Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bf5404c2-bcbe-4df4-86ce-72ceb067f666.roa
File: bf5404c2-bcbe-4df4-86ce-72ceb067f666.roa (raw, json)
Hash identifier: +ZaAyxkTZILrSvfcPx9L/qS9eyk/pbvSLkGsBYNUFXY=
Subject key identifier: B4:A0:E5:FF:A0:C8:4C:36:46:D3:3D:58:38:B7:75:DB:37:C4:4D:3F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4CE1556A70B312FD1ED777A77128A05B47F31D55
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bf5404c2-bcbe-4df4-86ce-72ceb067f666.roa
Signing time: Tue 19 May 2026 05:00:37 +0000
ROA not before: Tue 19 May 2026 05:00:37 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:4020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:e1:55:6a:70:b3:12:fd:1e:d7:77:a7:71:28:a0:5b:47:f3:1d:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:00:37 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=a0ec6cfa3af4715102a6baa1529a73e26effc1ea472932f6887bce50b962cabc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:54:52:27:39:d4:44:54:d7:5e:5b:86:4a:09:
14:bb:e1:bd:6b:3d:72:a1:b6:cc:0b:e5:23:1a:0a:
ac:b9:56:a3:2d:9f:11:17:53:b4:25:6a:48:2e:28:
26:8c:ae:38:f9:3c:8c:08:c7:b8:61:8a:48:51:bc:
37:4a:ed:1c:78:26:27:8b:2d:93:78:e0:48:f6:6d:
f5:72:28:3e:10:f0:16:13:19:1f:71:71:62:ab:3b:
ff:d2:ff:2f:4b:11:7e:44:4b:26:6a:3c:a2:fa:81:
c9:cb:96:af:51:d3:cc:15:03:5d:9b:bc:03:f9:8f:
20:1b:8d:61:d7:6b:f1:89:fd:8b:2a:9f:64:9e:09:
b2:84:7d:e1:e5:86:94:24:52:c7:2a:9f:7a:88:f7:
51:d5:46:50:b9:7f:82:ac:0c:0d:40:24:cb:c3:44:
ec:1d:2b:85:ac:b1:ef:d0:45:4c:1f:3e:ac:e1:5d:
32:a4:97:f4:1c:3a:9c:29:79:05:14:2f:60:d3:99:
77:0c:41:90:29:f1:47:04:ef:18:e1:6f:b4:ec:0e:
2c:40:4d:93:1e:20:b7:05:73:16:5b:3c:4f:59:d6:
9f:d4:38:01:0f:4f:e1:d1:6b:be:ef:50:05:e8:a8:
71:21:ea:7c:02:43:c0:5c:df:28:72:d0:42:f7:6e:
14:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:A0:E5:FF:A0:C8:4C:36:46:D3:3D:58:38:B7:75:DB:37:C4:4D:3F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bf5404c2-bcbe-4df4-86ce-72ceb067f666.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:4020::/48
Signature Algorithm: sha256WithRSAEncryption
22:53:e0:a1:18:29:e1:17:15:5d:84:21:99:73:f8:f4:78:45:
e5:08:91:4c:16:36:b5:b4:63:92:5a:e8:55:a1:5b:41:58:bc:
89:6d:1f:e6:02:cc:d3:bf:8c:9f:8b:a5:93:55:40:38:fd:5c:
c1:ee:51:4a:41:94:df:93:47:7f:6a:c0:91:7d:33:37:60:ce:
20:0f:39:c9:0f:58:fc:2c:ec:82:17:65:54:4e:1a:07:9c:a1:
d4:8c:f8:d7:c7:a6:32:1f:af:11:7d:c4:10:1a:74:58:cf:89:
9e:ec:82:57:da:03:4b:f6:ef:2b:17:86:12:82:33:e6:5c:79:
8f:1d:91:dd:b6:91:83:8a:53:56:25:ed:1d:1e:98:94:f9:c2:
74:9d:92:5f:cb:10:9e:ed:8c:bc:e3:1d:21:5c:91:45:a0:1a:
67:72:c7:e6:f2:98:f0:c9:fe:43:ba:89:7c:6d:f9:ef:7e:4d:
93:37:7a:5b:af:29:4d:c6:51:7b:71:22:ca:c1:57:06:55:cd:
bc:2b:50:33:36:3b:af:c0:39:0a:9d:e6:a5:63:9b:97:b2:ee:
9d:7f:97:1a:50:57:4d:ea:d8:f6:c2:ae:02:e6:5b:eb:4b:24:
0e:71:e7:79:69:b6:cb:3e:5f:cc:f1:b6:f0:ee:ae:29:4d:f1:
65:03:6e:b9
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUTOFVanCzEv0e13encSigW0fzHVUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTAwMzdaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGEwZWM2Y2ZhM2FmNDcxNTEwMmE2YmFhMTUyOWE3M2UyNmVmZmMxZWE0NzI5
MzJmNjg4N2JjZTUwYjk2MmNhYmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ9UUic51ERU115bhkoJFLvhvWs9cqG2zAvlIxoKrLlWoy2fERdTtCVqSC4o
JoyuOPk8jAjHuGGKSFG8N0rtHHgmJ4stk3jgSPZt9XIoPhDwFhMZH3FxYqs7/9L/
L0sRfkRLJmo8ovqBycuWr1HTzBUDXZu8A/mPIBuNYddr8Yn9iyqfZJ4JsoR94eWG
lCRSxyqfeoj3UdVGULl/gqwMDUAky8NE7B0rhayx79BFTB8+rOFdMqSX9Bw6nCl5
BRQvYNOZdwxBkCnxRwTvGOFvtOwOLEBNkx4gtwVzFls8T1nWn9Q4AQ9P4dFrvu9Q
BeiocSHqfAJDwFzfKHLQQvduFAkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS0oOX/
oMhMNkbTPVg4t3XbN8RNPzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmY1NDA0YzItYmNiZS00ZGY0LTg2Y2UtNzJjZWIwNjdmNjY2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H9A
IDANBgkqhkiG9w0BAQsFAAOCAQEAIlPgoRgp4RcVXYQhmXP49HhF5QiRTBY2tbRj
klroVaFbQVi8iW0f5gLM07+Mn4ulk1VAOP1cwe5RSkGU35NHf2rAkX0zN2DOIA85
yQ9Y/CzsghdlVE4aB5yh1Iz418emMh+vEX3EEBp0WM+JnuyCV9oDS/bvKxeGEoIz
5lx5jx2R3baRg4pTViXtHR6YlPnCdJ2SX8sQnu2MvOMdIVyRRaAaZ3LH5vKY8Mn+
Q7qJfG35735Nkzd6W68pTcZRe3EiysFXBlXNvCtQMzY7r8A5Cp3mpWObl7LunX+X
GlBXTerY9sKuAuZb60skDnHneWm2yz5fzPG28O6uKU3xZQNuuQ==
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:11:48 2026 by rpki-client