Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a6c6065d-431b-4a4f-98c4-f607358ee480.roa
File: a6c6065d-431b-4a4f-98c4-f607358ee480.roa (raw, json)
Hash identifier: gkvNx6grNONRnoUDK43zokh+Ud/VX8kUPb2UsPr93sI=
Subject key identifier: 37:02:5B:BA:9D:AF:1D:BE:E9:31:79:4D:B7:75:45:E0:5E:45:71:8C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 68892370531EC37C35FF51C62F0CC3BE627B6CF3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a6c6065d-431b-4a4f-98c4-f607358ee480.roa
Signing time: Tue 19 May 2026 04:30:28 +0000
ROA not before: Tue 19 May 2026 04:30:28 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d06f:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:89:23:70:53:1e:c3:7c:35:ff:51:c6:2f:0c:c3:be:62:7b:6c:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:30:28 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=7b3f795567e2798de72c35251241a01d2a30315eb1cb7faefb241d246f04250b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:e0:94:d6:6a:d7:05:a5:43:8b:b1:15:e3:bb:
94:23:63:3d:c3:fc:71:fa:c0:63:b8:3e:a2:72:bf:
12:d4:d1:2a:0b:7a:65:7e:00:12:d0:36:af:c2:73:
f0:a8:e5:86:fa:2a:a9:21:43:2e:7b:0b:40:ea:6d:
a2:b6:88:51:3a:1b:d8:26:cc:cc:a7:b1:19:02:43:
e8:7a:84:fd:93:d8:20:91:84:4d:cf:fd:c8:41:bd:
3b:08:bd:b8:6f:e6:b2:9f:fd:a6:da:0d:08:ee:79:
34:9b:a3:86:b0:8a:f0:2c:77:0c:15:e3:38:3c:0f:
f2:7e:ee:8d:88:b4:15:52:69:5d:be:be:cc:77:af:
2d:54:96:7b:2c:bc:a2:0e:ce:1f:30:01:79:33:94:
c4:17:ae:aa:3a:9e:a8:49:c6:ac:b7:1f:a4:f5:1e:
b5:08:d6:5d:a4:07:87:31:96:e5:05:bc:5b:fa:7c:
7b:2a:4d:1e:e8:dc:62:1a:1a:44:c6:8d:47:51:a6:
55:5a:0d:97:b0:fe:57:68:c8:14:43:b3:55:a9:a6:
4b:ef:e3:aa:80:8b:f6:ba:e9:0f:0b:42:2b:f2:d1:
3c:78:15:fe:70:48:59:84:5e:f2:0a:91:a9:26:0a:
6a:32:48:b4:78:82:9f:6d:90:fb:fa:e2:b6:ef:bf:
92:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:02:5B:BA:9D:AF:1D:BE:E9:31:79:4D:B7:75:45:E0:5E:45:71:8C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a6c6065d-431b-4a4f-98c4-f607358ee480.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:c000::/40
Signature Algorithm: sha256WithRSAEncryption
32:d3:2b:06:cb:07:5b:f1:8e:d0:d2:ab:bf:13:45:0d:66:1d:
7c:1c:40:3d:eb:43:ce:d2:94:92:6b:99:2d:c1:14:8b:93:cc:
b7:c2:fe:ed:fa:28:44:9d:7e:21:23:f6:4b:89:fb:0a:53:81:
b6:4a:1a:84:27:9b:88:90:12:71:c3:26:04:03:60:e6:5d:3e:
5c:37:a9:bf:b4:77:72:29:ab:ed:da:93:02:77:18:1c:c7:68:
62:0c:e5:71:05:48:bc:72:50:19:75:fc:59:be:07:97:20:cb:
08:50:1b:9d:e3:22:13:ba:44:c9:24:84:c6:f5:bc:e6:56:b9:
64:eb:0d:0f:f9:1a:46:46:34:00:09:39:5c:1b:16:8d:8c:6e:
cd:57:cc:a7:c2:8c:05:62:33:e4:51:80:bd:8a:b9:d1:aa:04:
c5:67:d1:6d:c3:4f:cf:24:fc:b4:c5:d8:fc:bb:4f:65:1c:b3:
be:44:ab:fe:c0:9a:c8:3c:2b:b3:0e:5b:49:a3:22:72:6a:8b:
c2:7c:58:77:d2:1e:f9:77:4a:80:d4:7d:3d:73:86:a7:3c:05:
35:3e:32:24:8b:de:eb:0b:43:5a:8f:cd:06:05:5d:9f:d4:82:
70:d1:c9:c5:40:0a:b6:3c:1c:5c:fb:10:79:22:c0:73:95:a7:
ee:a6:ee:d7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUaIkjcFMew3w1/1HGLwzDvmJ7bPMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDMwMjhaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDdiM2Y3OTU1NjdlMjc5OGRlNzJjMzUyNTEyNDFhMDFkMmEzMDMxNWViMWNi
N2ZhZWZiMjQxZDI0NmYwNDI1MGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANTglNZq1wWlQ4uxFeO7lCNjPcP8cfrAY7g+onK/EtTRKgt6ZX4AEtA2r8Jz
8KjlhvoqqSFDLnsLQOptoraIUTob2CbMzKexGQJD6HqE/ZPYIJGETc/9yEG9Owi9
uG/msp/9ptoNCO55NJujhrCK8Cx3DBXjODwP8n7ujYi0FVJpXb6+zHevLVSWeyy8
og7OHzABeTOUxBeuqjqeqEnGrLcfpPUetQjWXaQHhzGW5QW8W/p8eypNHujcYhoa
RMaNR1GmVVoNl7D+V2jIFEOzVammS+/jqoCL9rrpDwtCK/LRPHgV/nBIWYRe8gqR
qSYKajJItHiCn22Q+/ritu+/kssCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ3Alu6
na8dvukxeU23dUXgXkVxjDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTZjNjA2NWQtNDMxYi00YTRmLTk4YzQtZjYwNzM1OGVlNDgwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G/A
MA0GCSqGSIb3DQEBCwUAA4IBAQAy0ysGywdb8Y7Q0qu/E0UNZh18HEA960PO0pSS
a5ktwRSLk8y3wv7t+ihEnX4hI/ZLifsKU4G2ShqEJ5uIkBJxwyYEA2DmXT5cN6m/
tHdyKavt2pMCdxgcx2hiDOVxBUi8clAZdfxZvgeXIMsIUBud4yITukTJJITG9bzm
Vrlk6w0P+RpGRjQACTlcGxaNjG7NV8ynwowFYjPkUYC9irnRqgTFZ9Ftw0/PJPy0
xdj8u09lHLO+RKv+wJrIPCuzDltJoyJyaovCfFh30h75d0qA1H09c4anPAU1PjIk
i97rC0Naj80GBV2f1IJw0cnFQAq2PBxc+xB5IsBzlafupu7X
-----END CERTIFICATE-----
Generated at Sat Jun 13 06:48:13 2026 by rpki-client