Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9c1a10cc-5dc9-44bc-a4d2-9396bd9bc959.roa
File: 9c1a10cc-5dc9-44bc-a4d2-9396bd9bc959.roa (raw, json)
Hash identifier: X/4Qz2RhTPOaDfNm9nVXy1tsv+GkBzz6RzvjZ1fey+w=
Subject key identifier: CE:38:E9:09:69:4D:EA:23:41:19:53:10:A0:8F:A0:34:DA:43:48:CF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 756F30F6FD1BE8A204C84BEE845EE4984987EEE7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9c1a10cc-5dc9-44bc-a4d2-9396bd9bc959.roa
Signing time: Fri 15 May 2026 02:00:07 +0000
ROA not before: Fri 15 May 2026 02:00:07 +0000
ROA not after: Thu 13 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:a000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:6f:30:f6:fd:1b:e8:a2:04:c8:4b:ee:84:5e:e4:98:49:87:ee:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 15 02:00:07 2026 GMT
Not After : Aug 13 23:59:59 2026 GMT
Subject: serialNumber=caaa8487cc03b4d480455cf07f41917641259b0427eff993e3de7db3ce114206, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:b4:34:65:55:5f:10:42:c1:64:48:5f:76:ff:
54:f6:d7:bd:42:d1:35:a5:34:b5:d2:58:19:4a:7c:
79:e1:6b:f6:34:dd:21:9e:3c:3b:0c:bb:b5:fe:12:
96:e3:25:ad:a8:a6:d4:1b:ea:ed:85:32:70:f3:b2:
7c:68:5b:89:52:a8:25:e7:cc:80:1f:7d:ae:97:ec:
f0:70:8a:d3:34:42:84:f0:67:99:65:b0:47:04:fa:
18:4a:66:d7:83:be:75:f3:59:cd:f4:a1:0b:76:c8:
98:b9:9b:ce:d6:7f:e8:3e:4c:0c:a1:f8:df:5d:b6:
3f:d6:5e:33:27:0c:2e:8a:96:e5:cd:95:d4:22:8a:
5e:e2:9e:c9:7e:cc:18:4c:e7:fa:d5:48:09:9c:08:
a2:fc:2f:d6:65:2a:83:0a:0f:9d:1b:92:ec:78:4c:
98:c8:6e:9a:0d:f2:01:94:f5:15:95:fc:c7:50:a9:
f2:95:b6:f8:38:8c:55:7d:ef:fe:36:c5:d0:6d:03:
41:b6:0a:d3:01:3f:bb:93:7d:c4:9a:cb:9a:e3:e0:
9f:e1:0b:d4:c7:9d:59:03:62:17:f8:b7:80:bd:9d:
a5:40:ff:97:d5:d5:d3:6f:f3:a9:a5:4b:c4:72:24:
ee:6e:e2:bf:59:31:f6:fe:ff:ed:aa:5d:ab:05:af:
ef:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:38:E9:09:69:4D:EA:23:41:19:53:10:A0:8F:A0:34:DA:43:48:CF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9c1a10cc-5dc9-44bc-a4d2-9396bd9bc959.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:a000::/48
Signature Algorithm: sha256WithRSAEncryption
77:a1:b4:2b:ce:29:89:cc:13:e1:4b:7a:51:b5:e0:e4:d1:de:
b1:51:eb:65:9c:fa:58:8a:eb:1f:bb:15:75:46:0e:39:af:20:
e7:c9:d1:4a:9c:eb:98:e3:88:02:5c:89:c9:68:5b:80:84:c9:
30:c0:12:f3:ae:8c:48:1d:0d:8f:46:96:ff:10:af:ab:55:ad:
bc:f2:0d:40:25:54:11:20:82:86:64:5b:8a:04:b3:cc:e0:8d:
49:c3:10:d4:6b:7c:19:98:9d:f7:31:25:18:fb:2a:07:4a:4e:
90:c2:67:aa:1f:e1:f9:e6:b5:3f:23:d1:e8:95:18:df:72:8e:
01:b2:a0:bb:b0:68:c6:ff:99:fa:4d:71:e4:e7:02:8e:0b:9f:
46:9a:06:37:98:9c:2e:b6:ec:0a:71:2d:35:cf:59:e1:0b:b0:
f0:97:68:d9:f7:35:bb:42:37:b1:0d:fe:2c:ea:95:d5:03:56:
5b:83:d8:07:75:a5:77:73:7b:af:7c:1f:6d:8a:44:ec:70:36:
27:4e:e8:36:70:d4:a7:16:2e:dd:bd:c4:9c:cc:3b:a3:26:0b:
f6:bd:1c:d4:e8:d6:07:97:cc:14:ad:96:b4:7b:69:53:6a:83:
be:8a:c4:1e:9e:4a:1c:03:25:d6:e1:f0:6c:cb:76:44:59:d4:
51:ee:8f:24
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUdW8w9v0b6KIEyEvuhF7kmEmH7ucwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTUwMjAwMDdaFw0yNjA4MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGNhYWE4NDg3Y2MwM2I0ZDQ4MDQ1NWNmMDdmNDE5MTc2NDEyNTliMDQyN2Vm
Zjk5M2UzZGU3ZGIzY2UxMTQyMDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJe0NGVVXxBCwWRIX3b/VPbXvULRNaU0tdJYGUp8eeFr9jTdIZ48Owy7tf4S
luMlraim1Bvq7YUycPOyfGhbiVKoJefMgB99rpfs8HCK0zRChPBnmWWwRwT6GEpm
14O+dfNZzfShC3bImLmbztZ/6D5MDKH43122P9ZeMycMLoqW5c2V1CKKXuKeyX7M
GEzn+tVICZwIovwv1mUqgwoPnRuS7HhMmMhumg3yAZT1FZX8x1Cp8pW2+DiMVX3v
/jbF0G0DQbYK0wE/u5N9xJrLmuPgn+EL1MedWQNiF/i3gL2dpUD/l9XV02/zqaVL
xHIk7m7iv1kx9v7/7apdqwWv7z8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTOOOkJ
aU3qI0EZUxCgj6A02kNIzzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWMxYTEwY2MtNWRjOS00NGJjLWE0ZDItOTM5NmJkOWJjOTU5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0Hag
ADANBgkqhkiG9w0BAQsFAAOCAQEAd6G0K84picwT4Ut6UbXg5NHesVHrZZz6WIrr
H7sVdUYOOa8g58nRSpzrmOOIAlyJyWhbgITJMMAS866MSB0Nj0aW/xCvq1WtvPIN
QCVUESCChmRbigSzzOCNScMQ1Gt8GZid9zElGPsqB0pOkMJnqh/h+ea1PyPR6JUY
33KOAbKgu7Boxv+Z+k1x5OcCjgufRpoGN5icLrbsCnEtNc9Z4Quw8Jdo2fc1u0I3
sQ3+LOqV1QNWW4PYB3Wld3N7r3wfbYpE7HA2J07oNnDUpxYu3b3EnMw7oyYL9r0c
1OjWB5fMFK2WtHtpU2qDvorEHp5KHAMl1uHwbMt2RFnUUe6PJA==
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:00:46 2026 by rpki-client