Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aef26e1c-70a2-44fb-82b0-e16066070362.roa
File: aef26e1c-70a2-44fb-82b0-e16066070362.roa (raw, json)
Hash identifier: g1r6/8gfIrzUYe4SwfG47qHLsiixPyuAIuk9xVmqwlk=
Subject key identifier: 7E:DB:86:70:9E:18:72:5F:D0:9E:27:19:9F:BA:E2:E3:ED:83:1C:76
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 50681CFA79296697A1C9140798ED6128F099E8EA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aef26e1c-70a2-44fb-82b0-e16066070362.roa
Signing time: Fri 22 May 2026 16:01:55 +0000
ROA not before: Fri 22 May 2026 16:01:55 +0000
ROA not after: Thu 20 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d062:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:68:1c:fa:79:29:66:97:a1:c9:14:07:98:ed:61:28:f0:99:e8:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 22 16:01:55 2026 GMT
Not After : Aug 20 23:59:59 2026 GMT
Subject: serialNumber=fdba2d3b28ac2e7bad772525324d1d8f1d465e713d0aa696888144fb59b1506e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:63:cd:14:e5:93:1a:cb:7c:d0:62:5d:29:40:
69:80:e0:6b:af:6d:27:36:f6:0e:43:c2:27:0d:ab:
aa:f9:52:bc:8c:ab:bb:31:72:5f:f1:b8:a7:d6:4c:
cd:1c:32:bb:75:6f:a2:2a:cc:4b:6a:64:21:20:d9:
17:57:0d:a5:c8:a1:96:b4:1a:c7:48:f2:b9:bc:2a:
ce:67:59:c3:2e:14:4e:2c:86:53:0a:a8:fa:68:8a:
cb:a3:af:04:53:54:b1:1a:50:df:89:04:09:f9:a9:
b4:a5:69:32:ca:80:e5:1d:cd:c6:76:2c:e8:36:90:
56:bb:5b:16:cc:fa:78:0f:84:af:bf:68:b7:48:ce:
fd:76:e2:e5:72:7c:9a:b0:2d:bc:12:e0:47:b1:85:
bb:49:d3:f0:dc:30:bd:4b:28:26:e4:ad:0b:79:3e:
b0:63:fc:93:84:e7:c5:20:1e:04:75:b5:93:a1:7b:
3c:1d:9f:29:be:eb:0b:fa:61:e5:b7:49:74:cd:95:
2a:98:f1:b4:ef:09:e1:f8:83:87:7d:79:f9:c5:6b:
43:40:5c:2a:32:26:d8:a1:f8:8e:17:c2:b5:e0:66:
82:42:e6:b8:4a:49:ba:a8:ed:4f:fe:06:6f:f0:10:
89:d0:27:32:14:1d:4f:e9:1c:48:04:06:7c:3f:c7:
c4:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:DB:86:70:9E:18:72:5F:D0:9E:27:19:9F:BA:E2:E3:ED:83:1C:76
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aef26e1c-70a2-44fb-82b0-e16066070362.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d062:2000::/40
Signature Algorithm: sha256WithRSAEncryption
40:b3:14:66:c4:a7:57:16:64:32:f4:23:13:13:18:18:ba:ad:
40:b1:39:fd:a3:68:bf:88:75:3a:d6:e3:91:e7:bb:48:8c:ce:
52:45:32:98:9c:7f:7c:5d:95:da:25:85:a5:48:d9:bc:bb:94:
64:46:ce:40:9b:bf:d4:4f:b1:b0:8f:a6:bb:3d:f3:58:59:0e:
03:0c:4d:c5:60:0f:af:c3:ae:e2:1e:4f:c2:af:b5:04:85:9f:
a2:e5:3a:5a:12:77:98:80:90:d9:1c:14:09:c9:d3:ec:9e:fd:
d8:74:a0:34:85:61:ad:6b:af:e2:33:f8:5b:ff:e8:58:8a:75:
6c:b6:5f:02:2a:78:8d:00:9a:33:6b:07:b8:b8:ed:1d:70:be:
13:dc:f3:b3:3a:89:a7:0b:87:56:e8:6a:8d:16:0e:86:f0:d3:
b2:4f:ac:7c:0f:62:18:fa:82:f8:93:d3:74:5e:8b:4c:ea:f8:
3f:4d:54:75:fd:6c:44:38:10:14:b6:4d:a6:73:5c:85:56:5c:
e9:33:4c:de:4a:65:e8:5f:9d:09:a7:09:bc:68:b9:4b:13:28:
fc:71:6d:3a:c0:92:bb:ba:ec:6f:bc:28:25:24:72:6c:0e:a5:
d6:d5:1a:70:77:41:3c:93:0c:32:e6:2c:8b:f9:ba:9e:37:e4:
7b:cd:22:b0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUGgc+nkpZpehyRQHmO1hKPCZ6OowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MjIxNjAxNTVaFw0yNjA4MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGZkYmEyZDNiMjhhYzJlN2JhZDc3MjUyNTMyNGQxZDhmMWQ0NjVlNzEzZDBh
YTY5Njg4ODE0NGZiNTliMTUwNmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJpjzRTlkxrLfNBiXSlAaYDga69tJzb2DkPCJw2rqvlSvIyruzFyX/G4p9ZM
zRwyu3VvoirMS2pkISDZF1cNpcihlrQax0jyubwqzmdZwy4UTiyGUwqo+miKy6Ov
BFNUsRpQ34kECfmptKVpMsqA5R3NxnYs6DaQVrtbFsz6eA+Er79ot0jO/Xbi5XJ8
mrAtvBLgR7GFu0nT8NwwvUsoJuStC3k+sGP8k4TnxSAeBHW1k6F7PB2fKb7rC/ph
5bdJdM2VKpjxtO8J4fiDh315+cVrQ0BcKjIm2KH4jhfCteBmgkLmuEpJuqjtT/4G
b/AQidAnMhQdT+kcSAQGfD/HxNMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR+24Zw
nhhyX9CeJxmfuuLj7YMcdjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWVmMjZlMWMtNzBhMi00NGZiLTgyYjAtZTE2MDY2MDcwMzYyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0GIg
MA0GCSqGSIb3DQEBCwUAA4IBAQBAsxRmxKdXFmQy9CMTExgYuq1AsTn9o2i/iHU6
1uOR57tIjM5SRTKYnH98XZXaJYWlSNm8u5RkRs5Am7/UT7Gwj6a7PfNYWQ4DDE3F
YA+vw67iHk/Cr7UEhZ+i5TpaEneYgJDZHBQJydPsnv3YdKA0hWGta6/iM/hb/+hY
inVstl8CKniNAJozawe4uO0dcL4T3POzOomnC4dW6GqNFg6G8NOyT6x8D2IY+oL4
k9N0XotM6vg/TVR1/WxEOBAUtk2mc1yFVlzpM0zeSmXoX50Jpwm8aLlLEyj8cW06
wJK7uuxvvCglJHJsDqXW1Rpwd0E8kwwy5iyL+bqeN+R7zSKw
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:03:21 2026 by rpki-client