Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9d2ea2aa-d40a-49a7-ab00-44ff5dbf729b.roa
File: 9d2ea2aa-d40a-49a7-ab00-44ff5dbf729b.roa (raw, json)
Hash identifier: QaYahG4RtdvVHvpp39U+nXPo2RNfc+UddBe5T0kljmw=
Subject key identifier: B6:39:B0:9B:F4:7C:83:6B:26:23:66:E2:3D:A1:91:61:AD:EC:79:70
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1FF51471E0A6DA5C217D0FA6F567E72E21BA2ADA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9d2ea2aa-d40a-49a7-ab00-44ff5dbf729b.roa
Signing time: Tue 19 May 2026 04:50:24 +0000
ROA not before: Tue 19 May 2026 04:50:24 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:f5:14:71:e0:a6:da:5c:21:7d:0f:a6:f5:67:e7:2e:21:ba:2a:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:50:24 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=07ba24f4c6e3e287fc53c0cbd3c70c6a622e7f9c736787bfc19751a070702d81, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:02:1c:55:d8:8a:3e:80:96:8e:84:3c:af:3b:
0a:31:a6:d2:e3:9e:5f:f3:e7:2c:c7:08:99:33:6e:
55:b3:66:2d:5d:cd:24:e5:18:fa:4f:3c:06:8f:68:
31:78:da:d1:b5:e0:6e:41:de:a5:7b:81:fe:ec:1a:
91:41:22:ce:40:ef:56:aa:bc:07:29:6e:65:af:03:
ae:42:6b:c3:5f:cf:87:30:9f:e8:8e:88:44:6b:1b:
00:3e:b5:89:92:2a:c4:39:8e:f7:af:67:e6:64:12:
0a:ea:8e:d0:53:7d:5e:5c:69:16:85:41:18:25:c5:
00:04:d0:0c:a3:21:62:30:28:76:3e:8f:35:59:63:
fa:48:28:a8:66:f1:3c:3d:db:9c:9e:aa:41:4b:b4:
c2:3e:71:de:25:61:6d:2f:b2:47:56:c6:fb:d1:19:
d8:73:b2:22:e8:84:d8:9f:bc:32:29:c3:3c:8b:c7:
f8:ab:b7:8a:dc:0b:2b:a0:00:e6:79:ea:75:58:95:
5a:f8:96:ab:79:79:a6:d7:bb:06:84:a0:a3:1b:d7:
47:ec:bf:a9:79:81:7f:b2:b6:12:2c:62:06:31:b4:
de:fe:eb:b8:f8:3e:b3:b3:4d:fa:07:7c:17:28:99:
00:70:86:73:13:fd:72:eb:ad:71:c7:a5:c9:d2:1c:
3b:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:39:B0:9B:F4:7C:83:6B:26:23:66:E2:3D:A1:91:61:AD:EC:79:70
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9d2ea2aa-d40a-49a7-ab00-44ff5dbf729b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:a000::/40
Signature Algorithm: sha256WithRSAEncryption
3e:52:e1:e1:1c:16:24:f2:d3:00:2d:2f:55:c3:c8:c2:08:21:
02:2d:7f:1c:2d:c7:26:1a:11:80:55:6f:d9:0e:c0:f4:c1:23:
e1:fd:7d:a5:d5:6b:29:8a:35:40:e3:7c:84:dc:91:89:16:f9:
63:61:13:08:21:27:a0:4c:48:ca:bf:71:20:1a:05:7b:71:c1:
44:fc:6e:80:57:c7:f4:0f:98:f9:a4:24:dc:42:38:e6:c8:0b:
a7:a4:4a:ca:e8:c8:af:df:ba:d3:1a:8f:bb:1f:e5:6d:95:ba:
88:93:d4:3f:fc:b7:e5:28:a3:ae:07:8b:95:54:0e:da:90:db:
05:6a:8c:ed:9d:69:3f:f1:64:06:8c:1a:7d:7b:b4:41:6f:4b:
6a:31:3f:0f:9e:64:a3:66:c3:cf:0f:c2:68:e8:1f:11:87:86:
71:21:0e:8b:f1:6f:2a:b0:95:5c:e6:a9:89:5b:f7:cd:e3:e8:
46:29:e6:a9:a6:5b:ff:1f:1d:bf:5e:70:53:25:1d:8c:42:b9:
0e:a3:ff:75:18:6b:91:f7:e1:64:1f:c9:6c:8b:4b:9d:31:32:
e7:de:c7:00:15:22:58:2a:a0:cc:a4:65:cc:a7:26:e1:7f:01:
7d:b1:24:65:07:6b:c7:bd:7d:17:47:d6:68:a8:03:2d:41:54:
b6:f2:8e:1b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUH/UUceCm2lwhfQ+m9WfnLiG6KtowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDUwMjRaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDA3YmEyNGY0YzZlM2UyODdmYzUzYzBjYmQzYzcwYzZhNjIyZTdmOWM3MzY3
ODdiZmMxOTc1MWEwNzA3MDJkODExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMwCHFXYij6Alo6EPK87CjGm0uOeX/PnLMcImTNuVbNmLV3NJOUY+k88Bo9o
MXja0bXgbkHepXuB/uwakUEizkDvVqq8ByluZa8DrkJrw1/PhzCf6I6IRGsbAD61
iZIqxDmO969n5mQSCuqO0FN9XlxpFoVBGCXFAATQDKMhYjAodj6PNVlj+kgoqGbx
PD3bnJ6qQUu0wj5x3iVhbS+yR1bG+9EZ2HOyIuiE2J+8MinDPIvH+Ku3itwLK6AA
5nnqdViVWviWq3l5pte7BoSgoxvXR+y/qXmBf7K2EixiBjG03v7ruPg+s7NN+gd8
FyiZAHCGcxP9cuutccelydIcO7sCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS2ObCb
9HyDayYjZuI9oZFhrex5cDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWQyZWEyYWEtZDQwYS00OWE3LWFiMDAtNDRmZjVkYmY3MjliLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HGg
MA0GCSqGSIb3DQEBCwUAA4IBAQA+UuHhHBYk8tMALS9Vw8jCCCECLX8cLccmGhGA
VW/ZDsD0wSPh/X2l1WspijVA43yE3JGJFvljYRMIISegTEjKv3EgGgV7ccFE/G6A
V8f0D5j5pCTcQjjmyAunpErK6Miv37rTGo+7H+VtlbqIk9Q//LflKKOuB4uVVA7a
kNsFaoztnWk/8WQGjBp9e7RBb0tqMT8PnmSjZsPPD8Jo6B8Rh4ZxIQ6L8W8qsJVc
5qmJW/fN4+hGKeapplv/Hx2/XnBTJR2MQrkOo/91GGuR9+FkH8lsi0udMTLn3scA
FSJYKqDMpGXMpybhfwF9sSRlB2vHvX0XR9ZoqAMtQVS28o4b
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:11:46 2026 by rpki-client