqYvQkatYSpmoBzRMP03KtJ/zJEG8wKQf
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:03:30 2026 by rpki-client