Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a6bd87d5-c11e-4508-ada5-ef58a495d3f6.roa
File: a6bd87d5-c11e-4508-ada5-ef58a495d3f6.roa (raw, json)
Hash identifier: 7ST4B4Vv+BsGVMysjVSrwqqqkKeLvuRqD0J1RRpbeiU=
Subject key identifier: B2:94:22:A0:80:7C:AA:0E:C8:FC:6A:FB:DE:95:3C:EB:34:38:9C:CB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 31C5183C1AE9F23A102A41E5AD31445B81F69E03
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a6bd87d5-c11e-4508-ada5-ef58a495d3f6.roa
Signing time: Tue 19 May 2026 04:50:26 +0000
ROA not before: Tue 19 May 2026 04:50:26 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:9000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:c5:18:3c:1a:e9:f2:3a:10:2a:41:e5:ad:31:44:5b:81:f6:9e:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:50:26 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=67a0be783bc78fb154a37c1e58a7ffc7a71ec5e52d1ca46b8f831bcce8a4322a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:d8:46:37:81:cf:48:c0:5f:e3:27:81:bf:77:
64:cd:45:a0:14:e2:4d:d6:17:f8:76:ca:13:84:b3:
90:ff:2b:11:79:77:be:6d:54:20:37:5d:18:e3:13:
71:0b:35:51:64:12:89:0b:68:16:8d:1c:e2:44:62:
d3:49:9b:31:e0:57:b4:2f:82:a6:58:24:8b:ea:ac:
4d:0b:d6:a2:b4:ac:db:3b:03:a6:4e:37:65:80:39:
12:e9:73:2e:c1:72:df:99:aa:10:83:f0:7a:ee:ff:
0d:21:1f:10:3a:e8:3a:39:55:b2:a9:3f:95:dc:bb:
3c:4f:08:ae:3e:c1:e4:9f:4f:8b:ca:1a:f4:25:95:
4a:0a:9c:63:50:69:55:21:d1:92:94:ff:2c:0a:c0:
b7:8a:b4:92:2d:dd:e6:50:f8:76:db:6d:db:bc:1e:
79:f0:63:16:6a:dd:87:67:9a:5e:c8:19:a1:41:14:
ae:ba:f7:a7:98:48:54:f6:5a:b7:99:59:28:2f:3e:
8d:bb:fc:1b:37:e8:79:48:00:36:08:3f:4f:94:37:
f9:4c:c6:fa:22:19:cc:87:af:e6:85:e6:6e:26:21:
0f:db:63:68:df:68:e9:74:74:b3:25:83:93:f5:6e:
4f:52:15:09:1d:30:00:b3:53:eb:28:7c:38:e1:02:
48:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:94:22:A0:80:7C:AA:0E:C8:FC:6A:FB:DE:95:3C:EB:34:38:9C:CB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a6bd87d5-c11e-4508-ada5-ef58a495d3f6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:9000::/40
Signature Algorithm: sha256WithRSAEncryption
1b:f9:ca:cd:e2:55:51:00:73:d0:2b:5b:aa:22:f5:6f:d5:c8:
b4:52:0f:4d:30:ed:6f:38:31:cd:ea:34:3f:12:26:0d:f4:e3:
06:07:0b:18:c6:97:25:c1:22:39:f0:a6:b1:fe:65:8e:66:7b:
ee:46:96:71:fb:ef:ee:49:9c:29:c8:67:cd:32:19:2a:c2:3d:
b1:7e:65:7d:ac:0c:d8:3f:0e:bc:4c:9d:a8:2b:be:5b:af:5d:
c9:36:c6:85:60:cf:45:ca:4e:e4:ae:59:3e:cc:c8:d1:5a:2a:
85:a9:68:48:a4:10:ce:94:41:9d:01:74:94:8e:01:13:1f:21:
5d:ba:13:f4:1c:c1:34:37:90:d7:0b:3e:df:be:ee:fd:02:7a:
7d:05:4c:08:52:d7:01:d1:db:2b:4f:b6:4a:0a:65:78:f5:a5:
b8:be:fc:70:1d:62:32:77:c4:43:9f:4c:87:ef:34:79:c9:ce:
78:be:a7:f5:31:6f:36:8f:a3:a9:e0:d5:1a:2e:1f:5c:f9:03:
7f:de:22:da:5e:51:58:ee:d1:af:f6:a7:fa:77:23:94:65:cb:
fc:de:05:66:fd:4e:ce:03:c2:7d:cd:79:fb:6e:99:8a:8d:16:
87:54:11:85:fa:b7:34:d7:0d:09:97:c9:92:d5:13:1c:50:8f:
d7:c3:09:55
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMcUYPBrp8joQKkHlrTFEW4H2ngMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDUwMjZaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDY3YTBiZTc4M2JjNzhmYjE1NGEzN2MxZTU4YTdmZmM3YTcxZWM1ZTUyZDFj
YTQ2YjhmODMxYmNjZThhNDMyMmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPPYRjeBz0jAX+Mngb93ZM1FoBTiTdYX+HbKE4SzkP8rEXl3vm1UIDddGOMT
cQs1UWQSiQtoFo0c4kRi00mbMeBXtC+Cplgki+qsTQvWorSs2zsDpk43ZYA5Eulz
LsFy35mqEIPweu7/DSEfEDroOjlVsqk/ldy7PE8Irj7B5J9Pi8oa9CWVSgqcY1Bp
VSHRkpT/LArAt4q0ki3d5lD4dttt27weefBjFmrdh2eaXsgZoUEUrrr3p5hIVPZa
t5lZKC8+jbv8GzfoeUgANgg/T5Q3+UzG+iIZzIev5oXmbiYhD9tjaN9o6XR0syWD
k/VuT1IVCR0wALNT6yh8OOECSBkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSylCKg
gHyqDsj8avvelTzrNDicyzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTZiZDg3ZDUtYzExZS00NTA4LWFkYTUtZWY1OGE0OTVkM2Y2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DKQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAb+crN4lVRAHPQK1uqIvVv1ci0Ug9NMO1vODHN
6jQ/EiYN9OMGBwsYxpclwSI58Kax/mWOZnvuRpZx++/uSZwpyGfNMhkqwj2xfmV9
rAzYPw68TJ2oK75br13JNsaFYM9Fyk7krlk+zMjRWiqFqWhIpBDOlEGdAXSUjgET
HyFduhP0HME0N5DXCz7fvu79Anp9BUwIUtcB0dsrT7ZKCmV49aW4vvxwHWIyd8RD
n0yH7zR5yc54vqf1MW82j6Op4NUaLh9c+QN/3iLaXlFY7tGv9qf6dyOUZcv83gVm
/U7OA8J9zXn7bpmKjRaHVBGF+rc01w0Jl8mS1RMcUI/XwwlV
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:00:15 2026 by rpki-client