Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9dfe8c65-fd5b-4597-be4a-0e094c59c40d.roa
File: 9dfe8c65-fd5b-4597-be4a-0e094c59c40d.roa (raw, json)
Hash identifier: /cQclP7/0DnKiqn9kQF2+cgCx7/Tc11d7bJ4DzxmoJY=
Subject key identifier: 56:54:A2:4B:57:4F:04:C3:78:8B:C4:9A:8D:C8:A4:B8:9B:6D:2B:8D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1830FC681AD279A1DBE0EBF34EF180548426B55C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9dfe8c65-fd5b-4597-be4a-0e094c59c40d.roa
Signing time: Sat 16 May 2026 00:40:04 +0000
ROA not before: Sat 16 May 2026 00:40:04 +0000
ROA not after: Fri 14 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06c:c000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:30:fc:68:1a:d2:79:a1:db:e0:eb:f3:4e:f1:80:54:84:26:b5:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 16 00:40:04 2026 GMT
Not After : Aug 14 23:59:59 2026 GMT
Subject: serialNumber=ae2720385a9da47fb1521bbe65f616978dbd5b15a7e770c9c7c21d4cb707e0b4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:af:72:61:5d:7c:77:fb:5f:47:7b:6d:e5:3c:
77:71:b4:45:40:13:c1:52:69:50:9a:ea:d7:c9:cb:
40:0b:66:1a:57:1b:f2:86:23:e4:79:4a:3b:dd:d4:
d3:69:70:ae:80:2a:9e:01:1b:23:78:72:52:f1:8c:
27:63:39:2b:31:09:5c:25:cf:9a:bb:59:29:5b:d2:
27:b4:5e:1c:d7:06:ba:9c:41:93:7b:93:5f:fa:51:
12:12:6c:2f:67:97:3f:ba:70:27:a0:e7:8e:20:b9:
d8:5f:df:a4:8c:e2:16:16:2b:88:b6:44:a1:d7:bb:
fe:13:94:e0:9c:6a:c9:a1:24:5b:f4:0e:96:e0:e0:
9b:60:9b:2b:a4:af:14:ad:03:36:74:58:a7:91:52:
e4:aa:61:1e:9f:21:bf:3b:1f:50:f1:5b:eb:b0:22:
7e:75:f0:c1:01:a8:69:89:f6:4a:2a:df:86:cf:29:
71:3c:a5:09:68:3b:c9:c1:69:b7:c6:f6:87:44:8d:
d8:ec:a8:75:35:0f:31:02:d5:ce:ff:e4:57:80:0e:
f9:d7:d2:76:20:61:52:db:f1:04:a3:d9:db:9a:c0:
77:96:6d:f1:63:32:13:32:2a:05:10:aa:5e:79:0d:
fb:18:d2:4f:0d:44:53:ba:ea:99:bf:fd:d0:1f:72:
5f:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:54:A2:4B:57:4F:04:C3:78:8B:C4:9A:8D:C8:A4:B8:9B:6D:2B:8D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9dfe8c65-fd5b-4597-be4a-0e094c59c40d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06c:c000::/48
Signature Algorithm: sha256WithRSAEncryption
c8:87:42:eb:b7:81:97:37:df:ea:68:b5:da:cd:74:14:d2:8e:
54:fa:8c:6f:a1:9f:5f:ce:78:b9:46:4e:2f:3b:78:50:fb:1a:
12:9d:0b:08:29:0a:7a:cf:0f:dd:88:18:d3:a7:79:6e:fd:67:
77:6f:c8:d6:4a:60:37:32:ec:c9:a3:86:dc:a0:09:31:38:bd:
5e:af:4d:19:31:89:88:ae:3e:92:95:8a:1f:fc:1b:34:5b:19:
27:fc:32:14:b0:19:a9:63:f9:9d:ff:35:b3:03:16:45:b7:9e:
36:60:e8:81:7a:e9:46:22:bc:4e:90:ef:c0:b8:a1:c0:3c:4d:
e0:9d:3c:b1:61:79:19:c5:7e:60:05:54:50:b3:6f:f3:6a:8d:
96:fb:90:f2:9b:f7:46:25:87:70:5a:9e:af:35:59:6d:af:63:
5b:45:da:65:05:6e:e8:e0:a1:32:d2:51:b0:73:22:8c:70:50:
80:07:fa:11:4e:c4:db:ac:63:aa:f4:0a:23:89:ef:1e:bc:a7:
a0:5c:f3:20:29:3a:ee:c0:ff:91:3f:9e:c3:bf:17:23:c6:9a:
7f:8f:44:66:ed:3f:90:97:19:57:73:65:ad:f3:a1:5f:fc:0b:
64:90:0f:46:ab:87:d3:e2:97:de:79:8c:73:28:57:84:e4:95:
aa:a2:b3:62
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUGDD8aBrSeaHb4OvzTvGAVIQmtVwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTYwMDQwMDRaFw0yNjA4MTQyMzU5NTlaMHoxSTBHBgNV
BAUTQGFlMjcyMDM4NWE5ZGE0N2ZiMTUyMWJiZTY1ZjYxNjk3OGRiZDViMTVhN2U3
NzBjOWM3YzIxZDRjYjcwN2UwYjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALyvcmFdfHf7X0d7beU8d3G0RUATwVJpUJrq18nLQAtmGlcb8oYj5HlKO93U
02lwroAqngEbI3hyUvGMJ2M5KzEJXCXPmrtZKVvSJ7ReHNcGupxBk3uTX/pREhJs
L2eXP7pwJ6DnjiC52F/fpIziFhYriLZEode7/hOU4JxqyaEkW/QOluDgm2CbK6Sv
FK0DNnRYp5FS5KphHp8hvzsfUPFb67AifnXwwQGoaYn2Sirfhs8pcTylCWg7ycFp
t8b2h0SN2OyodTUPMQLVzv/kV4AO+dfSdiBhUtvxBKPZ25rAd5Zt8WMyEzIqBRCq
XnkN+xjSTw1EU7rqmb/90B9yX5MCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRWVKJL
V08Ew3iLxJqNyKS4m20rjTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWRmZThjNjUtZmQ1Yi00NTk3LWJlNGEtMGUwOTRjNTljNDBkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0GzA
ADANBgkqhkiG9w0BAQsFAAOCAQEAyIdC67eBlzff6mi12s10FNKOVPqMb6GfX854
uUZOLzt4UPsaEp0LCCkKes8P3YgY06d5bv1nd2/I1kpgNzLsyaOG3KAJMTi9Xq9N
GTGJiK4+kpWKH/wbNFsZJ/wyFLAZqWP5nf81swMWRbeeNmDogXrpRiK8TpDvwLih
wDxN4J08sWF5GcV+YAVUULNv82qNlvuQ8pv3RiWHcFqerzVZba9jW0XaZQVu6OCh
MtJRsHMijHBQgAf6EU7E26xjqvQKI4nvHrynoFzzICk67sD/kT+ew78XI8aaf49E
Zu0/kJcZV3NlrfOhX/wLZJAPRquH0+KX3nmMcyhXhOSVqqKzYg==
-----END CERTIFICATE-----
Generated at Sat Jun 13 12:43:07 2026 by rpki-client