Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba0e6993-e9bd-44c0-aa48-4765708e5ff0.roa
File: ba0e6993-e9bd-44c0-aa48-4765708e5ff0.roa (raw, json)
Hash identifier: qG4uQ9zPB6Gc81n66N8d7jAyvFCqaBgLSd6TE/6DES0=
Subject key identifier: 6E:E1:2C:9A:B0:E2:66:98:9A:09:C6:CA:DB:7D:1D:D8:BD:AA:41:0D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3FDAA93B0B6361D78E673FD4D28384F4F2837B3D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba0e6993-e9bd-44c0-aa48-4765708e5ff0.roa
Signing time: Tue 19 May 2026 05:10:36 +0000
ROA not before: Tue 19 May 2026 05:10:36 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d011:800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:da:a9:3b:0b:63:61:d7:8e:67:3f:d4:d2:83:84:f4:f2:83:7b:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:10:36 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=915c49edd5696433332ff9e8db1a01086b99605aa592567171a7346826358434, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:d4:94:fb:e8:a7:1c:6d:ca:0b:ee:99:06:5f:
ae:9f:36:eb:73:3a:2a:38:b5:7c:ef:65:cb:bd:35:
c1:53:56:91:8e:46:4b:74:3e:63:23:77:22:75:ab:
b6:dd:b6:7b:38:92:cc:b9:8e:86:81:55:25:6a:e0:
72:fd:a6:9f:6b:b1:af:ba:02:d5:32:ae:10:8f:1e:
52:2d:50:59:f5:13:3b:c8:88:fe:6e:50:44:cd:a6:
d8:39:46:bb:ac:f0:e4:94:8d:b8:89:46:3c:72:1e:
7c:96:64:ec:db:be:b3:53:a2:9d:6d:2e:f6:9c:06:
4f:67:42:89:80:c4:0c:41:a3:29:ce:3c:95:b6:ec:
49:3d:d5:92:24:a9:8e:8e:4e:5c:bd:57:72:c1:99:
50:c4:93:72:e3:03:0f:6e:33:99:1a:e4:7d:2e:4d:
cc:37:8c:a2:1e:6e:95:b2:94:a2:01:0f:a2:27:1c:
37:fa:47:6f:42:86:2a:32:9e:c0:18:8b:d7:4e:0f:
25:98:d0:4d:4b:14:2f:4d:75:7f:44:b4:c9:c1:90:
1d:21:56:a3:32:08:21:19:99:b2:c6:7d:b3:c2:1b:
de:40:bc:2d:06:8d:f3:b4:ab:ae:72:fa:ca:96:20:
84:f7:6a:ac:50:03:c9:c3:63:56:9b:a0:2a:3f:db:
63:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:E1:2C:9A:B0:E2:66:98:9A:09:C6:CA:DB:7D:1D:D8:BD:AA:41:0D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba0e6993-e9bd-44c0-aa48-4765708e5ff0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d011:800::/38
Signature Algorithm: sha256WithRSAEncryption
09:01:f8:c2:fb:01:ce:11:95:07:a8:14:37:31:7d:de:3d:1b:
7d:90:64:69:ac:0e:ca:f8:6f:7c:0b:da:77:0a:7d:c1:89:5d:
ab:09:0e:0f:03:8d:73:f1:f1:fa:e8:05:e9:59:96:a4:05:36:
e2:2c:6d:e4:c2:90:a4:3f:0f:39:90:42:3e:2c:6b:57:cc:c3:
4d:af:0a:b6:86:15:d2:e1:5e:27:84:67:0f:cf:53:a0:0a:68:
5a:57:33:e2:e4:61:37:a5:e6:e7:3d:57:ff:34:a0:97:c5:23:
79:58:5e:f4:b1:d6:27:f4:6c:bf:b4:15:30:82:f3:a1:cc:11:
17:2f:6d:05:b3:dc:e7:4b:46:27:3e:b0:a9:8f:4a:ae:bc:f5:
29:35:68:93:af:8a:6e:14:1c:c0:a9:78:cb:c1:37:77:6e:71:
eb:38:f9:23:80:df:58:8a:57:aa:86:87:7e:2f:cb:26:b4:16:
8e:bd:f6:75:aa:b2:b6:1f:ee:3d:59:27:b2:36:fb:1e:c1:f3:
c0:99:11:6a:0c:e1:37:3a:59:0d:ad:95:a2:7a:71:1c:15:b0:
7b:49:6c:13:13:3a:b7:b9:d9:6c:f4:81:d2:84:7c:7b:95:7f:
25:19:8d:18:59:85:18:53:16:6c:33:01:5d:37:83:a8:df:63:
dd:d3:67:2a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUP9qpOwtjYdeOZz/U0oOE9PKDez0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTEwMzZaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDkxNWM0OWVkZDU2OTY0MzMzMzJmZjllOGRiMWEwMTA4NmI5OTYwNWFhNTky
NTY3MTcxYTczNDY4MjYzNTg0MzQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALjUlPvopxxtygvumQZfrp8263M6Kji1fO9ly701wVNWkY5GS3Q+YyN3InWr
tt22eziSzLmOhoFVJWrgcv2mn2uxr7oC1TKuEI8eUi1QWfUTO8iI/m5QRM2m2DlG
u6zw5JSNuIlGPHIefJZk7Nu+s1OinW0u9pwGT2dCiYDEDEGjKc48lbbsST3VkiSp
jo5OXL1XcsGZUMSTcuMDD24zmRrkfS5NzDeMoh5ulbKUogEPoiccN/pHb0KGKjKe
wBiL104PJZjQTUsUL011f0S0ycGQHSFWozIIIRmZssZ9s8Ib3kC8LQaN87SrrnL6
ypYghPdqrFADycNjVpugKj/bY5UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRu4Sya
sOJmmJoJxsrbfR3YvapBDTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmEwZTY5OTMtZTliZC00NGMwLWFhNDgtNDc2NTcwOGU1ZmYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BEI
MA0GCSqGSIb3DQEBCwUAA4IBAQAJAfjC+wHOEZUHqBQ3MX3ePRt9kGRprA7K+G98
C9p3Cn3BiV2rCQ4PA41z8fH66AXpWZakBTbiLG3kwpCkPw85kEI+LGtXzMNNrwq2
hhXS4V4nhGcPz1OgCmhaVzPi5GE3pebnPVf/NKCXxSN5WF70sdYn9Gy/tBUwgvOh
zBEXL20Fs9znS0YnPrCpj0quvPUpNWiTr4puFBzAqXjLwTd3bnHrOPkjgN9Yileq
hod+L8smtBaOvfZ1qrK2H+49WSeyNvsewfPAmRFqDOE3OlkNrZWienEcFbB7SWwT
Ezq3udls9IHShHx7lX8lGY0YWYUYUxZsMwFdN4Oo32Pd02cq
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:11:47 2026 by rpki-client