Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a7b50434-74df-4adc-81dc-bcfbccdff7dc.roa
File: a7b50434-74df-4adc-81dc-bcfbccdff7dc.roa (raw, json)
Hash identifier: p2wYITgsBlZnB+RI82IPcSvWszCNIq+2rDRqdMiq3d8=
Subject key identifier: 1A:48:5B:9B:FB:BD:EB:5E:23:D6:2E:72:08:07:AF:98:AF:0C:3D:59
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 546A61D82D0A20E002241CDEAB76B9D278E1D025
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a7b50434-74df-4adc-81dc-bcfbccdff7dc.roa
Signing time: Sun 31 May 2026 00:30:15 +0000
ROA not before: Sun 31 May 2026 00:30:15 +0000
ROA not after: Sat 29 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07d:b000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:6a:61:d8:2d:0a:20:e0:02:24:1c:de:ab:76:b9:d2:78:e1:d0:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 31 00:30:15 2026 GMT
Not After : Aug 29 23:59:59 2026 GMT
Subject: serialNumber=1f260c619eba1d38b1c6dbb48dd91ee9a163372ce7fbecaf7ec4d548840b74f5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:05:da:25:2b:3d:ca:6f:8a:7e:e3:ec:93:2f:
be:ed:12:d5:48:bd:f7:8e:1b:ea:a6:76:1e:84:af:
25:19:04:5c:7c:a2:57:65:f4:da:05:88:d6:5c:03:
2f:fe:3f:ea:35:61:e9:be:bc:a6:4f:e8:27:d7:af:
a9:00:6b:1f:68:c5:ba:85:05:c2:64:06:00:03:9b:
91:bd:c1:7a:e1:00:53:e3:26:5b:17:65:f9:fe:2a:
e6:96:de:86:c1:8c:1d:d6:da:c6:b4:01:55:5f:39:
40:b3:a0:bf:84:7d:11:d0:fd:3c:f0:8e:75:16:0d:
93:07:93:78:11:43:b2:b3:6f:87:b1:53:c8:1b:08:
28:81:66:d1:49:bc:ee:1d:3c:81:f5:f0:d4:7f:e1:
ee:56:1f:ff:30:50:e0:1b:a8:b7:6a:97:79:c9:99:
68:de:d6:6a:d2:cf:e9:ee:e3:e3:39:a9:e4:a2:db:
47:2b:73:07:7e:6b:b6:e9:ec:37:36:8c:ff:a8:f9:
9e:6b:7e:7f:24:b2:e3:a0:60:3c:a7:22:e8:5f:fd:
e6:4c:19:a6:08:e3:9d:05:1d:78:74:63:30:08:fc:
ee:89:c4:84:a3:66:da:84:b8:d8:80:52:40:b5:62:
90:0a:09:95:ee:c6:ac:08:a7:72:22:51:3d:81:37:
93:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:48:5B:9B:FB:BD:EB:5E:23:D6:2E:72:08:07:AF:98:AF:0C:3D:59
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a7b50434-74df-4adc-81dc-bcfbccdff7dc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07d:b000::/40
Signature Algorithm: sha256WithRSAEncryption
4a:4b:11:eb:2f:59:c8:a8:8e:7b:03:5c:82:0c:ac:52:05:2b:
9a:52:b6:3e:5d:a7:c7:35:b3:e3:f5:31:54:79:f8:41:a6:50:
79:33:0d:ed:41:7a:f5:e0:8b:b5:a9:ae:28:7d:f8:25:fc:70:
df:72:83:11:e6:ae:18:10:35:80:97:ff:ca:39:21:37:9c:2d:
ef:52:7a:ce:c0:d4:7c:7f:90:ef:29:37:45:ca:97:f3:58:b7:
62:6f:28:a8:84:cc:65:83:04:35:81:f6:5e:d1:49:b9:33:2a:
49:7a:98:d4:45:bf:9c:cf:6e:c4:a5:7c:4c:26:9f:a7:ab:bb:
08:b2:8f:f8:c9:03:bb:fa:e4:69:4a:32:79:c0:e4:f5:59:a9:
f4:a2:72:e6:9c:84:1f:16:57:fb:b8:8c:29:b6:19:42:fa:1f:
a7:e6:09:51:66:c0:9a:ac:1a:f3:49:39:59:14:e1:8c:51:60:
1a:31:88:be:22:d2:3f:29:12:74:cd:8e:89:19:6b:09:e8:de:
d7:b8:f8:7b:4e:d5:d1:0a:da:c7:8c:1f:76:68:78:f7:b2:67:
a6:3e:ac:f2:09:e4:a9:5e:e1:02:f2:48:ac:50:6c:cc:2a:91:
78:f0:9f:04:a7:94:fb:82:d3:80:f9:48:6d:8c:2a:a8:3e:bc:
40:8f:fb:ca
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVGph2C0KIOACJBzeq3a50njh0CUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MzEwMDMwMTVaFw0yNjA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDFmMjYwYzYxOWViYTFkMzhiMWM2ZGJiNDhkZDkxZWU5YTE2MzM3MmNlN2Zi
ZWNhZjdlYzRkNTQ4ODQwYjc0ZjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANEF2iUrPcpvin7j7JMvvu0S1Ui9944b6qZ2HoSvJRkEXHyiV2X02gWI1lwD
L/4/6jVh6b68pk/oJ9evqQBrH2jFuoUFwmQGAAObkb3BeuEAU+MmWxdl+f4q5pbe
hsGMHdbaxrQBVV85QLOgv4R9EdD9PPCOdRYNkweTeBFDsrNvh7FTyBsIKIFm0Um8
7h08gfXw1H/h7lYf/zBQ4Buot2qXecmZaN7WatLP6e7j4zmp5KLbRytzB35rtuns
NzaM/6j5nmt+fySy46BgPKci6F/95kwZpgjjnQUdeHRjMAj87onEhKNm2oS42IBS
QLVikAoJle7GrAinciJRPYE3k+0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQaSFub
+73rXiPWLnIIB6+Yrww9WTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTdiNTA0MzQtNzRkZi00YWRjLTgxZGMtYmNmYmNjZGZmN2RjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H2w
MA0GCSqGSIb3DQEBCwUAA4IBAQBKSxHrL1nIqI57A1yCDKxSBSuaUrY+XafHNbPj
9TFUefhBplB5Mw3tQXr14Iu1qa4offgl/HDfcoMR5q4YEDWAl//KOSE3nC3vUnrO
wNR8f5DvKTdFypfzWLdibyiohMxlgwQ1gfZe0Um5MypJepjURb+cz27EpXxMJp+n
q7sIso/4yQO7+uRpSjJ5wOT1Wan0onLmnIQfFlf7uIwpthlC+h+n5glRZsCarBrz
STlZFOGMUWAaMYi+ItI/KRJ0zY6JGWsJ6N7XuPh7TtXRCtrHjB92aHj3smemPqzy
CeSpXuEC8kisUGzMKpF48J8Ep5T7gtOA+UhtjCqoPrxAj/vK
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:12:05 2026 by rpki-client