Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a626735f-cb4b-4dff-992e-95390a4e2eea.roa
File: a626735f-cb4b-4dff-992e-95390a4e2eea.roa (raw, json)
Hash identifier: fDeDp8rEsbdY3RH89cHaruTJqs+Hb+xzlzX1NVpXA5g=
Subject key identifier: 50:BA:85:FB:79:17:F6:7F:1F:26:A0:39:49:59:FF:BD:9F:7B:3B:91
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 12C04C29600606D7D99E832B163CF0BEEAAAE25F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a626735f-cb4b-4dff-992e-95390a4e2eea.roa
Signing time: Tue 19 May 2026 04:30:28 +0000
ROA not before: Tue 19 May 2026 04:30:28 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d059:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:c0:4c:29:60:06:06:d7:d9:9e:83:2b:16:3c:f0:be:ea:aa:e2:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:30:28 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=62d1cfc4e297c09869689117b970e6c8fd61ffe23273e5617b626c8d0cb21455, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:e9:27:21:31:db:ed:d9:1e:de:8a:8b:b3:22:
16:ee:38:f0:f3:e3:d1:22:df:1f:78:38:0c:35:c5:
36:ff:cb:e0:f4:14:35:e2:a1:1d:1d:a1:3f:ff:73:
e8:5c:db:bd:9d:67:99:e4:be:e8:c0:3e:1f:37:fb:
00:82:fa:c7:5d:b0:ec:4b:bc:14:a4:7e:5c:c3:31:
69:e8:e0:dc:e8:3a:12:ac:0b:60:98:40:b4:f4:33:
34:be:8a:33:56:54:5e:85:d6:5a:8e:ea:ec:13:a6:
07:d2:75:a7:ff:9b:c4:ee:80:f2:50:c3:ee:a9:a8:
e4:4e:89:56:ee:5a:2a:41:af:63:3b:58:7b:37:03:
07:21:14:91:b7:88:25:50:d2:fd:bf:53:58:4f:74:
7a:4a:9e:48:04:d0:43:5e:97:e4:ee:f7:12:3b:15:
ca:54:0f:69:d5:f3:d3:60:34:dd:3d:19:c0:98:02:
77:2d:d1:c5:c0:5e:42:3d:80:cb:1e:d6:c4:d2:e5:
6b:b7:bb:73:77:b0:fe:89:e1:b9:05:5e:c8:f5:8d:
fe:64:78:a1:6b:be:ad:e8:6f:1c:c3:fb:78:4e:60:
4a:b0:90:b5:12:d0:d9:38:72:bb:1f:59:a3:28:36:
b6:e6:ee:85:74:88:80:fc:d8:60:94:51:7d:cd:e5:
52:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:BA:85:FB:79:17:F6:7F:1F:26:A0:39:49:59:FF:BD:9F:7B:3B:91
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a626735f-cb4b-4dff-992e-95390a4e2eea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:2000::/40
Signature Algorithm: sha256WithRSAEncryption
6b:84:a6:e3:33:dc:60:f2:a8:66:d8:c8:9d:09:ad:dd:4e:61:
c2:5e:11:37:cb:6b:f8:62:4d:41:83:13:72:b6:56:4a:64:2a:
52:1f:31:26:37:89:d0:56:1f:30:cc:57:fb:5d:9c:fb:74:83:
80:0a:a4:af:2c:3d:37:fc:d8:bb:15:59:2c:5b:d6:6e:c9:f4:
aa:5d:39:8e:f5:08:c7:64:48:e6:71:8a:98:ba:da:3f:07:df:
6c:85:bc:b3:1f:63:69:5d:51:9c:52:3c:8f:3b:c5:2f:c6:0d:
e1:14:ed:5f:dc:73:61:33:e5:a5:e2:dd:f3:47:09:0c:4a:ce:
5f:b0:ee:fa:e4:2f:c9:37:4f:d0:54:0b:b7:e0:5d:b4:62:0d:
44:51:2f:6b:01:39:46:64:30:17:b8:77:ef:17:67:da:70:77:
35:bf:05:78:4b:61:66:d2:70:48:b6:ab:2f:fb:33:c2:73:7a:
d2:3b:68:a9:1d:07:60:2a:20:8b:d6:7c:85:94:93:5d:01:c8:
87:4e:cd:7a:95:c3:47:21:54:4a:60:3d:7b:e3:54:8f:43:9c:
40:21:d5:ae:77:2a:e1:40:04:44:d5:33:b7:e6:0b:39:4b:0f:
91:54:f8:56:82:86:19:a8:08:b3:e6:03:17:2a:32:11:9f:ea:
84:53:1a:3c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEsBMKWAGBtfZnoMrFjzwvuqq4l8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDMwMjhaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDYyZDFjZmM0ZTI5N2MwOTg2OTY4OTExN2I5NzBlNmM4ZmQ2MWZmZTIzMjcz
ZTU2MTdiNjI2YzhkMGNiMjE0NTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJfpJyEx2+3ZHt6Ki7MiFu448PPj0SLfH3g4DDXFNv/L4PQUNeKhHR2hP/9z
6FzbvZ1nmeS+6MA+Hzf7AIL6x12w7Eu8FKR+XMMxaejg3Og6EqwLYJhAtPQzNL6K
M1ZUXoXWWo7q7BOmB9J1p/+bxO6A8lDD7qmo5E6JVu5aKkGvYztYezcDByEUkbeI
JVDS/b9TWE90ekqeSATQQ16X5O73EjsVylQPadXz02A03T0ZwJgCdy3RxcBeQj2A
yx7WxNLla7e7c3ew/onhuQVeyPWN/mR4oWu+rehvHMP7eE5gSrCQtRLQ2Thyux9Z
oyg2tubuhXSIgPzYYJRRfc3lUtsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRQuoX7
eRf2fx8moDlJWf+9n3s7kTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTYyNjczNWYtY2I0Yi00ZGZmLTk5MmUtOTUzOTBhNGUyZWVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fkg
MA0GCSqGSIb3DQEBCwUAA4IBAQBrhKbjM9xg8qhm2MidCa3dTmHCXhE3y2v4Yk1B
gxNytlZKZCpSHzEmN4nQVh8wzFf7XZz7dIOACqSvLD03/Ni7FVksW9ZuyfSqXTmO
9QjHZEjmcYqYuto/B99shbyzH2NpXVGcUjyPO8Uvxg3hFO1f3HNhM+Wl4t3zRwkM
Ss5fsO765C/JN0/QVAu34F20Yg1EUS9rATlGZDAXuHfvF2facHc1vwV4S2Fm0nBI
tqsv+zPCc3rSO2ipHQdgKiCL1nyFlJNdAciHTs16lcNHIVRKYD1741SPQ5xAIdWu
dyrhQARE1TO35gs5Sw+RVPhWgoYZqAiz5gMXKjIRn+qEUxo8
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:11:20 2026 by rpki-client