Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99404275-57dd-4a36-8c29-529ab06d1d00.roa
File: 99404275-57dd-4a36-8c29-529ab06d1d00.roa (raw, json)
Hash identifier: 1wWx7gcbiNtwYZxPDs2jqHkzHfVE7LnYt0co4sLaokk=
Subject key identifier: DD:79:D3:21:3E:10:4B:8F:4E:93:4F:56:9B:49:07:E0:F9:FB:DF:20
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7A3D0A2FFD44AA6DC82739356633C7670D5C9340
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99404275-57dd-4a36-8c29-529ab06d1d00.roa
Signing time: Tue 19 May 2026 05:20:08 +0000
ROA not before: Tue 19 May 2026 05:20:08 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:b000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:3d:0a:2f:fd:44:aa:6d:c8:27:39:35:66:33:c7:67:0d:5c:93:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:20:08 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=b70a1d13a4aada24ce60def2f04d2e59c9d4dbacba0d14924338c53f792d14e0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:08:f8:5c:09:e4:b5:db:96:68:f3:08:de:bb:
99:9b:57:82:66:81:28:1c:38:fc:6f:3a:fc:84:8c:
c6:53:08:a1:59:99:eb:c3:29:3c:ed:be:8d:d6:ff:
bd:38:00:5f:60:2a:ef:08:27:42:11:e4:b9:66:78:
0d:60:f4:93:98:7a:f0:a7:84:1e:21:6d:18:96:b3:
ea:84:45:22:ec:e3:39:44:bd:9e:d8:88:3e:de:54:
04:21:18:e7:33:ce:78:32:b3:31:00:66:b4:f7:23:
f6:3c:4f:14:7e:95:6e:e0:38:e5:0c:4b:52:fd:67:
b1:fe:2f:76:e0:b7:e2:b8:4a:13:8d:8b:a2:b1:06:
ce:1b:72:eb:2a:19:1b:0f:f5:c3:69:4f:1d:ae:37:
0e:9b:5b:b7:84:8f:69:b3:f8:8c:54:fe:46:23:39:
05:43:91:8d:ab:a5:c7:66:02:75:2a:8f:d6:ec:80:
d2:42:0b:df:3e:eb:b6:1c:b6:b9:22:04:3a:64:bc:
cd:1f:76:65:d7:02:78:d2:b9:de:fa:81:bd:f4:d0:
19:df:a9:37:20:27:62:f9:e0:96:f0:25:e3:8a:23:
04:48:32:aa:8c:e6:73:0e:3f:88:e8:82:fd:e2:c0:
45:5d:90:92:a3:0e:4a:68:1b:0f:06:c8:7c:84:06:
7b:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:79:D3:21:3E:10:4B:8F:4E:93:4F:56:9B:49:07:E0:F9:FB:DF:20
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99404275-57dd-4a36-8c29-529ab06d1d00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:b000::/40
Signature Algorithm: sha256WithRSAEncryption
52:6e:0f:b3:25:3b:04:48:e4:ec:1b:c1:90:e6:a6:fb:a0:24:
19:22:67:66:af:e9:9d:4e:60:c3:c8:da:2c:bf:71:bf:70:15:
7a:29:55:d9:d5:99:68:e4:91:77:9e:2a:42:e1:84:38:fe:f6:
ee:aa:f3:c4:28:d2:a5:34:57:98:95:72:fe:24:a8:c6:c1:bc:
6a:a6:12:f3:e8:08:17:c1:87:f1:e0:39:b9:4d:2f:96:48:ef:
ed:33:fa:92:1a:60:1e:42:b9:0f:b4:41:ac:b4:7e:85:ac:e4:
99:76:33:68:cb:58:1b:9e:68:13:2b:9b:47:15:8b:52:da:cd:
e9:92:0e:fb:83:13:f4:7c:f0:d4:bd:68:83:cd:c5:a9:03:50:
4d:33:1f:72:ea:17:be:72:ea:e6:c0:0f:aa:88:7f:56:d7:8f:
2e:bf:94:af:9a:48:10:7a:a7:52:e6:e1:81:da:8c:b7:f0:13:
a6:5b:91:44:05:7a:1b:9a:06:ef:ae:f9:7c:e4:b9:8e:48:03:
c1:6d:03:8d:a7:00:42:31:f2:52:58:bc:1a:df:36:a4:13:9f:
b8:7c:49:69:87:1e:de:59:7d:58:e0:ea:9f:7c:db:f3:3e:da:
d5:ac:06:80:2d:85:18:44:d1:76:55:63:04:cf:d9:30:06:bc:
2a:c4:c8:5f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUej0KL/1Eqm3IJzk1ZjPHZw1ck0AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTIwMDhaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGI3MGExZDEzYTRhYWRhMjRjZTYwZGVmMmYwNGQyZTU5YzlkNGRiYWNiYTBk
MTQ5MjQzMzhjNTNmNzkyZDE0ZTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANMI+FwJ5LXblmjzCN67mZtXgmaBKBw4/G86/ISMxlMIoVmZ68MpPO2+jdb/
vTgAX2Aq7wgnQhHkuWZ4DWD0k5h68KeEHiFtGJaz6oRFIuzjOUS9ntiIPt5UBCEY
5zPOeDKzMQBmtPcj9jxPFH6VbuA45QxLUv1nsf4vduC34rhKE42LorEGzhty6yoZ
Gw/1w2lPHa43Dptbt4SPabP4jFT+RiM5BUORjaulx2YCdSqP1uyA0kIL3z7rthy2
uSIEOmS8zR92ZdcCeNK53vqBvfTQGd+pNyAnYvnglvAl44ojBEgyqozmcw4/iOiC
/eLARV2QkqMOSmgbDwbIfIQGe08CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTdedMh
PhBLj06TT1abSQfg+fvfIDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTk0MDQyNzUtNTdkZC00YTM2LThjMjktNTI5YWIwNmQxZDAwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Dqw
MA0GCSqGSIb3DQEBCwUAA4IBAQBSbg+zJTsESOTsG8GQ5qb7oCQZImdmr+mdTmDD
yNosv3G/cBV6KVXZ1Zlo5JF3nipC4YQ4/vbuqvPEKNKlNFeYlXL+JKjGwbxqphLz
6AgXwYfx4Dm5TS+WSO/tM/qSGmAeQrkPtEGstH6FrOSZdjNoy1gbnmgTK5tHFYtS
2s3pkg77gxP0fPDUvWiDzcWpA1BNMx9y6he+curmwA+qiH9W148uv5SvmkgQeqdS
5uGB2oy38BOmW5FEBXobmgbvrvl85LmOSAPBbQONpwBCMfJSWLwa3zakE5+4fElp
hx7eWX1Y4OqffNvzPtrVrAaALYUYRNF2VWMEz9kwBrwqxMhf
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:15:16 2026 by rpki-client