Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99bc52f3-b4f5-44eb-9a53-c74da3e9713e.roa
File: 99bc52f3-b4f5-44eb-9a53-c74da3e9713e.roa (raw, json)
Hash identifier: V8adDpagmK0u9FMhZsT7cxWFDLN1cCOq7hrc6UNczOY=
Subject key identifier: 28:35:82:59:62:6D:B6:88:24:04:3D:C9:CB:B4:7B:22:5D:72:98:02
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 268D7AFB782221068D9FFCF4C1C7DA1A773D3F04
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99bc52f3-b4f5-44eb-9a53-c74da3e9713e.roa
Signing time: Wed 20 May 2026 00:00:05 +0000
ROA not before: Wed 20 May 2026 00:00:05 +0000
ROA not after: Tue 18 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d014:1000::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:8d:7a:fb:78:22:21:06:8d:9f:fc:f4:c1:c7:da:1a:77:3d:3f:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 00:00:05 2026 GMT
Not After : Aug 18 23:59:59 2026 GMT
Subject: serialNumber=768cc28f352ba802922570a1e7b0278090c49eb5c3670bf3fc3b49cb03416165, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:96:a6:84:08:ac:fe:b2:80:44:fb:b3:88:7f:
4d:ae:63:17:ae:c7:6a:f9:9a:1f:1a:ee:53:e7:d9:
af:71:df:77:c3:2a:ea:25:0b:aa:20:36:d3:7c:3e:
7a:02:a1:d3:2f:57:4d:f7:56:27:34:b3:50:76:b2:
08:8e:13:e8:5e:e7:30:85:7d:93:97:ca:d9:cb:69:
b6:a8:fd:b4:86:a2:d1:13:bc:ab:8e:19:ca:f5:b6:
12:dd:aa:ba:37:d6:11:1a:cb:f1:a3:bb:9c:dd:3e:
5b:5b:23:83:60:e0:5f:24:44:ec:c6:8e:29:d2:61:
5f:62:1a:29:57:f4:e6:49:b7:d9:c8:e1:6e:68:54:
40:54:a4:ae:80:e3:d8:dd:46:fa:46:91:20:52:e0:
a2:38:9e:f3:4b:72:f3:35:e8:b6:b6:9f:d2:42:2e:
3d:8f:bc:63:0f:3b:07:50:02:93:f7:de:c0:04:3c:
26:2d:12:c0:50:db:18:91:8e:0e:0c:5d:c5:dc:76:
4e:32:b2:b5:ef:7d:12:0a:df:04:d1:01:1c:25:24:
32:68:bb:83:1c:d2:93:17:91:f8:45:a6:24:3d:1c:
2b:e9:36:b6:f5:68:95:da:3f:51:5e:45:d3:98:ba:
80:8b:fc:05:39:d7:c6:0e:e3:e1:32:97:05:ab:02:
92:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:35:82:59:62:6D:B6:88:24:04:3D:C9:CB:B4:7B:22:5D:72:98:02
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99bc52f3-b4f5-44eb-9a53-c74da3e9713e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d014:1000::/38
Signature Algorithm: sha256WithRSAEncryption
8d:2c:15:b7:b5:c8:f0:f9:11:98:8e:7c:00:6a:31:ae:7c:d4:
37:b8:4d:f0:d1:52:7b:e4:67:4d:8f:cc:d3:3f:96:e6:4a:b2:
29:cb:ab:fc:53:e5:21:6c:98:af:e9:2b:31:0a:ad:8f:3f:b4:
dc:ad:b7:b5:3b:4f:13:ef:99:f9:b7:a0:65:fc:8b:6c:ec:be:
27:c5:14:5f:33:11:30:a4:39:1b:23:99:8e:51:d7:13:30:ff:
45:1c:5c:c4:74:e4:16:7b:40:26:95:4f:d7:4e:92:fc:66:90:
e8:fc:9e:d1:88:38:27:2a:e3:ae:29:ac:e0:97:1f:75:25:73:
cf:2c:43:91:eb:fb:4e:f8:de:60:e0:5a:fe:02:d9:de:e5:f6:
a6:df:82:58:b1:ed:6e:50:47:66:a7:78:19:a5:16:fc:15:ef:
b8:00:e3:13:72:9c:d3:7b:44:cf:cb:16:02:12:da:89:e2:0b:
dd:08:d8:58:4d:f4:f2:ca:92:10:69:99:00:5f:b1:12:2b:70:
9f:1c:17:c9:99:37:02:5b:e7:cc:bc:5a:c5:e5:2b:c4:d4:8f:
cf:56:ce:4f:60:71:11:92:6a:cc:56:12:62:72:0b:46:3b:39:
7b:90:8d:b1:14:22:97:c4:4d:4d:d7:7f:1f:d1:01:bf:55:08:
17:fa:70:75
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJo16+3giIQaNn/z0wcfaGnc9PwQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MjAwMDAwMDVaFw0yNjA4MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDc2OGNjMjhmMzUyYmE4MDI5MjI1NzBhMWU3YjAyNzgwOTBjNDllYjVjMzY3
MGJmM2ZjM2I0OWNiMDM0MTYxNjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALGWpoQIrP6ygET7s4h/Ta5jF67HavmaHxruU+fZr3Hfd8Mq6iULqiA203w+
egKh0y9XTfdWJzSzUHayCI4T6F7nMIV9k5fK2ctptqj9tIai0RO8q44ZyvW2Et2q
ujfWERrL8aO7nN0+W1sjg2DgXyRE7MaOKdJhX2IaKVf05km32cjhbmhUQFSkroDj
2N1G+kaRIFLgojie80ty8zXotraf0kIuPY+8Yw87B1ACk/fewAQ8Ji0SwFDbGJGO
Dgxdxdx2TjKyte99EgrfBNEBHCUkMmi7gxzSkxeR+EWmJD0cK+k2tvVoldo/UV5F
05i6gIv8BTnXxg7j4TKXBasCkssCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQoNYJZ
Ym22iCQEPcnLtHsiXXKYAjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTliYzUyZjMtYjRmNS00NGViLTlhNTMtYzc0ZGEzZTk3MTNlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BQQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCNLBW3tcjw+RGYjnwAajGufNQ3uE3w0VJ75GdN
j8zTP5bmSrIpy6v8U+UhbJiv6SsxCq2PP7Tcrbe1O08T75n5t6Bl/Its7L4nxRRf
MxEwpDkbI5mOUdcTMP9FHFzEdOQWe0AmlU/XTpL8ZpDo/J7RiDgnKuOuKazglx91
JXPPLEOR6/tO+N5g4Fr+Atne5fam34JYse1uUEdmp3gZpRb8Fe+4AOMTcpzTe0TP
yxYCEtqJ4gvdCNhYTfTyypIQaZkAX7ESK3CfHBfJmTcCW+fMvFrF5SvE1I/PVs5P
YHERkmrMVhJicgtGOzl7kI2xFCKXxE1N138f0QG/VQgX+nB1
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:11:44 2026 by rpki-client