Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9cdec629-851f-4419-9f9b-59607b65b13a.roa
File: 9cdec629-851f-4419-9f9b-59607b65b13a.roa (raw, json)
Hash identifier: m0i1sl6gX1qpcFfKqNo/ngOWIPz0R3U5OyWHiK6nqwo=
Subject key identifier: 95:92:42:BF:9E:1B:E8:50:EA:85:75:98:16:60:33:B6:1F:D1:21:F3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 565FBCA030A5C3A25E798355A851051D9F09A77B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9cdec629-851f-4419-9f9b-59607b65b13a.roa
Signing time: Fri 03 Apr 2026 02:40:25 +0000
ROA not before: Fri 03 Apr 2026 02:40:25 +0000
ROA not after: Thu 02 Jul 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06b:8000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:5f:bc:a0:30:a5:c3:a2:5e:79:83:55:a8:51:05:1d:9f:09:a7:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 3 02:40:25 2026 GMT
Not After : Jul 2 23:59:59 2026 GMT
Subject: serialNumber=6d9ad1fd83b87be5cce5a2ebbf2fadeb4b140405e5f95dff4670c23465d4c107, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:09:79:79:dd:48:3b:9a:ce:cf:82:48:32:18:
0f:6e:ae:0f:b7:47:72:e2:21:b0:47:40:6e:7f:2e:
a7:5a:1f:34:c9:23:ac:20:5e:72:43:38:ca:e1:ac:
6a:c8:0f:f7:a0:cb:27:e7:4d:a4:a7:ae:7a:0d:6a:
d1:c6:fb:31:f8:a0:2a:5f:9e:0b:9e:c7:02:c0:f3:
db:10:fa:94:f1:b9:44:30:59:4f:7e:11:61:83:61:
b4:3c:48:6c:80:62:8c:8a:7e:90:50:07:20:f7:05:
b9:15:c1:ff:60:64:6d:3b:52:43:59:94:35:09:d4:
de:84:27:44:21:3f:fe:18:f0:4d:c6:63:f4:1e:89:
4d:60:e8:5b:1b:a1:d0:28:b1:e7:8f:10:62:d8:e3:
e9:ec:68:cf:82:62:9f:0b:33:de:f6:93:04:96:f6:
6c:71:a4:6e:ac:10:27:3f:08:c4:f1:5b:af:05:fc:
a0:67:ed:3c:b6:e2:7c:68:1c:71:22:14:36:35:ab:
8a:9e:28:8d:3a:a7:db:34:90:3a:eb:b6:31:b6:f1:
ad:a1:3e:12:1a:3b:8d:62:69:27:d1:07:23:67:24:
e3:ab:a6:a9:88:73:f8:5f:c3:19:b6:16:7b:45:27:
34:bc:bb:b0:98:ec:7e:ab:8f:da:c8:af:a7:c2:09:
fd:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:92:42:BF:9E:1B:E8:50:EA:85:75:98:16:60:33:B6:1F:D1:21:F3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9cdec629-851f-4419-9f9b-59607b65b13a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06b:8000::/40
Signature Algorithm: sha256WithRSAEncryption
5b:7b:52:8d:ee:63:7e:21:d6:49:f8:81:ca:33:1a:5c:5b:2f:
48:25:bd:ec:d3:66:27:b6:ed:8f:ea:50:31:67:12:e9:82:42:
5c:ee:a8:2b:05:d9:99:6c:9b:41:5a:19:1f:ff:44:6b:30:88:
1e:22:86:f7:39:e7:b5:a0:57:40:f4:61:09:34:0d:ca:01:1b:
a5:49:88:b2:b2:98:2f:eb:ff:4a:bf:bb:9e:c8:07:b6:c9:51:
8d:c2:21:db:07:5e:0b:cc:96:8a:42:26:a7:16:44:a6:7a:55:
72:67:09:ed:29:71:ab:a7:8c:c1:c0:d4:81:c7:8a:ac:a5:99:
98:4b:a1:d8:a0:0f:f8:cb:d3:74:b8:0e:e5:5b:45:02:a1:14:
81:9c:62:d5:ae:fa:db:04:b9:71:01:df:34:a0:4b:61:ed:8d:
84:1d:22:e2:ca:12:0f:0b:19:e1:41:fc:b6:07:58:19:91:84:
fe:52:71:5f:e6:21:27:bb:53:1a:96:95:c9:87:c4:35:d7:81:
4b:c6:5a:24:85:7e:2b:30:53:8b:8c:13:40:b7:10:88:a3:f5:
df:f9:07:6c:ce:b9:64:36:99:b8:1e:63:54:fb:99:cb:2f:b9:
52:8e:c8:f5:16:36:d4:e2:92:42:73:5c:4f:35:66:20:ba:9b:
29:64:53:a3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVl+8oDClw6JeeYNVqFEFHZ8Jp3swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA0MDMwMjQwMjVaFw0yNjA3MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDZkOWFkMWZkODNiODdiZTVjY2U1YTJlYmJmMmZhZGViNGIxNDA0MDVlNWY5
NWRmZjQ2NzBjMjM0NjVkNGMxMDcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL4JeXndSDuazs+CSDIYD26uD7dHcuIhsEdAbn8up1ofNMkjrCBeckM4yuGs
asgP96DLJ+dNpKeueg1q0cb7MfigKl+eC57HAsDz2xD6lPG5RDBZT34RYYNhtDxI
bIBijIp+kFAHIPcFuRXB/2BkbTtSQ1mUNQnU3oQnRCE//hjwTcZj9B6JTWDoWxuh
0Cix548QYtjj6exoz4Jinwsz3vaTBJb2bHGkbqwQJz8IxPFbrwX8oGftPLbifGgc
cSIUNjWrip4ojTqn2zSQOuu2MbbxraE+Eho7jWJpJ9EHI2ck46umqYhz+F/DGbYW
e0UnNLy7sJjsfquP2sivp8IJ/fkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSVkkK/
nhvoUOqFdZgWYDO2H9Eh8zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWNkZWM2MjktODUxZi00NDE5LTlmOWItNTk2MDdiNjViMTNhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0GuA
MA0GCSqGSIb3DQEBCwUAA4IBAQBbe1KN7mN+IdZJ+IHKMxpcWy9IJb3s02Yntu2P
6lAxZxLpgkJc7qgrBdmZbJtBWhkf/0RrMIgeIob3Oee1oFdA9GEJNA3KARulSYiy
spgv6/9Kv7ueyAe2yVGNwiHbB14LzJaKQianFkSmelVyZwntKXGrp4zBwNSBx4qs
pZmYS6HYoA/4y9N0uA7lW0UCoRSBnGLVrvrbBLlxAd80oEth7Y2EHSLiyhIPCxnh
Qfy2B1gZkYT+UnFf5iEnu1MalpXJh8Q114FLxlokhX4rMFOLjBNAtxCIo/Xf+Qds
zrlkNpm4HmNU+5nLL7lSjsj1FjbU4pJCc1xPNWYgupspZFOj
-----END CERTIFICATE-----
Generated at Fri Apr 17 05:56:00 2026 by rpki-client