Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/afd23c37-4c24-49ac-baf6-1c3a9a2d0512.roa
File: afd23c37-4c24-49ac-baf6-1c3a9a2d0512.roa (raw, json)
Hash identifier: EQFGZUz2IVVhCfM63vYT/LTJ/m0hjYQ4C4IDQGXyJdc=
Subject key identifier: 19:F0:6D:36:1F:F6:2D:C8:B9:0F:94:E9:BA:C8:4F:C2:A7:6B:29:B4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1AA444FF5C76F51C0EBDF85DB03C1C32BE7FC681
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/afd23c37-4c24-49ac-baf6-1c3a9a2d0512.roa
Signing time: Sat 16 May 2026 00:40:06 +0000
ROA not before: Sat 16 May 2026 00:40:06 +0000
ROA not after: Fri 14 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:a4:44:ff:5c:76:f5:1c:0e:bd:f8:5d:b0:3c:1c:32:be:7f:c6:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 16 00:40:06 2026 GMT
Not After : Aug 14 23:59:59 2026 GMT
Subject: serialNumber=fd91dc473ad1ff512ac4c61a53ebe6392c73543acd136d8c3bf22357cef890cd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:f1:08:7e:54:91:d5:11:b6:47:78:04:94:af:
b3:bd:dc:4b:f6:e8:9d:ac:b7:5b:a1:65:ff:02:cc:
14:f1:6d:ff:b2:a0:2d:18:fa:ff:3d:56:bf:96:a6:
4c:e1:fb:cd:d7:ea:b5:b4:c1:d4:03:04:d9:b4:d6:
d4:5b:23:cd:41:35:71:3a:0f:55:56:68:2b:95:ba:
84:21:a1:cf:09:3a:45:ce:42:08:38:6a:4b:4d:91:
bf:df:34:43:73:34:a3:67:76:32:b3:8f:61:92:92:
65:ea:37:ef:de:8e:71:b6:34:ae:ce:9e:3b:b6:c6:
bf:08:ec:70:19:c9:37:31:d6:60:6c:16:86:98:0c:
5e:3f:9f:35:db:75:d6:48:f5:81:fb:c5:ca:22:64:
ef:ad:6c:59:0e:11:7e:3a:da:af:c7:41:30:03:b9:
9c:6b:90:11:39:49:78:2f:84:9a:87:f2:4d:96:b2:
f0:89:84:7e:50:05:5a:5a:05:16:3b:a4:90:07:a2:
b0:57:a2:1c:9b:41:6f:57:22:81:ce:d8:69:9b:af:
d3:f8:3e:f4:43:fe:dd:01:4b:a6:95:9d:b7:ac:81:
62:c1:bc:b7:06:c1:e2:86:8a:4f:58:b0:b8:c4:14:
13:6b:1b:86:66:83:de:41:ff:ea:95:9d:0c:0f:b7:
93:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:F0:6D:36:1F:F6:2D:C8:B9:0F:94:E9:BA:C8:4F:C2:A7:6B:29:B4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/afd23c37-4c24-49ac-baf6-1c3a9a2d0512.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:9000::/40
Signature Algorithm: sha256WithRSAEncryption
a5:f3:d0:c4:18:9f:20:52:04:5b:15:7c:6c:8f:63:b5:34:35:
4f:32:71:15:14:3b:a6:73:e8:46:37:81:b8:2c:94:d7:01:29:
7d:1e:96:96:60:e0:9a:39:e1:d1:ca:db:6f:a8:6c:88:1b:8a:
d1:91:96:c8:ac:d2:f4:be:af:94:c5:52:3b:a4:0a:54:db:f5:
86:65:ea:d1:ee:a6:9a:a4:bd:b6:3c:4f:b0:a4:bf:93:8b:6b:
1f:7d:55:64:86:20:4c:79:5f:aa:44:ee:41:b4:bd:ff:82:62:
46:06:be:77:a9:61:09:da:10:14:4e:95:0c:0b:b5:7d:72:5b:
a2:f0:ea:48:59:fd:0a:a3:a6:ef:48:d7:91:fa:71:bd:07:b2:
1d:19:41:4f:fe:b9:9f:b4:05:93:23:55:eb:d4:fd:d6:b8:07:
34:57:00:fb:b2:70:7a:50:aa:15:7d:f4:65:70:9b:fc:da:38:
3f:8d:76:a7:af:96:1e:83:29:18:7d:d2:bc:84:c5:86:75:c3:
4a:fa:dd:6f:9e:52:8b:88:55:77:c1:03:5c:00:f6:bb:b5:a3:
e8:ea:d7:8d:45:6f:10:92:b0:1b:c2:3c:a5:83:9d:a7:52:a3:
67:bf:ee:05:c8:f3:0a:5c:3d:84:05:78:e1:d9:28:a7:39:0a:
1f:ab:3c:3f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGqRE/1x29RwOvfhdsDwcMr5/xoEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTYwMDQwMDZaFw0yNjA4MTQyMzU5NTlaMHoxSTBHBgNV
BAUTQGZkOTFkYzQ3M2FkMWZmNTEyYWM0YzYxYTUzZWJlNjM5MmM3MzU0M2FjZDEz
NmQ4YzNiZjIyMzU3Y2VmODkwY2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALPxCH5UkdURtkd4BJSvs73cS/bonay3W6Fl/wLMFPFt/7KgLRj6/z1Wv5am
TOH7zdfqtbTB1AME2bTW1FsjzUE1cToPVVZoK5W6hCGhzwk6Rc5CCDhqS02Rv980
Q3M0o2d2MrOPYZKSZeo3796OcbY0rs6eO7bGvwjscBnJNzHWYGwWhpgMXj+fNdt1
1kj1gfvFyiJk761sWQ4Rfjrar8dBMAO5nGuQETlJeC+EmofyTZay8ImEflAFWloF
FjukkAeisFeiHJtBb1cigc7YaZuv0/g+9EP+3QFLppWdt6yBYsG8twbB4oaKT1iw
uMQUE2sbhmaD3kH/6pWdDA+3k5cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQZ8G02
H/YtyLkPlOm6yE/Cp2sptDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWZkMjNjMzctNGMyNC00OWFjLWJhZjYtMWMzYTlhMmQwNTEyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DWQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCl89DEGJ8gUgRbFXxsj2O1NDVPMnEVFDumc+hG
N4G4LJTXASl9HpaWYOCaOeHRyttvqGyIG4rRkZbIrNL0vq+UxVI7pApU2/WGZerR
7qaapL22PE+wpL+Ti2sffVVkhiBMeV+qRO5BtL3/gmJGBr53qWEJ2hAUTpUMC7V9
clui8OpIWf0Ko6bvSNeR+nG9B7IdGUFP/rmftAWTI1Xr1P3WuAc0VwD7snB6UKoV
ffRlcJv82jg/jXanr5YegykYfdK8hMWGdcNK+t1vnlKLiFV3wQNcAPa7taPo6teN
RW8QkrAbwjylg52nUqNnv+4FyPMKXD2EBXjh2SinOQofqzw/
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:25:27 2026 by rpki-client