Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ce2bc1d7-e429-4350-b9cd-a49158d2b118.roa
File: ce2bc1d7-e429-4350-b9cd-a49158d2b118.roa (raw, json)
Hash identifier: 5U9zPLTdJtPO9WkF8wXdRAIr/e+bPvohCBkT/i2brMY=
Subject key identifier: BC:17:29:B0:04:47:8B:D6:26:1D:D6:23:37:6A:56:C8:90:51:59:5B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 55C73D7AA84DFCC126EE0597E7C836E8575800D9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ce2bc1d7-e429-4350-b9cd-a49158d2b118.roa
Signing time: Tue 19 May 2026 05:10:35 +0000
ROA not before: Tue 19 May 2026 05:10:35 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:c7:3d:7a:a8:4d:fc:c1:26:ee:05:97:e7:c8:36:e8:57:58:00:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:10:35 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=b4b1f3344651874d57f47d0a9308ed7f4913036e3ef6974cc4cc88698bf73264, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:9d:38:9b:54:4a:77:5b:54:8b:75:33:ac:01:
2d:4c:e4:3e:c0:2b:ae:01:9b:20:c5:e1:92:5f:30:
9e:a6:79:45:cb:7d:6e:fa:dc:36:bc:17:e5:fe:7c:
0e:50:7b:4d:35:e0:8f:bc:43:bd:55:b8:35:86:c6:
4d:a3:d1:e1:ac:49:bc:86:19:04:2b:2e:c5:89:01:
da:35:bd:91:af:93:5c:cf:0b:5d:ea:59:a7:e3:ac:
c6:f4:1e:58:19:55:37:84:6e:f1:a2:7c:01:f3:4c:
34:3d:a8:b7:44:33:a1:7f:44:20:c1:85:7c:21:ae:
c0:da:b9:12:ac:88:9e:e9:58:de:84:a5:4c:25:fa:
cd:93:24:e0:63:73:41:fc:ec:f4:e4:80:ce:39:ae:
af:33:8a:dc:33:e1:c1:51:09:ba:38:07:30:73:be:
fc:e4:c6:13:d7:17:68:fb:34:ad:33:bf:7b:db:2d:
d5:b0:1e:74:7c:8a:27:6d:2d:1a:73:13:39:88:97:
48:bb:05:8a:e0:72:08:c8:eb:58:c0:24:9b:a6:c2:
ee:54:11:c6:3d:8b:56:b7:14:a2:23:34:ec:3c:27:
9d:0f:b0:e0:87:e1:52:9a:19:36:8a:fb:0f:09:fa:
80:3c:ab:a3:af:29:1c:c0:ab:00:98:79:ac:2f:ea:
17:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:17:29:B0:04:47:8B:D6:26:1D:D6:23:37:6A:56:C8:90:51:59:5B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ce2bc1d7-e429-4350-b9cd-a49158d2b118.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:a000::/40
Signature Algorithm: sha256WithRSAEncryption
b8:40:a9:8e:47:2e:80:7c:71:13:77:38:bb:c0:2b:2e:dc:f9:
10:89:6f:2d:8b:b8:15:c2:1e:4b:7f:10:0c:2a:71:e2:d6:da:
01:26:c4:70:84:bc:ad:9e:f0:74:76:49:2e:b3:f0:6e:f5:95:
72:f0:d2:ec:ba:98:0d:c0:22:6a:e6:5f:80:f5:59:c0:0f:32:
30:52:95:d4:c9:5f:45:57:f9:37:80:49:d4:ef:40:ed:64:3c:
88:0b:4e:ac:c0:8e:6c:a1:8a:ff:6a:3d:48:4a:43:d3:e7:a7:
c2:d8:17:f0:24:c6:ca:05:a4:56:e0:9b:cc:c2:f5:f5:0c:42:
38:fb:02:65:7e:cb:00:fe:d9:d8:d3:96:83:2f:c6:71:62:61:
e4:bb:41:91:86:62:6e:6d:cf:0b:d6:d5:71:ab:88:9e:b2:ae:
0b:7b:12:f1:d4:a4:2f:02:0c:fc:bd:0b:c2:72:b0:e1:9e:3f:
07:80:e9:35:64:a4:58:c5:e9:ab:bb:c7:06:5c:71:51:7e:3c:
19:f3:00:51:ce:b1:ee:b0:1f:26:18:30:78:6a:63:9a:44:78:
ad:9d:30:af:89:0d:97:b4:07:90:0e:e8:a2:8d:6b:5b:e2:1c:
0d:9b:88:3f:2d:fc:c7:52:f8:14:51:a0:fb:f1:96:86:3e:d1:
22:89:de:f7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVcc9eqhN/MEm7gWX58g26FdYANkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTEwMzVaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGI0YjFmMzM0NDY1MTg3NGQ1N2Y0N2QwYTkzMDhlZDdmNDkxMzAzNmUzZWY2
OTc0Y2M0Y2M4ODY5OGJmNzMyNjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMadOJtUSndbVIt1M6wBLUzkPsArrgGbIMXhkl8wnqZ5Rct9bvrcNrwX5f58
DlB7TTXgj7xDvVW4NYbGTaPR4axJvIYZBCsuxYkB2jW9ka+TXM8LXepZp+OsxvQe
WBlVN4Ru8aJ8AfNMND2ot0QzoX9EIMGFfCGuwNq5EqyInulY3oSlTCX6zZMk4GNz
Qfzs9OSAzjmurzOK3DPhwVEJujgHMHO+/OTGE9cXaPs0rTO/e9st1bAedHyKJ20t
GnMTOYiXSLsFiuByCMjrWMAkm6bC7lQRxj2LVrcUoiM07DwnnQ+w4IfhUpoZNor7
Dwn6gDyro68pHMCrAJh5rC/qFwsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS8Fymw
BEeL1iYd1iM3albIkFFZWzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2UyYmMxZDctZTQyOS00MzUwLWI5Y2QtYTQ5MTU4ZDJiMTE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Dig
MA0GCSqGSIb3DQEBCwUAA4IBAQC4QKmORy6AfHETdzi7wCsu3PkQiW8ti7gVwh5L
fxAMKnHi1toBJsRwhLytnvB0dkkus/Bu9ZVy8NLsupgNwCJq5l+A9VnADzIwUpXU
yV9FV/k3gEnU70DtZDyIC06swI5soYr/aj1ISkPT56fC2BfwJMbKBaRW4JvMwvX1
DEI4+wJlfssA/tnY05aDL8ZxYmHku0GRhmJubc8L1tVxq4iesq4LexLx1KQvAgz8
vQvCcrDhnj8HgOk1ZKRYxemru8cGXHFRfjwZ8wBRzrHusB8mGDB4amOaRHitnTCv
iQ2XtAeQDuiijWtb4hwNm4g/LfzHUvgUUaD78ZaGPtEiid73
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:12:08 2026 by rpki-client