Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cf7e464d-77bb-4302-aa9f-93906a5dcddf.roa
File: cf7e464d-77bb-4302-aa9f-93906a5dcddf.roa (raw, json)
Hash identifier: NkkTlRqPy1ksy29W4RyBeMflymPY0V0ClPT/mmWhT30=
Subject key identifier: 11:1B:F1:D7:75:6F:D3:08:A0:3F:15:DF:D9:1F:B8:17:BC:A2:C5:07
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 515A1645D1DBF41016A53D5DC060078A4FD6BD95
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cf7e464d-77bb-4302-aa9f-93906a5dcddf.roa
Signing time: Sat 16 May 2026 00:40:04 +0000
ROA not before: Sat 16 May 2026 00:40:04 +0000
ROA not after: Fri 14 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:5a:16:45:d1:db:f4:10:16:a5:3d:5d:c0:60:07:8a:4f:d6:bd:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 16 00:40:04 2026 GMT
Not After : Aug 14 23:59:59 2026 GMT
Subject: serialNumber=c0c5927e0884d1ce01022d547b295eab1fd81480d8eb2b85ff03d2cc4b53e013, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:c0:c8:eb:39:97:7c:33:00:34:87:75:68:8f:
d7:ea:f0:cf:57:83:e1:f0:3d:6e:11:00:56:39:70:
d2:c6:0a:80:bc:3c:a5:24:d7:cf:5a:a5:bf:27:5c:
5d:0d:42:d4:1a:0b:5f:75:64:fb:35:d3:3e:72:06:
c8:15:2e:18:49:4f:3a:33:3d:49:27:1b:a9:67:f4:
be:77:88:2c:c7:81:89:49:61:26:74:6b:33:5f:de:
7a:db:7d:f8:8c:5c:95:df:08:3a:b9:a9:b5:68:1c:
37:a6:0d:e8:62:1c:a1:92:58:a7:ae:2f:2b:b4:83:
40:39:07:24:96:f0:a0:1b:f6:68:d1:06:f6:c8:d5:
f1:06:a1:b6:49:e4:9d:9b:e3:f3:24:51:d5:4c:0f:
c2:62:8c:29:dc:55:38:77:e2:21:18:55:ba:2d:6f:
6b:2e:34:47:ed:ef:57:6b:d4:58:1b:f6:6a:60:f5:
5a:02:ac:01:4f:7d:c0:fe:f4:1c:b1:50:d1:99:2e:
7f:6a:78:c2:0d:b9:6e:8d:e4:4f:b6:f1:94:0a:85:
73:b7:08:f7:74:69:35:3d:55:8a:9d:e1:13:38:03:
a3:23:f9:46:1a:09:ed:9f:15:ac:d9:c1:54:f6:2e:
c6:25:3e:e6:85:c3:fd:44:71:a1:f1:39:a1:7d:48:
84:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:1B:F1:D7:75:6F:D3:08:A0:3F:15:DF:D9:1F:B8:17:BC:A2:C5:07
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cf7e464d-77bb-4302-aa9f-93906a5dcddf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:8000::/40
Signature Algorithm: sha256WithRSAEncryption
22:3c:a9:66:d8:7e:ce:45:69:f4:d0:18:97:85:cf:57:fe:b8:
2b:e2:7e:62:9f:e7:b9:f8:5c:62:30:ae:cc:32:f0:df:97:1a:
bc:61:6e:7b:07:5e:6e:c0:98:f3:66:bc:71:5e:d0:21:8c:25:
8e:2f:a7:dd:fd:0c:d9:d8:26:10:c0:23:2c:53:d0:1d:e9:d8:
0d:aa:87:a4:7b:0a:20:e1:32:5f:92:45:2b:bd:4e:3c:c0:09:
65:bb:5d:84:6f:44:e1:04:2b:7b:c2:79:cd:ef:17:e3:89:f4:
59:ab:d0:58:e5:8d:90:8d:fa:b6:ce:7b:dd:0c:bc:05:68:6b:
6c:f3:b7:6e:33:8e:89:6e:e5:36:c0:c2:cf:08:0e:a4:0b:54:
f2:8f:00:0d:08:4a:b5:8f:e7:f9:6a:84:6b:57:b8:44:36:b1:
5a:f1:03:90:15:f0:3a:db:69:51:8d:a7:fc:22:2a:62:7a:8a:
b8:a0:fb:4b:66:3b:80:5e:77:93:07:e1:57:22:e2:d5:1f:93:
f5:2e:de:13:d8:f3:cb:5f:92:06:a9:c2:bf:79:23:63:94:5c:
25:71:03:9f:c2:29:cb:83:fd:67:b4:f1:c4:a8:15:dc:1c:26:
b7:d8:ce:4b:e4:33:e1:d2:f6:38:0e:d4:10:ed:95:67:7f:99:
6b:05:f1:d0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUVoWRdHb9BAWpT1dwGAHik/WvZUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTYwMDQwMDRaFw0yNjA4MTQyMzU5NTlaMHoxSTBHBgNV
BAUTQGMwYzU5MjdlMDg4NGQxY2UwMTAyMmQ1NDdiMjk1ZWFiMWZkODE0ODBkOGVi
MmI4NWZmMDNkMmNjNGI1M2UwMTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMrAyOs5l3wzADSHdWiP1+rwz1eD4fA9bhEAVjlw0sYKgLw8pSTXz1qlvydc
XQ1C1BoLX3Vk+zXTPnIGyBUuGElPOjM9SScbqWf0vneILMeBiUlhJnRrM1/eett9
+Ixcld8IOrmptWgcN6YN6GIcoZJYp64vK7SDQDkHJJbwoBv2aNEG9sjV8Qahtknk
nZvj8yRR1UwPwmKMKdxVOHfiIRhVui1vay40R+3vV2vUWBv2amD1WgKsAU99wP70
HLFQ0Zkuf2p4wg25bo3kT7bxlAqFc7cI93RpNT1Vip3hEzgDoyP5RhoJ7Z8VrNnB
VPYuxiU+5oXD/URxofE5oX1IhMMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQRG/HX
dW/TCKA/Fd/ZH7gXvKLFBzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2Y3ZTQ2NGQtNzdiYi00MzAyLWFhOWYtOTM5MDZhNWRjZGRmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HuA
MA0GCSqGSIb3DQEBCwUAA4IBAQAiPKlm2H7ORWn00BiXhc9X/rgr4n5in+e5+Fxi
MK7MMvDflxq8YW57B15uwJjzZrxxXtAhjCWOL6fd/QzZ2CYQwCMsU9Ad6dgNqoek
ewog4TJfkkUrvU48wAllu12Eb0ThBCt7wnnN7xfjifRZq9BY5Y2Qjfq2znvdDLwF
aGts87duM46JbuU2wMLPCA6kC1TyjwANCEq1j+f5aoRrV7hENrFa8QOQFfA622lR
jaf8Iipieoq4oPtLZjuAXneTB+FXIuLVH5P1Lt4T2PPLX5IGqcK/eSNjlFwlcQOf
winLg/1ntPHEqBXcHCa32M5L5DPh0vY4DtQQ7ZVnf5lrBfHQ
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:11:53 2026 by rpki-client