Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aaddf2de-fa05-4c5d-8b77-58a3d312e2a6.roa
File: aaddf2de-fa05-4c5d-8b77-58a3d312e2a6.roa (raw, json)
Hash identifier: y0pkaGdNbZzQ8nPdFG6H9HxYIhFnMk81UrbSTAZ64pI=
Subject key identifier: 43:AE:2E:63:6A:96:3C:A8:A5:9D:BD:EF:77:67:14:1C:60:40:C5:AF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7038BBB2DE929F08A2245CB2F5064F8CA6C31441
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aaddf2de-fa05-4c5d-8b77-58a3d312e2a6.roa
Signing time: Tue 19 May 2026 05:01:08 +0000
ROA not before: Tue 19 May 2026 05:01:08 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:a080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:38:bb:b2:de:92:9f:08:a2:24:5c:b2:f5:06:4f:8c:a6:c3:14:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:01:08 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=48320d09fcd9e05f56586366abd5fe411d37d742e3286161728df0f0c1977d8c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:76:b7:0a:b9:87:a8:c7:d9:67:53:f7:e6:6d:
c6:03:09:38:cb:26:68:f6:4d:9b:28:07:07:92:45:
56:2f:ce:32:1e:86:4b:da:2e:4f:81:35:2c:b8:f0:
6c:0e:4c:e6:4d:f2:08:e3:fc:4a:00:ad:f6:51:2c:
08:32:56:f7:5f:0d:0f:43:ac:d2:b2:77:96:c3:df:
c3:cd:1b:e1:f9:74:ec:f8:56:e8:d8:ca:81:62:30:
ae:c8:61:44:a0:e1:82:da:2b:16:04:70:05:f9:d2:
0d:a9:5e:6c:0b:6d:62:15:ea:ae:b5:ff:11:0c:82:
52:13:d4:cb:fd:e9:14:31:66:c3:9c:38:85:21:2e:
1e:ef:e5:8f:43:61:65:a8:1e:71:81:5a:1c:a5:5b:
fc:1f:f6:1a:1e:28:a5:e2:72:64:67:67:62:05:6a:
0b:bb:ea:50:71:25:36:83:4e:89:b6:c3:a8:a5:27:
46:c7:27:67:35:1b:c7:fa:2a:87:47:06:12:4e:4b:
2e:77:dd:22:f4:52:97:88:b8:d8:f4:8a:bf:5a:e2:
4f:c3:5c:cb:10:ce:fb:02:7a:5d:f8:96:dc:d9:b9:
81:4f:b5:d4:a5:44:26:9b:67:28:18:b7:1d:e0:c5:
a2:0b:8d:2a:16:7a:37:9d:b9:be:7f:4d:dc:a7:fa:
ad:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:AE:2E:63:6A:96:3C:A8:A5:9D:BD:EF:77:67:14:1C:60:40:C5:AF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aaddf2de-fa05-4c5d-8b77-58a3d312e2a6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:a080::/48
Signature Algorithm: sha256WithRSAEncryption
4b:09:67:5e:73:7f:c2:4d:38:fd:54:00:fe:73:b8:46:12:12:
a0:20:8f:0e:31:3d:e9:bb:7e:e0:ea:88:45:ca:1e:dc:bf:f7:
2b:f5:53:d5:28:fc:b1:c5:08:b9:cf:7f:3a:f6:6a:aa:14:36:
dc:22:39:55:9b:b7:6e:ee:c0:1b:45:e3:99:a8:11:29:50:d2:
dc:da:e0:84:62:bb:cd:0b:9d:45:1f:d3:80:ab:08:38:c7:cc:
9a:2f:70:d1:d9:88:c7:6d:a3:1e:3a:5f:7a:b0:c0:69:48:2f:
39:89:9e:53:5a:98:1e:d9:a9:d6:84:98:ba:e4:11:d9:31:2a:
e1:31:02:3b:44:b9:67:1d:f0:0c:ec:ba:8b:e2:4c:79:bb:44:
3c:59:5b:47:6d:2e:69:5b:c6:ca:36:b5:e1:aa:50:91:b3:d7:
c2:1f:8d:2a:65:74:df:41:14:94:14:d8:85:40:7e:4c:a2:2b:
ac:47:ee:eb:eb:07:cb:98:2a:62:d6:8f:1a:72:3a:a9:d6:70:
c8:9a:07:46:ed:43:7d:8d:7b:b8:27:a4:f2:12:5c:27:c4:f5:
28:bd:d3:0d:59:70:68:91:04:7d:3f:c9:eb:be:81:8e:2b:fe:
e1:7b:87:61:99:54:49:da:14:c8:eb:63:c5:3e:f8:20:9b:ec:
03:af:d7:13
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUcDi7st6SnwiiJFyy9QZPjKbDFEEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTAxMDhaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ4MzIwZDA5ZmNkOWUwNWY1NjU4NjM2NmFiZDVmZTQxMWQzN2Q3NDJlMzI4
NjE2MTcyOGRmMGYwYzE5NzdkOGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALl2twq5h6jH2WdT9+ZtxgMJOMsmaPZNmygHB5JFVi/OMh6GS9ouT4E1LLjw
bA5M5k3yCOP8SgCt9lEsCDJW918ND0Os0rJ3lsPfw80b4fl07PhW6NjKgWIwrshh
RKDhgtorFgRwBfnSDalebAttYhXqrrX/EQyCUhPUy/3pFDFmw5w4hSEuHu/lj0Nh
ZagecYFaHKVb/B/2Gh4opeJyZGdnYgVqC7vqUHElNoNOibbDqKUnRscnZzUbx/oq
h0cGEk5LLnfdIvRSl4i42PSKv1riT8NcyxDO+wJ6XfiW3Nm5gU+11KVEJptnKBi3
HeDFoguNKhZ6N525vn9N3Kf6rYECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRDri5j
apY8qKWdve93ZxQcYEDFrzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWFkZGYyZGUtZmEwNS00YzVkLThiNzctNThhM2QzMTJlMmE2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACg
gDANBgkqhkiG9w0BAQsFAAOCAQEASwlnXnN/wk04/VQA/nO4RhISoCCPDjE96bt+
4OqIRcoe3L/3K/VT1Sj8scUIuc9/OvZqqhQ23CI5VZu3bu7AG0XjmagRKVDS3Nrg
hGK7zQudRR/TgKsIOMfMmi9w0dmIx22jHjpferDAaUgvOYmeU1qYHtmp1oSYuuQR
2TEq4TECO0S5Zx3wDOy6i+JMebtEPFlbR20uaVvGyja14apQkbPXwh+NKmV030EU
lBTYhUB+TKIrrEfu6+sHy5gqYtaPGnI6qdZwyJoHRu1DfY17uCek8hJcJ8T1KL3T
DVlwaJEEfT/J676Bjiv+4XuHYZlUSdoUyOtjxT74IJvsA6/XEw==
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:11:54 2026 by rpki-client