Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c9256536-0e9a-4175-8ac7-a0fb991ebff9.roa
File: c9256536-0e9a-4175-8ac7-a0fb991ebff9.roa (raw, json)
Hash identifier: xGIzLyMNW/SsRLpYrKj0u0LCCCw3LqtSSIVXp74eOCw=
Subject key identifier: 11:AF:BC:3D:E6:83:8F:D1:42:58:07:F4:84:01:0B:9C:A6:D0:C5:0A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5F309066C1D9AF4F7C7C08F2CEC38FE3516CBE13
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c9256536-0e9a-4175-8ac7-a0fb991ebff9.roa
Signing time: Tue 19 May 2026 05:00:07 +0000
ROA not before: Tue 19 May 2026 05:00:07 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:c000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:30:90:66:c1:d9:af:4f:7c:7c:08:f2:ce:c3:8f:e3:51:6c:be:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:00:07 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=33776214c372c5e45e22d269bd87939b1cc4c9f92fc0683405caf35051bc3975, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:8d:d3:76:3c:07:d2:83:f6:e9:1b:d6:60:e5:
50:c2:c9:e2:7e:12:74:99:c9:1e:4a:06:6c:02:94:
c5:6f:e6:ca:5a:63:2f:dc:ea:78:ea:4d:1c:a8:fa:
ae:fd:f7:99:5d:23:78:43:e1:9c:dd:1a:19:88:72:
eb:da:96:9a:03:f0:53:05:4e:31:ec:93:5a:84:08:
7e:64:2d:77:49:39:63:5f:41:dd:ce:9b:ec:28:3f:
82:b3:e0:0b:aa:de:b3:01:c9:86:06:0b:cc:a5:22:
f9:39:62:11:52:5e:c4:34:29:67:44:eb:98:d6:0a:
19:2a:dc:0c:93:75:4b:85:17:0c:ac:8c:05:39:7b:
1f:25:68:df:95:de:6a:50:5a:bc:32:ad:f9:cd:72:
56:64:f9:54:25:9c:0a:31:a8:7a:bb:a8:79:b5:61:
87:0a:8b:89:19:52:45:e9:9b:18:53:b4:58:a6:6e:
d4:e4:7e:06:b4:c6:73:75:3d:f5:4d:8e:81:14:fb:
c8:87:9b:80:bc:97:7b:e7:c6:a0:f8:0b:7c:e1:66:
fa:91:ce:85:9f:15:03:b4:fe:fc:20:3c:02:74:83:
ac:fd:fe:0a:a3:b6:e5:fd:c1:2c:ef:8a:d7:0c:01:
67:fc:90:12:22:89:db:71:79:0c:9c:10:fc:bb:b5:
0f:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:AF:BC:3D:E6:83:8F:D1:42:58:07:F4:84:01:0B:9C:A6:D0:C5:0A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c9256536-0e9a-4175-8ac7-a0fb991ebff9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:c000::/40
Signature Algorithm: sha256WithRSAEncryption
67:e5:35:92:1a:83:3f:ca:e2:7f:e7:5d:7e:2c:23:95:14:3d:
c3:94:32:5e:3c:86:01:c5:d0:f7:20:6c:af:65:a2:94:3f:82:
7d:3c:e8:c3:c6:5c:90:52:31:e1:0a:81:a7:ed:18:4c:c2:e9:
47:b1:2c:ca:5b:e1:62:e4:f6:4a:ba:52:af:f7:f0:55:d8:f7:
b3:9e:11:27:c8:4c:bc:66:d4:7f:84:5e:30:3b:d2:52:6a:b0:
c0:ab:39:bd:62:fa:95:f0:38:82:1c:bc:c2:72:20:56:b6:82:
0e:b5:aa:76:0d:85:0d:3e:41:33:1d:8c:8e:76:d5:7e:c1:08:
45:90:6d:31:2a:a0:c3:ec:a8:8b:90:0e:f9:e4:ef:74:7a:84:
fe:69:8e:31:c4:8e:25:34:28:fb:76:33:ec:92:5f:49:e9:82:
ed:8c:22:6f:4c:cc:c0:88:4e:54:f8:51:b8:ef:52:21:c8:fa:
7b:d5:0f:3c:22:dc:20:1a:7a:6a:7a:37:f6:11:0b:14:2e:6e:
75:bf:65:7f:d8:dd:ae:ea:16:78:6f:a9:fd:fa:aa:e7:9a:00:
70:2e:82:cf:f6:bb:8f:a0:5d:fc:da:24:9c:5b:b6:bd:76:91:
d1:6f:5d:a8:32:08:7e:1c:51:42:98:aa:c4:d7:65:b7:ec:5d:
9e:89:79:28
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXzCQZsHZr098fAjyzsOP41FsvhMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTAwMDdaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDMzNzc2MjE0YzM3MmM1ZTQ1ZTIyZDI2OWJkODc5MzliMWNjNGM5ZjkyZmMw
NjgzNDA1Y2FmMzUwNTFiYzM5NzUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK2N03Y8B9KD9ukb1mDlUMLJ4n4SdJnJHkoGbAKUxW/mylpjL9zqeOpNHKj6
rv33mV0jeEPhnN0aGYhy69qWmgPwUwVOMeyTWoQIfmQtd0k5Y19B3c6b7Cg/grPg
C6reswHJhgYLzKUi+TliEVJexDQpZ0TrmNYKGSrcDJN1S4UXDKyMBTl7HyVo35Xe
alBavDKt+c1yVmT5VCWcCjGoeruoebVhhwqLiRlSRembGFO0WKZu1OR+BrTGc3U9
9U2OgRT7yIebgLyXe+fGoPgLfOFm+pHOhZ8VA7T+/CA8AnSDrP3+CqO25f3BLO+K
1wwBZ/yQEiKJ23F5DJwQ/Lu1DwsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQRr7w9
5oOP0UJYB/SEAQucptDFCjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzkyNTY1MzYtMGU5YS00MTc1LThhYzctYTBmYjk5MWViZmY5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HbA
MA0GCSqGSIb3DQEBCwUAA4IBAQBn5TWSGoM/yuJ/511+LCOVFD3DlDJePIYBxdD3
IGyvZaKUP4J9POjDxlyQUjHhCoGn7RhMwulHsSzKW+Fi5PZKulKv9/BV2PeznhEn
yEy8ZtR/hF4wO9JSarDAqzm9YvqV8DiCHLzCciBWtoIOtap2DYUNPkEzHYyOdtV+
wQhFkG0xKqDD7KiLkA755O90eoT+aY4xxI4lNCj7djPskl9J6YLtjCJvTMzAiE5U
+FG471IhyPp71Q88ItwgGnpqejf2EQsULm51v2V/2N2u6hZ4b6n9+qrnmgBwLoLP
9ruPoF382iScW7a9dpHRb12oMgh+HFFCmKrE12W37F2eiXko
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:00:37 2026 by rpki-client