Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a3cf7c4b-50db-44ec-b347-06935db52d29.roa
File: a3cf7c4b-50db-44ec-b347-06935db52d29.roa (raw, json)
Hash identifier: PCS33wjH1hIPAowRc3sah2ph6iPJ7suXPF4QluhIpOQ=
Subject key identifier: 48:77:B7:2A:50:7B:EE:1C:8E:44:D5:1A:1A:44:F8:45:E0:9D:4C:CF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2CB6AA3A770F5A78895FBD22DD2EA55C60C28817
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a3cf7c4b-50db-44ec-b347-06935db52d29.roa
Signing time: Sun 31 May 2026 00:30:13 +0000
ROA not before: Sun 31 May 2026 00:30:13 +0000
ROA not after: Sat 29 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d05a:2040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:b6:aa:3a:77:0f:5a:78:89:5f:bd:22:dd:2e:a5:5c:60:c2:88:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 31 00:30:13 2026 GMT
Not After : Aug 29 23:59:59 2026 GMT
Subject: serialNumber=4c50b3549622a55112fd90c41b4d48e25fc38531d4ecb6dba86aec4d347bf2f3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:1b:82:eb:62:ac:b7:d3:77:d2:57:8e:1b:d1:
5d:de:20:50:43:68:47:1a:8e:ab:6b:4e:6e:dd:d3:
6c:a0:ec:d0:76:59:5e:97:0b:e8:ba:05:2a:5d:ec:
32:0b:53:8f:7e:f4:2c:b3:27:40:23:e1:95:88:9d:
8a:14:10:d8:ab:d3:57:e8:8b:f2:b3:2c:79:a4:03:
a4:92:2f:9a:23:6b:d1:52:4d:71:aa:5a:1e:87:db:
45:d7:20:8c:57:4d:51:7f:f1:3d:1a:4d:93:9f:71:
fe:34:74:c8:b8:b2:25:a9:00:b5:b5:87:a3:ea:34:
c5:cc:14:88:80:e2:68:29:74:02:df:6c:57:17:02:
65:94:82:8c:3a:8f:b5:2d:9c:63:74:34:24:e8:50:
81:60:20:b9:1c:00:e1:56:2c:18:5a:ce:11:21:aa:
c8:b9:1b:97:bb:39:91:61:f6:cd:ac:12:15:70:6f:
43:6d:a3:b0:d7:46:21:e9:c0:4d:c9:3c:48:88:1a:
f2:2f:3b:6a:f3:1a:80:54:1f:c0:4e:b5:eb:53:bd:
e6:1c:7a:e1:b4:bb:d1:0b:46:f1:1d:bd:32:9f:a8:
d3:bc:37:9c:bd:27:0b:3c:4e:50:aa:7e:cb:00:e3:
20:5b:80:57:5e:3d:66:72:37:aa:a4:13:d0:8f:21:
d8:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:77:B7:2A:50:7B:EE:1C:8E:44:D5:1A:1A:44:F8:45:E0:9D:4C:CF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a3cf7c4b-50db-44ec-b347-06935db52d29.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d05a:2040::/48
Signature Algorithm: sha256WithRSAEncryption
2f:8f:b8:ff:db:1a:e3:21:c8:0f:7d:be:a5:ca:1a:68:f0:06:
0a:29:30:9f:6c:96:52:81:92:e4:17:6b:85:a0:e5:f3:75:77:
fd:5d:43:94:dc:02:6d:81:ea:c3:8d:a1:65:46:92:30:2d:29:
b7:3c:96:d7:bf:69:7c:bc:0d:a1:83:90:72:a0:74:9c:df:88:
ba:3b:99:57:02:e4:c2:f3:be:c1:6e:fc:4c:5c:6e:f2:2f:11:
6a:38:09:2a:1e:86:01:fd:59:ce:bc:35:1a:37:d3:ba:f9:59:
29:ce:43:35:fa:a6:f9:ff:55:0b:aa:5d:a9:fc:6c:fd:43:2f:
2c:69:78:5d:ba:d9:de:64:cf:0f:7f:97:82:b0:7e:9b:bb:0d:
45:20:09:5c:c1:f9:54:c7:6c:3d:22:59:d8:27:01:cd:66:cd:
2c:18:b6:71:91:d7:e6:11:43:02:f7:74:fb:f7:70:f2:8a:80:
7d:12:21:de:b9:a6:33:40:38:0c:fd:13:a2:5a:45:54:28:a9:
9d:04:dd:ef:a1:ee:a6:47:32:81:4d:55:58:04:20:17:3d:76:
70:1e:51:d2:0f:73:37:39:0a:7b:fb:53:bd:34:54:3f:06:62:
2e:47:17:52:7b:ab:6e:15:21:a6:a4:29:2f:e4:9a:5b:78:4f:
4d:0c:fb:30
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIULLaqOncPWniJX70i3S6lXGDCiBcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MzEwMDMwMTNaFw0yNjA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDRjNTBiMzU0OTYyMmE1NTExMmZkOTBjNDFiNGQ0OGUyNWZjMzg1MzFkNGVj
YjZkYmE4NmFlYzRkMzQ3YmYyZjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJMbgutirLfTd9JXjhvRXd4gUENoRxqOq2tObt3TbKDs0HZZXpcL6LoFKl3s
MgtTj370LLMnQCPhlYidihQQ2KvTV+iL8rMseaQDpJIvmiNr0VJNcapaHofbRdcg
jFdNUX/xPRpNk59x/jR0yLiyJakAtbWHo+o0xcwUiIDiaCl0At9sVxcCZZSCjDqP
tS2cY3Q0JOhQgWAguRwA4VYsGFrOESGqyLkbl7s5kWH2zawSFXBvQ22jsNdGIenA
Tck8SIga8i87avMagFQfwE6161O95hx64bS70QtG8R29Mp+o07w3nL0nCzxOUKp+
ywDjIFuAV149ZnI3qqQT0I8h2B0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRId7cq
UHvuHI5E1RoaRPhF4J1MzzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTNjZjdjNGItNTBkYi00NGVjLWIzNDctMDY5MzVkYjUyZDI5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0Fog
QDANBgkqhkiG9w0BAQsFAAOCAQEAL4+4/9sa4yHID32+pcoaaPAGCikwn2yWUoGS
5BdrhaDl83V3/V1DlNwCbYHqw42hZUaSMC0ptzyW179pfLwNoYOQcqB0nN+IujuZ
VwLkwvO+wW78TFxu8i8RajgJKh6GAf1Zzrw1GjfTuvlZKc5DNfqm+f9VC6pdqfxs
/UMvLGl4XbrZ3mTPD3+XgrB+m7sNRSAJXMH5VMdsPSJZ2CcBzWbNLBi2cZHX5hFD
Avd0+/dw8oqAfRIh3rmmM0A4DP0TolpFVCipnQTd76HupkcygU1VWAQgFz12cB5R
0g9zNzkKe/tTvTRUPwZiLkcXUnurbhUhpqQpL+SaW3hPTQz7MA==
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:44:48 2026 by rpki-client