Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d3564159-9d8d-43eb-bf55-66a4445d2727.roa
File: d3564159-9d8d-43eb-bf55-66a4445d2727.roa (raw, json)
Hash identifier: YTIe0LWHuO7VHuKHg4Q2PZQMN8mNQ+3W2iEc5EH+Woo=
Subject key identifier: 43:02:0F:51:C6:E6:E2:C1:56:52:FE:70:49:0D:D0:F2:02:65:72:51
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 531BD3C24BEA92B3446143E177C4B5E73D07287F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d3564159-9d8d-43eb-bf55-66a4445d2727.roa
Signing time: Tue 19 May 2026 05:30:59 +0000
ROA not before: Tue 19 May 2026 05:30:59 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:b000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:1b:d3:c2:4b:ea:92:b3:44:61:43:e1:77:c4:b5:e7:3d:07:28:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:30:59 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=e2a3080695e770e528c58e8e6a743998dd5edaddc43cd5314ab380855e53c72c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:c2:e2:6d:56:c0:ae:2c:d7:a5:b8:10:26:6e:
53:8e:25:f6:3a:3c:43:ea:c0:93:53:db:ae:51:3f:
30:7e:00:46:f6:69:b2:fb:cb:b6:bd:3c:e2:2c:ea:
df:ed:c3:67:39:f4:88:34:31:c1:9f:fd:10:8a:a6:
a3:f9:85:32:c0:3e:8f:1a:86:54:89:f9:f0:df:70:
db:c4:30:6d:68:0d:29:ba:57:19:db:fb:bd:5e:f6:
e9:c8:83:97:86:4d:e2:f3:a6:0b:65:61:10:4d:ef:
24:67:b9:26:f7:f2:a9:fa:24:30:3c:4d:83:77:70:
ce:91:a3:70:3e:dc:72:15:16:63:2f:f5:0a:43:27:
cf:72:ed:c5:f7:d2:fa:2a:88:87:f5:fc:32:00:c4:
c6:2e:3b:72:76:19:ea:2d:67:04:7e:06:ad:9a:a9:
64:5b:e7:dd:a3:20:8a:3b:0d:de:e2:e9:58:97:7d:
20:99:63:fb:5f:a9:c2:4e:02:55:da:6b:ce:e3:4e:
aa:17:f8:0d:ae:f5:5d:c9:40:17:9f:85:d7:1a:ea:
68:62:81:b2:8f:76:95:0e:19:12:ce:96:72:53:67:
1f:df:8f:75:f9:97:f6:f8:f8:5e:7e:ac:22:1c:e7:
27:4b:3f:52:ed:d9:3c:6a:85:ee:31:e4:94:9a:89:
19:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:02:0F:51:C6:E6:E2:C1:56:52:FE:70:49:0D:D0:F2:02:65:72:51
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d3564159-9d8d-43eb-bf55-66a4445d2727.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:b000::/40
Signature Algorithm: sha256WithRSAEncryption
34:6d:22:37:b9:2a:9b:33:9f:cd:71:db:8e:25:66:cb:98:cd:
6c:de:37:2c:ef:01:29:88:98:c1:98:02:0e:31:27:22:6a:2f:
11:10:d7:7d:76:c3:6f:94:25:9d:2d:26:08:3d:ca:e3:f1:f9:
fc:71:52:6d:ec:6b:78:9c:b3:e1:19:de:0f:a2:42:c0:17:af:
66:25:49:80:ef:7b:34:80:96:a2:98:bf:28:66:3a:16:f7:21:
01:db:fc:04:47:6a:f6:07:f1:20:8b:31:d9:c4:21:41:a0:35:
03:13:fd:35:4a:40:01:62:2d:60:31:0f:67:37:3b:88:6b:74:
ab:1b:7d:e4:ab:de:d6:fa:bb:c4:27:65:28:47:96:56:c1:56:
ff:c7:58:9b:34:dd:24:a0:48:da:18:07:b7:6f:db:65:19:f6:
5d:93:ad:56:8b:78:7e:a8:f9:41:66:69:81:6a:f3:65:a9:da:
5a:21:74:5d:a5:b9:9b:8f:78:3b:56:59:5a:a9:77:8f:e4:de:
75:13:a2:1d:5f:8d:8a:bd:1f:d3:97:ef:ed:31:9a:06:94:2c:
46:96:1e:21:6c:5a:02:aa:99:ce:5e:53:bd:9b:b1:ba:26:e6:
33:2b:57:9c:08:3b:a4:a6:eb:e0:9a:fc:48:fd:fd:33:ee:fc:
2d:cd:ac:f0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUUxvTwkvqkrNEYUPhd8S15z0HKH8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTMwNTlaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGUyYTMwODA2OTVlNzcwZTUyOGM1OGU4ZTZhNzQzOTk4ZGQ1ZWRhZGRjNDNj
ZDUzMTRhYjM4MDg1NWU1M2M3MmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKrC4m1WwK4s16W4ECZuU44l9jo8Q+rAk1PbrlE/MH4ARvZpsvvLtr084izq
3+3DZzn0iDQxwZ/9EIqmo/mFMsA+jxqGVIn58N9w28QwbWgNKbpXGdv7vV726ciD
l4ZN4vOmC2VhEE3vJGe5JvfyqfokMDxNg3dwzpGjcD7cchUWYy/1CkMnz3LtxffS
+iqIh/X8MgDExi47cnYZ6i1nBH4GrZqpZFvn3aMgijsN3uLpWJd9IJlj+1+pwk4C
VdprzuNOqhf4Da71XclAF5+F1xrqaGKBso92lQ4ZEs6WclNnH9+PdfmX9vj4Xn6s
IhznJ0s/Uu3ZPGqF7jHklJqJGZcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRDAg9R
xubiwVZS/nBJDdDyAmVyUTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDM1NjQxNTktOWQ4ZC00M2ViLWJmNTUtNjZhNDQ0NWQyNzI3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Haw
MA0GCSqGSIb3DQEBCwUAA4IBAQA0bSI3uSqbM5/NcduOJWbLmM1s3jcs7wEpiJjB
mAIOMSciai8RENd9dsNvlCWdLSYIPcrj8fn8cVJt7Gt4nLPhGd4PokLAF69mJUmA
73s0gJaimL8oZjoW9yEB2/wER2r2B/EgizHZxCFBoDUDE/01SkABYi1gMQ9nNzuI
a3SrG33kq97W+rvEJ2UoR5ZWwVb/x1ibNN0koEjaGAe3b9tlGfZdk61Wi3h+qPlB
ZmmBavNlqdpaIXRdpbmbj3g7VllaqXeP5N51E6IdX42KvR/Tl+/tMZoGlCxGlh4h
bFoCqpnOXlO9m7G6JuYzK1ecCDukpuvgmvxI/f0z7vwtzazw
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:11:42 2026 by rpki-client