Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8d7e4a0f-a68b-4982-99dd-37b9fff718d1.roa
File: 8d7e4a0f-a68b-4982-99dd-37b9fff718d1.roa (raw, json)
Hash identifier: ur5/3SNn0MNT1ZJCYI0DTc93Rw51dZPktM0zVClJieg=
Subject key identifier: 97:3A:B2:36:37:A4:11:BF:31:A5:A6:4E:8A:57:4E:16:B3:E4:9B:A1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6B3CE09DED7635E6B6D0C131F8290D90B9A32948
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8d7e4a0f-a68b-4982-99dd-37b9fff718d1.roa
Signing time: Sun 31 May 2026 01:10:23 +0000
ROA not before: Sun 31 May 2026 01:10:23 +0000
ROA not after: Sat 29 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d05a:c0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:3c:e0:9d:ed:76:35:e6:b6:d0:c1:31:f8:29:0d:90:b9:a3:29:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 31 01:10:23 2026 GMT
Not After : Aug 29 23:59:59 2026 GMT
Subject: serialNumber=ee60f65930045147ccc9c9b6ab85a0e0581c5daeef7af006a87cf1f516dfe05b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:df:59:ca:5d:d5:46:2f:71:a0:93:99:48:0f:
89:02:b6:7b:cd:4d:30:61:91:45:99:05:d8:59:75:
50:ee:ce:a9:79:50:78:a4:6b:33:e8:30:86:d9:98:
7e:c9:b0:19:15:21:64:22:b4:b0:85:13:93:d1:74:
64:42:f4:21:fa:8a:5c:e9:ff:93:20:a4:08:ba:4e:
d1:b7:f6:66:52:7f:00:dc:47:5a:d3:0a:0e:07:c8:
55:45:1f:4c:b5:cf:b0:2d:e5:fc:83:38:8b:72:fc:
b6:aa:da:cd:ae:4e:ea:6e:88:9f:b6:bb:66:05:1f:
0e:00:17:23:2a:e7:14:ba:80:b8:03:a2:b8:30:f9:
0d:71:f5:cf:50:62:2a:88:b7:fe:ca:3f:9e:b3:43:
e2:69:c6:f3:1b:12:7d:5b:2d:ae:4a:a9:33:5a:9d:
c8:6b:51:20:bf:58:34:d5:e9:d9:72:e1:a5:44:35:
5b:d2:1f:ea:91:47:bc:4f:6f:d6:92:89:c8:d0:ef:
37:ca:3b:e6:f3:d0:c1:6a:61:4b:c9:3b:da:d1:fc:
6c:3d:cd:51:ad:80:cc:c0:9f:d5:05:da:3c:64:f9:
58:15:ae:1e:9d:76:f0:ce:04:81:a6:60:f8:c9:e8:
75:b9:f0:cf:f6:2c:de:21:83:00:22:cc:59:ea:69:
22:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:3A:B2:36:37:A4:11:BF:31:A5:A6:4E:8A:57:4E:16:B3:E4:9B:A1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8d7e4a0f-a68b-4982-99dd-37b9fff718d1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d05a:c0c0::/48
Signature Algorithm: sha256WithRSAEncryption
30:03:91:69:95:29:4e:87:db:7c:94:90:5a:81:e9:b3:26:32:
b7:02:5e:4e:e4:01:c8:a5:20:d2:3d:e7:38:eb:56:fb:c7:21:
d7:ab:b5:ec:10:62:46:1e:ef:46:ea:75:83:ef:2b:06:8f:0a:
e2:82:ae:56:7b:a6:a5:e5:82:f4:53:70:4d:c6:71:5e:37:df:
80:db:ab:8b:e0:f3:7e:81:80:73:f9:59:7e:ea:8a:da:65:43:
05:af:83:20:31:2d:26:a1:6b:ec:f5:e2:32:de:9f:19:08:4f:
b3:3a:ae:97:94:c4:8a:d9:8c:f6:a2:b1:26:ff:dd:20:15:02:
18:e3:85:00:32:34:62:3d:29:01:b5:ea:41:6d:eb:6d:9c:88:
ea:5a:4f:2e:fe:87:fe:58:e8:a8:37:69:e7:57:43:85:a9:60:
91:d1:d2:06:e3:be:93:23:ce:6b:af:46:87:89:6f:45:ec:93:
31:0d:dd:7b:f0:8e:2c:b5:6a:ac:9a:18:5c:ba:dd:fa:50:cd:
06:b0:46:dc:f7:7e:08:15:a7:c5:0e:28:5c:06:dd:12:24:55:
3e:d5:5f:db:e0:10:6d:32:a2:82:be:75:c1:de:22:ac:54:33:
5b:1a:55:7c:44:23:06:04:20:cf:1c:a6:15:fb:3a:92:26:74:
da:6c:70:ca
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUazzgne12Nea20MEx+CkNkLmjKUgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MzEwMTEwMjNaFw0yNjA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGVlNjBmNjU5MzAwNDUxNDdjY2M5YzliNmFiODVhMGUwNTgxYzVkYWVlZjdh
ZjAwNmE4N2NmMWY1MTZkZmUwNWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM7fWcpd1UYvcaCTmUgPiQK2e81NMGGRRZkF2Fl1UO7OqXlQeKRrM+gwhtmY
fsmwGRUhZCK0sIUTk9F0ZEL0IfqKXOn/kyCkCLpO0bf2ZlJ/ANxHWtMKDgfIVUUf
TLXPsC3l/IM4i3L8tqraza5O6m6In7a7ZgUfDgAXIyrnFLqAuAOiuDD5DXH1z1Bi
Koi3/so/nrND4mnG8xsSfVstrkqpM1qdyGtRIL9YNNXp2XLhpUQ1W9If6pFHvE9v
1pKJyNDvN8o75vPQwWphS8k72tH8bD3NUa2AzMCf1QXaPGT5WBWuHp128M4EgaZg
+Mnodbnwz/Ys3iGDACLMWeppIt0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSXOrI2
N6QRvzGlpk6KV04Ws+SboTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGQ3ZTRhMGYtYTY4Yi00OTgyLTk5ZGQtMzdiOWZmZjcxOGQxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0FrA
wDANBgkqhkiG9w0BAQsFAAOCAQEAMAORaZUpTofbfJSQWoHpsyYytwJeTuQByKUg
0j3nOOtW+8ch16u17BBiRh7vRup1g+8rBo8K4oKuVnumpeWC9FNwTcZxXjffgNur
i+DzfoGAc/lZfuqK2mVDBa+DIDEtJqFr7PXiMt6fGQhPszqul5TEitmM9qKxJv/d
IBUCGOOFADI0Yj0pAbXqQW3rbZyI6lpPLv6H/ljoqDdp51dDhalgkdHSBuO+kyPO
a69Gh4lvReyTMQ3de/COLLVqrJoYXLrd+lDNBrBG3Pd+CBWnxQ4oXAbdEiRVPtVf
2+AQbTKigr51wd4irFQzWxpVfEQjBgQgzxymFfs6kiZ02mxwyg==
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:44:51 2026 by rpki-client