Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/98ae6903-6674-49ca-b677-ce1e731619a3.roa
File: 98ae6903-6674-49ca-b677-ce1e731619a3.roa (raw, json)
Hash identifier: 45ssfD91vtho0tiy8adHovPW3sddbBz1Tlt5p4uSyC0=
Subject key identifier: AE:C3:09:E1:F5:BB:28:CB:C7:68:CE:59:20:A8:24:A3:33:D8:AB:C3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 24C58FC2DC10169FB80067CEEC6F6AF9D181EB5F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/98ae6903-6674-49ca-b677-ce1e731619a3.roa
Signing time: Wed 20 May 2026 00:00:05 +0000
ROA not before: Wed 20 May 2026 00:00:05 +0000
ROA not after: Tue 18 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d014:1c00::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:c5:8f:c2:dc:10:16:9f:b8:00:67:ce:ec:6f:6a:f9:d1:81:eb:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 00:00:05 2026 GMT
Not After : Aug 18 23:59:59 2026 GMT
Subject: serialNumber=b580b23fedb94ab6962c72a3ea89fa025b955dae85e88444a825f5ccc94ed7c9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:2b:6b:62:2b:b6:ce:3e:dd:0c:88:28:ee:dc:
96:a7:95:3e:eb:0f:7b:c1:13:4f:d0:3d:bf:37:c0:
36:e8:b8:3e:25:88:e5:fa:59:00:af:df:b6:7e:9c:
26:bb:49:bb:30:0c:0f:5c:bc:1f:5e:68:88:8e:ce:
c2:7e:62:ed:45:8d:c0:b8:34:3c:04:f7:07:22:a6:
31:f9:72:f7:9a:bd:f2:b3:c6:60:95:4b:d3:1a:36:
38:12:ad:54:d5:72:07:04:cd:7b:09:2c:81:a0:74:
51:31:b7:98:93:2c:3d:ef:07:6b:e1:23:2a:ff:fc:
31:8a:59:1d:f4:1b:07:93:95:34:c6:87:f4:36:a8:
6a:ad:12:22:b1:02:f2:5f:38:3f:28:96:25:2c:75:
07:9e:84:3d:e1:e8:46:f2:06:08:6e:e8:46:83:81:
a1:fa:9d:09:16:9b:12:2d:4b:cb:53:35:40:39:93:
2c:ee:5d:fe:7f:1f:50:a8:5f:5f:e3:08:66:a5:28:
b4:2f:8d:8e:54:6f:da:6b:66:ea:7b:74:59:4e:ee:
25:c7:dc:0f:34:89:3b:6f:05:ce:16:23:f7:f8:79:
e2:7b:52:2b:78:ec:a1:b3:70:e1:c7:db:07:bd:d0:
b0:1c:02:ec:50:de:2d:99:e6:81:56:8d:d4:07:d4:
85:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:C3:09:E1:F5:BB:28:CB:C7:68:CE:59:20:A8:24:A3:33:D8:AB:C3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/98ae6903-6674-49ca-b677-ce1e731619a3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d014:1c00::/38
Signature Algorithm: sha256WithRSAEncryption
56:0d:27:f5:91:4e:fe:da:d1:21:de:12:c1:89:16:83:ed:78:
a2:2b:98:ca:a3:e8:d1:d4:0c:bc:65:5a:8b:ad:81:f9:43:e5:
2e:a9:76:56:05:88:3f:3a:e7:51:71:ad:86:64:5c:11:ca:4c:
93:9e:b8:49:f5:ad:5b:06:fd:84:e9:ac:8a:69:1a:70:49:12:
27:b0:47:00:54:81:c5:cb:2b:4f:41:2c:14:49:7e:da:d9:55:
91:d6:cc:fb:b3:95:24:e3:5a:fa:89:69:d0:c0:1b:ae:bb:40:
8d:21:bd:ea:b7:8e:f3:8a:4a:63:78:03:36:6f:b9:af:18:16:
f6:d4:35:c3:06:98:e2:e3:71:cd:47:3b:c6:96:e9:d5:a8:0a:
aa:9a:d6:7a:60:b1:98:57:fb:46:e0:ce:dc:f0:87:19:96:13:
eb:c2:1c:67:74:49:3f:f3:d3:07:87:9e:1e:7e:14:3a:9c:a4:
ad:b0:c6:0c:a2:51:33:1e:3b:ab:25:5f:22:0b:5e:06:27:e6:
bf:a0:45:99:db:75:d2:ea:0e:d6:7c:08:e0:8c:88:b1:78:13:
e7:05:c9:24:fa:cb:70:b4:a4:98:d7:82:77:34:fb:7c:1d:22:
77:c0:8d:c9:4c:05:8b:b1:fd:3b:52:08:8e:2a:5d:87:42:e9:
d4:76:ac:ed
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJMWPwtwQFp+4AGfO7G9q+dGB618wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MjAwMDAwMDVaFw0yNjA4MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQGI1ODBiMjNmZWRiOTRhYjY5NjJjNzJhM2VhODlmYTAyNWI5NTVkYWU4NWU4
ODQ0NGE4MjVmNWNjYzk0ZWQ3YzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOEra2Irts4+3QyIKO7clqeVPusPe8ETT9A9vzfANui4PiWI5fpZAK/ftn6c
JrtJuzAMD1y8H15oiI7Own5i7UWNwLg0PAT3ByKmMfly95q98rPGYJVL0xo2OBKt
VNVyBwTNewksgaB0UTG3mJMsPe8Ha+EjKv/8MYpZHfQbB5OVNMaH9Daoaq0SIrEC
8l84PyiWJSx1B56EPeHoRvIGCG7oRoOBofqdCRabEi1Ly1M1QDmTLO5d/n8fUKhf
X+MIZqUotC+NjlRv2mtm6nt0WU7uJcfcDzSJO28FzhYj9/h54ntSK3jsobNw4cfb
B73QsBwC7FDeLZnmgVaN1AfUhd8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSuwwnh
9bsoy8dozlkgqCSjM9irwzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OThhZTY5MDMtNjY3NC00OWNhLWI2NzctY2UxZTczMTYxOWEzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BQc
MA0GCSqGSIb3DQEBCwUAA4IBAQBWDSf1kU7+2tEh3hLBiRaD7XiiK5jKo+jR1Ay8
ZVqLrYH5Q+UuqXZWBYg/OudRca2GZFwRykyTnrhJ9a1bBv2E6ayKaRpwSRInsEcA
VIHFyytPQSwUSX7a2VWR1sz7s5Uk41r6iWnQwBuuu0CNIb3qt47zikpjeAM2b7mv
GBb21DXDBpji43HNRzvGlunVqAqqmtZ6YLGYV/tG4M7c8IcZlhPrwhxndEk/89MH
h54efhQ6nKStsMYMolEzHjurJV8iC14GJ+a/oEWZ23XS6g7WfAjgjIixeBPnBckk
+stwtKSY14J3NPt8HSJ3wI3JTAWLsf07UgiOKl2HQunUdqzt
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:12:58 2026 by rpki-client