Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/94d1ece6-a642-4297-8fb7-d7003b36fe75.roa
File: 94d1ece6-a642-4297-8fb7-d7003b36fe75.roa (raw, json)
Hash identifier: xgBWFA8O6s+zcCWe4QzmwpwOYNopSlO6kJ17b2Uakzo=
Subject key identifier: D3:37:83:C9:F1:41:C4:B4:32:2E:0C:42:3E:76:F2:9A:F3:8E:16:8A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 76923192C5D76D8EA91BC92661210F492E621FED
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/94d1ece6-a642-4297-8fb7-d7003b36fe75.roa
Signing time: Tue 19 May 2026 05:31:23 +0000
ROA not before: Tue 19 May 2026 05:31:23 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d018:800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:92:31:92:c5:d7:6d:8e:a9:1b:c9:26:61:21:0f:49:2e:62:1f:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:31:23 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=6a97727db3dda3cdb44d78a7d062b22827ad91714b6d51abcc59c11b03d140f2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:f1:00:3d:27:6b:02:9d:f6:41:81:af:53:9d:
f0:26:d7:ee:1e:64:67:26:d6:b7:3e:62:5d:f7:85:
44:3c:43:eb:c9:51:d0:d7:64:6b:09:6c:d8:2f:b9:
f9:26:48:90:db:13:15:05:1a:db:14:92:92:a3:b9:
34:f2:2d:f5:59:90:85:5b:e2:83:35:ee:b1:97:b5:
e3:bf:98:d5:7c:18:d4:0a:16:03:19:46:cb:fa:af:
87:9c:2f:3e:1d:b6:05:0f:95:73:56:84:e9:f5:08:
c3:9c:dc:9e:fd:d9:b0:f9:6c:03:3a:31:a1:20:4f:
10:f2:79:15:3a:f5:01:bc:bf:cf:64:81:75:3c:6e:
d6:14:66:8f:94:54:cb:57:af:e4:b3:b5:2a:bb:f4:
02:1b:28:31:ba:56:1b:c6:0c:be:76:87:7d:37:ca:
73:c1:a9:20:78:b4:02:e2:b3:87:18:ed:cf:e6:61:
77:0e:ce:3c:28:e4:9a:a5:fd:56:76:53:f8:8c:91:
c2:bc:6a:38:b7:e1:f7:45:22:dd:de:d4:8f:55:92:
d0:47:ec:b0:86:f5:58:1e:4b:9f:97:56:7e:d2:73:
1c:47:1a:a0:ca:83:4f:46:cf:80:d5:3c:55:c2:0e:
ac:f2:f0:49:ff:eb:2b:c9:ee:95:ac:1e:da:ec:72:
a5:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:37:83:C9:F1:41:C4:B4:32:2E:0C:42:3E:76:F2:9A:F3:8E:16:8A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/94d1ece6-a642-4297-8fb7-d7003b36fe75.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d018:800::/38
Signature Algorithm: sha256WithRSAEncryption
a1:cb:35:b1:1e:58:d1:b6:cb:54:62:28:97:2e:8f:8f:10:29:
8a:20:ec:2d:97:27:d9:b4:ac:94:d1:7d:8c:b1:ee:34:86:c4:
85:c8:7e:e2:bc:73:0a:d6:78:58:c0:76:35:c8:25:13:e1:9a:
bf:5c:b6:08:07:0b:6a:6f:83:2e:04:04:e5:52:b8:47:86:30:
d5:fc:04:65:81:cc:75:28:f2:da:3e:5f:e7:4d:99:10:b8:6f:
6c:17:97:e2:56:4b:3e:83:b3:bf:4d:e8:f4:48:5c:cf:32:ee:
4b:35:2a:36:e3:66:bc:f6:a0:b0:f5:14:fd:74:d5:69:1e:89:
c8:a3:03:8c:88:62:37:ef:4f:bf:9c:64:2a:b2:50:f4:bc:87:
8f:42:da:78:df:da:c4:3b:6f:55:86:91:82:b7:0b:98:73:2f:
9d:b6:f6:27:88:90:8b:6e:e7:b0:ab:ce:27:13:97:16:c4:0c:
35:c4:6a:7a:cc:52:69:02:eb:ee:ab:90:91:f0:35:dd:85:0a:
e9:c9:d9:15:95:37:19:50:cc:48:08:5b:9b:93:34:ba:79:5b:
23:ef:07:7d:d5:84:99:06:6a:ac:b4:66:e1:be:5d:e7:8e:07:
d7:9c:7d:09:b4:99:b9:d5:b3:66:6f:e5:7d:b6:40:55:1e:b6:
e7:fc:ce:20
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdpIxksXXbY6pG8kmYSEPSS5iH+0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTMxMjNaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDZhOTc3MjdkYjNkZGEzY2RiNDRkNzhhN2QwNjJiMjI4MjdhZDkxNzE0YjZk
NTFhYmNjNTljMTFiMDNkMTQwZjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKDxAD0nawKd9kGBr1Od8CbX7h5kZybWtz5iXfeFRDxD68lR0Ndkawls2C+5
+SZIkNsTFQUa2xSSkqO5NPIt9VmQhVvigzXusZe147+Y1XwY1AoWAxlGy/qvh5wv
Ph22BQ+Vc1aE6fUIw5zcnv3ZsPlsAzoxoSBPEPJ5FTr1Aby/z2SBdTxu1hRmj5RU
y1ev5LO1Krv0AhsoMbpWG8YMvnaHfTfKc8GpIHi0AuKzhxjtz+Zhdw7OPCjkmqX9
VnZT+IyRwrxqOLfh90Ui3d7Uj1WS0EfssIb1WB5Ln5dWftJzHEcaoMqDT0bPgNU8
VcIOrPLwSf/rK8nulawe2uxypasCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTTN4PJ
8UHEtDIuDEI+dvKa844WijAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTRkMWVjZTYtYTY0Mi00Mjk3LThmYjctZDcwMDNiMzZmZTc1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BgI
MA0GCSqGSIb3DQEBCwUAA4IBAQChyzWxHljRtstUYiiXLo+PECmKIOwtlyfZtKyU
0X2Mse40hsSFyH7ivHMK1nhYwHY1yCUT4Zq/XLYIBwtqb4MuBATlUrhHhjDV/ARl
gcx1KPLaPl/nTZkQuG9sF5fiVks+g7O/Tej0SFzPMu5LNSo242a89qCw9RT9dNVp
HonIowOMiGI370+/nGQqslD0vIePQtp439rEO29VhpGCtwuYcy+dtvYniJCLbuew
q84nE5cWxAw1xGp6zFJpAuvuq5CR8DXdhQrpydkVlTcZUMxICFubkzS6eVsj7wd9
1YSZBmqstGbhvl3njgfXnH0JtJm51bNmb+V9tkBVHrbn/M4g
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:12:32 2026 by rpki-client