Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cf6ac3ef-82f5-4abc-a36e-405b863f884b.roa
File: cf6ac3ef-82f5-4abc-a36e-405b863f884b.roa (raw, json)
Hash identifier: 0nbTkSjshYbprHUaksOlqJ1NteD93psyrNaAfCGK98A=
Subject key identifier: 64:E7:F2:FD:E6:8B:E4:18:D2:C7:A4:CA:DD:42:64:78:17:23:6A:93
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3490CB0A97466F2D73AEEA151BD502855FF1B8E4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cf6ac3ef-82f5-4abc-a36e-405b863f884b.roa
Signing time: Tue 19 May 2026 05:00:37 +0000
ROA not before: Tue 19 May 2026 05:00:37 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:80a0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:90:cb:0a:97:46:6f:2d:73:ae:ea:15:1b:d5:02:85:5f:f1:b8:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:00:37 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=d862561d420777b91118224a011391baf14130af4a10855151a20034bd437e2e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:4d:2a:d8:57:c3:a8:67:99:8a:b6:f4:cf:e2:
49:43:02:f1:23:d4:40:a2:f7:43:b3:d4:c5:00:d6:
8a:c1:1d:1b:c1:8b:46:46:3e:08:4c:57:2c:d6:53:
20:96:ea:a4:86:8f:65:be:e1:03:52:cb:80:73:22:
27:3d:75:fb:d7:ad:4b:37:46:82:24:47:be:20:4c:
0c:ba:33:05:c2:4f:8f:26:7e:19:6f:10:b7:f8:55:
23:ac:2b:c0:0e:2d:55:c0:a7:6b:97:83:27:cf:e8:
84:4b:eb:e1:c0:cd:15:08:2a:1b:86:56:4e:69:7e:
9f:27:fd:af:32:05:96:fa:d1:1f:10:75:06:bf:e0:
ce:a7:4a:c4:0f:85:f0:70:63:80:62:8c:ea:8f:6b:
b4:f4:57:d8:ea:50:88:a0:4d:f0:62:f6:8b:df:0e:
be:47:2f:19:5c:f4:00:1d:cd:4c:74:5c:da:e7:45:
4c:62:78:45:d8:a2:e8:99:c1:e3:d4:07:d9:67:6f:
bb:b0:e7:1b:d5:1e:1b:8c:f8:5a:43:0f:d3:b3:b6:
3f:dd:e5:63:f0:69:5b:17:3c:4d:eb:46:ab:29:95:
96:ff:f3:64:1a:9a:df:f2:58:81:c8:d1:71:e4:44:
a3:11:00:04:0b:17:83:1e:29:0f:81:e1:10:30:75:
78:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:E7:F2:FD:E6:8B:E4:18:D2:C7:A4:CA:DD:42:64:78:17:23:6A:93
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cf6ac3ef-82f5-4abc-a36e-405b863f884b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:80a0::/48
Signature Algorithm: sha256WithRSAEncryption
92:9b:a2:28:50:0d:57:9e:ac:d8:ba:91:c8:a0:9d:96:49:66:
3a:af:75:86:61:2c:93:f2:20:41:da:83:30:c1:36:98:13:73:
38:92:24:0c:2c:9c:35:40:a7:e3:66:5f:50:d6:09:02:fa:6e:
f7:62:2f:bc:48:e7:ed:39:2f:13:c1:5c:0d:cd:c2:d1:01:34:
a2:d7:30:04:47:93:b9:5d:93:5d:b8:64:b9:5e:4b:97:b4:15:
f3:1f:ca:c0:d6:c6:60:30:6b:31:02:b4:b2:80:9b:2c:71:36:
58:48:91:f6:84:2a:c1:aa:f6:f6:5c:d1:33:54:d4:34:b1:89:
98:86:63:55:64:60:3d:c8:b1:19:87:dd:82:cf:00:e9:25:0d:
a0:a5:fe:b3:4c:e3:09:e8:3c:13:9a:b8:30:87:d6:5d:9a:f6:
ee:c4:2d:7a:89:44:c6:33:bb:ef:a7:6c:7b:51:7c:cf:16:8a:
47:ac:20:50:33:64:66:31:85:bf:5c:32:14:ac:67:2e:f5:20:
96:de:f6:ab:bf:6c:21:58:31:ea:17:9d:e8:4d:37:85:ad:8c:
89:ea:ba:ce:0a:11:cc:77:fc:80:6b:5a:ff:d3:e6:84:e3:3f:
96:d4:d3:64:2d:49:5d:c1:cb:40:8d:39:7a:74:dd:b8:3c:d7:
74:97:1c:d8
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUNJDLCpdGby1zruoVG9UChV/xuOQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTAwMzdaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ4NjI1NjFkNDIwNzc3YjkxMTE4MjI0YTAxMTM5MWJhZjE0MTMwYWY0YTEw
ODU1MTUxYTIwMDM0YmQ0MzdlMmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKZNKthXw6hnmYq29M/iSUMC8SPUQKL3Q7PUxQDWisEdG8GLRkY+CExXLNZT
IJbqpIaPZb7hA1LLgHMiJz11+9etSzdGgiRHviBMDLozBcJPjyZ+GW8Qt/hVI6wr
wA4tVcCna5eDJ8/ohEvr4cDNFQgqG4ZWTml+nyf9rzIFlvrRHxB1Br/gzqdKxA+F
8HBjgGKM6o9rtPRX2OpQiKBN8GL2i98OvkcvGVz0AB3NTHRc2udFTGJ4Rdii6JnB
49QH2Wdvu7DnG9UeG4z4WkMP07O2P93lY/BpWxc8TetGqymVlv/zZBqa3/JYgcjR
ceREoxEABAsXgx4pD4HhEDB1eGsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRk5/L9
5ovkGNLHpMrdQmR4FyNqkzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2Y2YWMzZWYtODJmNS00YWJjLWEzNmUtNDA1Yjg2M2Y4ODRiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
oDANBgkqhkiG9w0BAQsFAAOCAQEAkpuiKFANV56s2LqRyKCdlklmOq91hmEsk/Ig
QdqDMME2mBNzOJIkDCycNUCn42ZfUNYJAvpu92IvvEjn7TkvE8FcDc3C0QE0otcw
BEeTuV2TXbhkuV5Ll7QV8x/KwNbGYDBrMQK0soCbLHE2WEiR9oQqwar29lzRM1TU
NLGJmIZjVWRgPcixGYfdgs8A6SUNoKX+s0zjCeg8E5q4MIfWXZr27sQteolExjO7
76dse1F8zxaKR6wgUDNkZjGFv1wyFKxnLvUglt72q79sIVgx6hed6E03ha2Mieq6
zgoRzHf8gGta/9PmhOM/ltTTZC1JXcHLQI05enTduDzXdJcc2A==
-----END CERTIFICATE-----
Generated at Sat Jun 13 07:59:17 2026 by rpki-client