Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/91ee3655-dcb4-41c6-b4a4-270ca5cacf7a.roa
File: 91ee3655-dcb4-41c6-b4a4-270ca5cacf7a.roa (raw, json)
Hash identifier: THi5mQpnDc7UY46iGxddZJzPaOfvjXUz/FMOH50f4Mo=
Subject key identifier: 21:66:F5:FA:B8:95:E1:3A:A4:32:C3:0D:D4:74:F2:B5:C4:B6:DE:0E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 29C1E6109C0A303EAB728119E4398DAFB78A25D3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/91ee3655-dcb4-41c6-b4a4-270ca5cacf7a.roa
Signing time: Tue 19 May 2026 04:40:21 +0000
ROA not before: Tue 19 May 2026 04:40:21 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:8080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:c1:e6:10:9c:0a:30:3e:ab:72:81:19:e4:39:8d:af:b7:8a:25:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:40:21 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=2dacdad7f002e9e5880737c64174d470423fa5f3843290148147aa3a21a60096, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:e5:6e:86:79:f0:ab:50:ff:99:ac:00:b1:78:
75:4c:8a:c3:7b:9d:5e:a6:57:25:03:9f:a4:3f:f6:
6a:5d:3d:7d:af:f6:41:64:93:dc:5e:76:96:b3:16:
f3:d2:e7:f3:ef:53:3d:68:6c:d5:18:54:03:78:fb:
0e:ec:e9:7f:b3:a2:75:ff:4b:78:81:6c:d4:a9:a4:
a4:f8:52:32:e3:76:9e:28:3e:cc:f9:d7:4d:e3:aa:
6d:75:ca:19:9d:a6:63:36:2f:dd:09:cd:4e:3f:33:
42:75:ef:6f:a3:3c:ce:ad:cc:fd:b5:5b:a7:67:b3:
31:a9:58:23:77:12:87:64:09:74:9b:3e:96:a3:f4:
6b:d5:e3:ff:87:81:0b:4f:44:79:c7:2e:ff:e1:33:
12:45:52:ef:d1:78:18:68:db:ce:df:d3:b1:c9:87:
b5:53:ae:da:1b:9d:81:fa:5d:9e:00:c2:06:77:0e:
0d:d5:66:cf:96:8f:17:76:35:58:03:b0:be:8e:3f:
ca:7d:40:b3:3b:78:ff:7d:f0:57:7a:94:8a:8c:6a:
17:4b:c0:41:c7:74:a0:5d:18:31:2b:bd:da:b3:db:
5c:a8:36:2e:38:29:27:dd:19:fc:88:c3:b8:f5:2a:
30:16:f9:f2:3c:5f:c9:55:96:91:54:07:30:95:f1:
4d:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:66:F5:FA:B8:95:E1:3A:A4:32:C3:0D:D4:74:F2:B5:C4:B6:DE:0E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/91ee3655-dcb4-41c6-b4a4-270ca5cacf7a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:8080::/48
Signature Algorithm: sha256WithRSAEncryption
48:b2:af:5d:e1:fa:35:15:a3:14:95:07:14:5c:f6:47:f1:3f:
16:15:3f:22:a6:2e:0b:41:91:8b:0c:01:5b:d9:b5:68:c6:be:
6e:e2:4d:b9:9f:b0:2b:b6:cf:67:f5:5e:2d:f4:dc:3e:30:ce:
0c:2b:b3:9a:ce:a2:23:e3:b3:2e:29:94:12:65:64:28:06:14:
63:49:68:72:e1:3e:33:e0:07:ec:c8:8f:d8:1b:f7:ae:16:a8:
de:4d:6c:dc:98:25:b0:92:92:db:f8:27:36:49:a5:8c:a7:15:
51:47:c8:27:41:4a:19:3d:db:f2:01:8b:9c:40:3d:a7:1d:9b:
0b:97:34:9a:2c:8a:27:37:5f:d8:60:de:2c:a1:00:af:00:12:
e5:19:c4:4c:ad:f1:53:63:68:b1:38:4a:37:51:9e:dd:41:ee:
7f:ee:84:97:ca:e3:06:7c:0a:5e:34:66:bd:55:c7:0d:37:57:
7b:02:3f:24:26:f1:5f:47:09:77:75:02:ad:0a:ea:15:bc:9e:
dd:c5:54:18:44:a1:bc:60:e9:39:54:a8:86:9c:6d:d8:6a:9b:
64:3a:42:2b:cf:f3:ab:a5:20:31:64:89:1c:13:cd:51:2e:10:
87:29:89:ce:6c:cb:cf:2d:43:97:ae:df:b1:01:19:e2:a1:0c:
91:4b:52:a4
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUKcHmEJwKMD6rcoEZ5DmNr7eKJdMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDQwMjFaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDJkYWNkYWQ3ZjAwMmU5ZTU4ODA3MzdjNjQxNzRkNDcwNDIzZmE1ZjM4NDMy
OTAxNDgxNDdhYTNhMjFhNjAwOTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK/lboZ58KtQ/5msALF4dUyKw3udXqZXJQOfpD/2al09fa/2QWST3F52lrMW
89Ln8+9TPWhs1RhUA3j7Duzpf7Oidf9LeIFs1KmkpPhSMuN2nig+zPnXTeOqbXXK
GZ2mYzYv3QnNTj8zQnXvb6M8zq3M/bVbp2ezMalYI3cSh2QJdJs+lqP0a9Xj/4eB
C09Eeccu/+EzEkVS79F4GGjbzt/TscmHtVOu2hudgfpdngDCBncODdVmz5aPF3Y1
WAOwvo4/yn1Aszt4/33wV3qUioxqF0vAQcd0oF0YMSu92rPbXKg2LjgpJ90Z/IjD
uPUqMBb58jxfyVWWkVQHMJXxTX8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQhZvX6
uJXhOqQyww3UdPK1xLbeDjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTFlZTM2NTUtZGNiNC00MWM2LWI0YTQtMjcwY2E1Y2FjZjdhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DiA
gDANBgkqhkiG9w0BAQsFAAOCAQEASLKvXeH6NRWjFJUHFFz2R/E/FhU/IqYuC0GR
iwwBW9m1aMa+buJNuZ+wK7bPZ/VeLfTcPjDODCuzms6iI+OzLimUEmVkKAYUY0lo
cuE+M+AH7MiP2Bv3rhao3k1s3JglsJKS2/gnNkmljKcVUUfIJ0FKGT3b8gGLnEA9
px2bC5c0miyKJzdf2GDeLKEArwAS5RnETK3xU2NosThKN1Ge3UHuf+6El8rjBnwK
XjRmvVXHDTdXewI/JCbxX0cJd3UCrQrqFbye3cVUGEShvGDpOVSohpxt2GqbZDpC
K8/zq6UgMWSJHBPNUS4QhymJzmzLzy1Dl67fsQEZ4qEMkUtSpA==
-----END CERTIFICATE-----
Generated at Sat Jun 13 12:42:30 2026 by rpki-client