Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb5ee4c1-dd36-49a9-8b09-89d58aa8035e.roa
File: cb5ee4c1-dd36-49a9-8b09-89d58aa8035e.roa (raw, json)
Hash identifier: 1M4Pr0wHKz3JB5zyaNmHSkyEyiGFqkYlygmCX0to7R8=
Subject key identifier: 28:59:50:10:70:03:F7:8C:33:88:17:95:C2:C1:A4:FC:55:FD:99:75
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3843519E15712696E7CBAF57C7ABD37C3F456D35
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb5ee4c1-dd36-49a9-8b09-89d58aa8035e.roa
Signing time: Tue 19 May 2026 05:30:57 +0000
ROA not before: Tue 19 May 2026 05:30:57 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d011:c00::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:43:51:9e:15:71:26:96:e7:cb:af:57:c7:ab:d3:7c:3f:45:6d:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:30:57 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=0147246c3365553e2ac8653d6ee921b2d79493a623183c1828eabffe06dce7ae, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:8d:39:54:ef:6b:4d:97:ca:8d:67:a2:53:34:
a1:bb:ba:a1:a0:1d:70:13:f5:ce:a8:0b:94:63:96:
e2:e3:0b:db:bb:8b:3b:e8:ef:7c:6e:66:46:ad:b2:
cb:c1:d0:a4:a5:bf:f3:fa:0c:50:26:65:21:a9:71:
76:fd:8e:7f:67:bf:3d:b7:e1:3a:0a:57:d1:18:12:
95:e3:db:c7:07:e8:7e:6f:56:04:d7:a5:6d:0b:0e:
5b:cc:4d:96:26:45:a7:b2:d7:f0:dd:1d:0d:59:00:
5c:a0:5b:1e:f9:3b:41:4e:fe:73:5d:2b:e2:89:1c:
5f:2e:b3:0b:79:de:6c:4f:bd:af:ec:42:9a:c5:65:
d1:b4:1f:32:a3:f5:82:39:61:e8:e4:a3:98:f7:fd:
ae:1e:c1:06:c9:7f:3b:a7:1f:0a:3a:2c:38:96:98:
d8:f7:98:5f:81:aa:5f:99:3d:b7:dd:07:28:f7:2e:
ae:90:b0:aa:b4:7f:a1:d5:2a:72:8d:f7:a2:2e:c2:
bb:a4:9d:cd:35:e6:1b:c1:36:62:55:55:f3:a9:a0:
2f:aa:9f:28:54:89:bc:6e:ad:28:2f:06:df:d7:a8:
91:2e:8d:a3:97:ff:00:8e:da:27:f4:12:f5:d5:0f:
40:71:5a:b1:27:4b:d3:19:18:77:06:a0:c4:e1:46:
db:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:59:50:10:70:03:F7:8C:33:88:17:95:C2:C1:A4:FC:55:FD:99:75
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb5ee4c1-dd36-49a9-8b09-89d58aa8035e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d011:c00::/38
Signature Algorithm: sha256WithRSAEncryption
71:73:bf:10:61:3b:a9:5d:4b:47:af:42:bf:f4:08:be:f0:cd:
a8:42:3d:d0:d3:96:32:c6:10:40:4e:15:9b:5b:b6:87:d9:7d:
f1:9d:f4:d4:00:47:7f:7c:8a:6f:d2:5a:a1:b0:86:98:d8:ad:
ae:ca:26:0b:86:40:c9:a9:d1:15:84:8d:b3:64:96:dc:37:8a:
1e:7f:29:aa:c6:ec:03:d9:72:19:57:40:83:46:5d:f0:2c:06:
7d:8c:78:38:a8:dc:49:34:5b:1e:f0:8a:05:5e:c4:6f:ec:18:
96:86:27:2d:e5:e0:e5:d5:28:dd:6f:3e:31:7a:e9:d4:4f:f4:
4e:5e:0f:87:55:ed:c0:42:39:30:15:e2:d6:13:87:d1:6d:d7:
71:b0:51:99:da:18:b2:b3:7a:7a:fc:d2:6b:22:27:e4:0f:f5:
8d:64:84:af:b5:c7:67:b0:42:ea:6c:ed:a7:58:68:6d:ca:2f:
f4:87:15:a3:04:5d:c4:09:41:51:f1:89:06:76:23:ef:51:32:
be:9f:0e:15:8e:4e:b0:76:51:01:2d:80:a8:79:ae:ec:1a:33:
4f:4f:d0:f1:2a:fb:e3:b1:09:c3:ee:7c:c2:58:24:e7:5f:3a:
80:a9:3f:ab:02:c2:3d:69:0c:29:64:1c:3b:96:6c:a1:51:3a:
dd:2e:fd:10
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOENRnhVxJpbny69Xx6vTfD9FbTUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTMwNTdaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDAxNDcyNDZjMzM2NTU1M2UyYWM4NjUzZDZlZTkyMWIyZDc5NDkzYTYyMzE4
M2MxODI4ZWFiZmZlMDZkY2U3YWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL+NOVTva02Xyo1nolM0obu6oaAdcBP1zqgLlGOW4uML27uLO+jvfG5mRq2y
y8HQpKW/8/oMUCZlIalxdv2Of2e/PbfhOgpX0RgSlePbxwfofm9WBNelbQsOW8xN
liZFp7LX8N0dDVkAXKBbHvk7QU7+c10r4okcXy6zC3nebE+9r+xCmsVl0bQfMqP1
gjlh6OSjmPf9rh7BBsl/O6cfCjosOJaY2PeYX4GqX5k9t90HKPcurpCwqrR/odUq
co33oi7Cu6SdzTXmG8E2YlVV86mgL6qfKFSJvG6tKC8G39eokS6No5f/AI7aJ/QS
9dUPQHFasSdL0xkYdwagxOFG28UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQoWVAQ
cAP3jDOIF5XCwaT8Vf2ZdTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2I1ZWU0YzEtZGQzNi00OWE5LThiMDktODlkNThhYTgwMzVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BEM
MA0GCSqGSIb3DQEBCwUAA4IBAQBxc78QYTupXUtHr0K/9Ai+8M2oQj3Q05YyxhBA
ThWbW7aH2X3xnfTUAEd/fIpv0lqhsIaY2K2uyiYLhkDJqdEVhI2zZJbcN4oefymq
xuwD2XIZV0CDRl3wLAZ9jHg4qNxJNFse8IoFXsRv7BiWhict5eDl1Sjdbz4xeunU
T/ROXg+HVe3AQjkwFeLWE4fRbddxsFGZ2hiys3p6/NJrIifkD/WNZISvtcdnsELq
bO2nWGhtyi/0hxWjBF3ECUFR8YkGdiPvUTK+nw4Vjk6wdlEBLYCoea7sGjNPT9Dx
KvvjsQnD7nzCWCTnXzqAqT+rAsI9aQwpZBw7lmyhUTrdLv0Q
-----END CERTIFICATE-----
Generated at Sat Jun 13 12:42:26 2026 by rpki-client