Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a9a4f3cd-603a-4fdc-bd65-8d9488d4fd09.roa
File: a9a4f3cd-603a-4fdc-bd65-8d9488d4fd09.roa (raw, json)
Hash identifier: ZQK+7pMnR0tk9sWFH5F6P52DR8fII8L+nD6lca7FqCg=
Subject key identifier: 29:B3:70:57:9B:0F:F6:16:03:C1:35:6E:E0:3A:B8:D2:DA:91:C3:07
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 315A1EB32D944FE820119CF42BEBFD6FC6D94EFA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a9a4f3cd-603a-4fdc-bd65-8d9488d4fd09.roa
Signing time: Tue 19 May 2026 05:20:22 +0000
ROA not before: Tue 19 May 2026 05:20:22 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d010:8c00::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:5a:1e:b3:2d:94:4f:e8:20:11:9c:f4:2b:eb:fd:6f:c6:d9:4e:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:20:22 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=2d63f77efbb90646101002048c67190f46eb283053007cbc152189ce1d2e2b50, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:06:93:40:5d:6f:40:2b:95:6f:7c:da:30:26:
0b:e4:7c:b2:4a:dc:c3:48:ba:40:a5:7b:38:d2:9e:
ca:1b:27:3b:ab:da:cb:bb:28:e1:d5:df:f1:8d:a6:
91:6e:13:b7:e1:c2:bc:3a:47:d9:9a:28:f4:f4:27:
15:3a:0e:7d:73:96:88:56:6e:c1:8c:95:6b:28:1a:
1b:72:d2:67:cd:25:3c:45:ad:c5:29:08:55:4b:01:
32:12:bc:85:5c:6a:cb:df:e0:7a:9a:95:fc:30:e7:
97:1c:31:12:61:c7:e6:d3:ce:1b:b2:88:a5:26:0a:
a4:24:06:d1:c8:92:e0:12:85:e3:1e:14:c4:2f:fb:
47:43:ed:a6:72:78:ea:4e:ad:fa:1a:65:d3:2c:3a:
98:89:1d:76:81:35:be:fc:98:9c:75:b7:22:3e:0e:
7d:0d:4e:f4:8f:37:ea:d5:ff:91:17:12:8a:2b:87:
05:14:3a:ac:cf:56:17:21:77:8c:5d:9a:8c:cf:12:
09:67:46:ed:77:ba:78:11:70:23:e1:5f:33:81:44:
e4:a1:75:46:27:a8:c3:d3:43:51:dc:9e:6a:55:f1:
33:d3:d3:85:6d:00:61:ef:7d:6f:e4:5d:9c:40:1d:
75:bf:b8:b7:22:f2:65:20:8d:e0:6a:78:3f:4c:55:
77:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:B3:70:57:9B:0F:F6:16:03:C1:35:6E:E0:3A:B8:D2:DA:91:C3:07
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a9a4f3cd-603a-4fdc-bd65-8d9488d4fd09.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d010:8c00::/38
Signature Algorithm: sha256WithRSAEncryption
00:3b:24:e9:d3:fa:b8:9f:e4:e6:4f:02:3f:c4:8b:5c:40:2f:
ec:e1:3f:88:b1:da:79:76:09:06:77:93:30:57:9c:1e:a3:cc:
be:1a:1c:f4:aa:df:17:cf:e8:e2:74:f7:50:15:e8:1e:77:58:
0b:a0:f9:4a:92:40:c2:40:b5:84:0c:5b:08:cb:0c:70:1e:11:
57:5b:8f:a1:f5:fb:d3:76:f0:d8:31:ca:2b:f1:1a:ea:99:77:
2a:23:a1:3b:e0:35:97:08:c8:bc:82:cc:a5:00:7d:93:e9:e1:
36:90:c5:5a:28:f6:76:d0:97:54:b4:86:43:4b:24:2d:a7:68:
e1:28:f7:48:8b:6c:c6:95:04:b2:da:a7:19:85:c9:45:b8:0d:
ee:1e:0d:83:89:4b:8c:5e:5b:d6:7d:d8:d3:e7:75:97:73:80:
d0:e0:14:38:d3:8a:f6:57:12:57:a6:d0:76:59:27:e1:88:76:
e3:d7:2d:aa:6b:24:5a:47:21:8d:51:2f:f9:8c:ae:7d:87:31:
5a:43:67:fc:e4:05:10:e7:24:34:5d:11:d1:e3:ea:0c:f3:76:
69:4a:9a:15:71:f3:9d:9d:c2:c5:58:de:ef:4f:fc:d3:6f:36:
94:a5:56:f5:74:87:a1:f1:d5:0e:1f:62:b1:75:ea:f8:09:6b:
e3:10:f7:8e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMVoesy2UT+ggEZz0K+v9b8bZTvowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTIwMjJaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDJkNjNmNzdlZmJiOTA2NDYxMDEwMDIwNDhjNjcxOTBmNDZlYjI4MzA1MzAw
N2NiYzE1MjE4OWNlMWQyZTJiNTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKQGk0Bdb0ArlW982jAmC+R8skrcw0i6QKV7ONKeyhsnO6vay7so4dXf8Y2m
kW4Tt+HCvDpH2Zoo9PQnFToOfXOWiFZuwYyVaygaG3LSZ80lPEWtxSkIVUsBMhK8
hVxqy9/gepqV/DDnlxwxEmHH5tPOG7KIpSYKpCQG0ciS4BKF4x4UxC/7R0PtpnJ4
6k6t+hpl0yw6mIkddoE1vvyYnHW3Ij4OfQ1O9I836tX/kRcSiiuHBRQ6rM9WFyF3
jF2ajM8SCWdG7Xe6eBFwI+FfM4FE5KF1Rieow9NDUdyealXxM9PThW0AYe99b+Rd
nEAddb+4tyLyZSCN4Gp4P0xVd8ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQps3BX
mw/2FgPBNW7gOrjS2pHDBzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTlhNGYzY2QtNjAzYS00ZmRjLWJkNjUtOGQ5NDg4ZDRmZDA5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BCM
MA0GCSqGSIb3DQEBCwUAA4IBAQAAOyTp0/q4n+TmTwI/xItcQC/s4T+Isdp5dgkG
d5MwV5weo8y+Ghz0qt8Xz+jidPdQFeged1gLoPlKkkDCQLWEDFsIywxwHhFXW4+h
9fvTdvDYMcor8RrqmXcqI6E74DWXCMi8gsylAH2T6eE2kMVaKPZ20JdUtIZDSyQt
p2jhKPdIi2zGlQSy2qcZhclFuA3uHg2DiUuMXlvWfdjT53WXc4DQ4BQ404r2VxJX
ptB2WSfhiHbj1y2qayRaRyGNUS/5jK59hzFaQ2f85AUQ5yQ0XRHR4+oM83ZpSpoV
cfOdncLFWN7vT/zTbzaUpVb1dIeh8dUOH2Kxder4CWvjEPeO
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:12:04 2026 by rpki-client