Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d396eb67-6f7e-4d4a-a3dd-e1c99e3d702f.roa
File: d396eb67-6f7e-4d4a-a3dd-e1c99e3d702f.roa (raw, json)
Hash identifier: aFZo737QFkPGsrQ8RAeIQPhm2Nf5bRbVUS5m8zQvxV4=
Subject key identifier: B3:3F:B8:A6:25:8D:81:45:E3:7B:2B:DE:C8:49:96:5A:73:81:82:59
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6F953661F4930E25BCFEAAE0C0C9F6BFAAC15E35
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d396eb67-6f7e-4d4a-a3dd-e1c99e3d702f.roa
Signing time: Fri 22 May 2026 16:02:00 +0000
ROA not before: Fri 22 May 2026 16:02:00 +0000
ROA not after: Thu 20 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07a:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:95:36:61:f4:93:0e:25:bc:fe:aa:e0:c0:c9:f6:bf:aa:c1:5e:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 22 16:02:00 2026 GMT
Not After : Aug 20 23:59:59 2026 GMT
Subject: serialNumber=5aa7ceb516abc312c8d953f6ea1382e3d465ed1eee0215e68f58ab3696271246, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:30:76:f4:1a:a5:d6:50:81:57:6e:92:2f:a9:
d5:ff:4d:e9:18:9f:8f:90:a4:ca:21:24:20:2a:ae:
77:a8:03:f3:76:c4:66:c4:84:b4:a6:0c:8c:2c:42:
b2:f4:2d:9d:9a:0b:bb:2a:bb:a6:da:f4:a3:a4:61:
17:1c:24:c2:92:c3:13:23:26:b7:ce:16:25:9f:96:
62:4f:cc:c0:4f:73:0a:2f:54:04:da:3b:a3:57:34:
6a:f3:6d:d8:54:87:ea:50:bb:ca:c4:e1:2a:5a:ff:
75:ac:fb:47:c8:13:d5:21:04:b3:16:29:6e:06:55:
9b:0c:33:af:02:b4:fa:fc:eb:5f:fb:4e:52:5d:03:
c0:2d:71:3e:c3:58:9b:97:fc:99:63:a3:8c:7d:13:
ad:17:bb:a5:d0:28:e1:a5:de:27:aa:77:6e:e4:39:
0c:43:d4:16:1c:43:f6:a0:ec:21:d5:ff:f3:c4:a5:
90:f0:a1:4c:a5:d2:9e:4f:36:3e:68:a3:a2:17:4d:
0d:7f:a3:3e:e1:d5:94:97:82:95:06:0e:26:f6:1d:
8e:2c:44:a9:ed:ca:fd:74:0b:46:87:f4:cd:f5:80:
6f:76:ed:2f:60:f7:d7:9c:95:8c:64:20:c6:ab:3d:
5c:83:6c:57:03:37:18:6e:f7:f9:c3:2c:39:70:86:
40:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:3F:B8:A6:25:8D:81:45:E3:7B:2B:DE:C8:49:96:5A:73:81:82:59
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d396eb67-6f7e-4d4a-a3dd-e1c99e3d702f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07a:1000::/40
Signature Algorithm: sha256WithRSAEncryption
3d:d6:17:33:43:cd:15:b8:5f:b6:05:ee:c6:c9:b6:d1:46:b1:
82:c9:9e:93:01:73:c1:fc:e8:39:50:89:a6:cf:e3:eb:d4:72:
31:7b:63:13:b6:b8:c1:d9:07:7f:f3:ff:54:e7:d7:67:a2:31:
31:19:8f:92:a5:79:ef:e3:2a:23:43:48:27:8e:9c:16:e4:ea:
7a:7c:4f:1a:cb:af:d0:28:dd:94:81:53:60:d9:c3:d8:5e:db:
7a:49:02:5c:7e:fd:c8:a4:25:e8:38:54:d1:c7:10:21:15:86:
7b:fa:66:e0:3e:11:dd:be:6e:ca:44:03:ae:a4:79:b6:cd:c9:
18:ce:26:c2:05:be:04:be:72:37:16:cf:d8:f0:36:ce:a0:39:
83:45:fd:c5:a7:95:fe:6d:98:46:98:a7:27:c5:f0:cc:1d:63:
9f:b8:30:8d:f5:1e:de:6e:93:f2:7b:d0:de:19:ee:fe:1a:42:
23:6c:69:a3:6f:c2:ba:37:6a:e4:e0:77:2e:6b:97:10:5e:50:
ae:f0:a5:c2:9d:53:05:c5:bc:9e:62:d5:df:1f:d2:6a:c8:7c:
c9:20:be:7f:01:c0:29:86:0b:bd:6e:98:f1:17:13:b7:41:0f:
a4:09:97:5a:1d:06:44:83:8c:7a:e1:9b:81:9a:a5:88:6a:8e:
5d:46:45:4c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUb5U2YfSTDiW8/qrgwMn2v6rBXjUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MjIxNjAyMDBaFw0yNjA4MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDVhYTdjZWI1MTZhYmMzMTJjOGQ5NTNmNmVhMTM4MmUzZDQ2NWVkMWVlZTAy
MTVlNjhmNThhYjM2OTYyNzEyNDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKAwdvQapdZQgVduki+p1f9N6Rifj5CkyiEkICqud6gD83bEZsSEtKYMjCxC
svQtnZoLuyq7ptr0o6RhFxwkwpLDEyMmt84WJZ+WYk/MwE9zCi9UBNo7o1c0avNt
2FSH6lC7ysThKlr/daz7R8gT1SEEsxYpbgZVmwwzrwK0+vzrX/tOUl0DwC1xPsNY
m5f8mWOjjH0TrRe7pdAo4aXeJ6p3buQ5DEPUFhxD9qDsIdX/88SlkPChTKXSnk82
PmijohdNDX+jPuHVlJeClQYOJvYdjixEqe3K/XQLRof0zfWAb3btL2D315yVjGQg
xqs9XINsVwM3GG73+cMsOXCGQH0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSzP7im
JY2BReN7K97ISZZac4GCWTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDM5NmViNjctNmY3ZS00ZDRhLWEzZGQtZTFjOTllM2Q3MDJmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HoQ
MA0GCSqGSIb3DQEBCwUAA4IBAQA91hczQ80VuF+2Be7GybbRRrGCyZ6TAXPB/Og5
UImmz+Pr1HIxe2MTtrjB2Qd/8/9U59dnojExGY+SpXnv4yojQ0gnjpwW5Op6fE8a
y6/QKN2UgVNg2cPYXtt6SQJcfv3IpCXoOFTRxxAhFYZ7+mbgPhHdvm7KRAOupHm2
zckYzibCBb4EvnI3Fs/Y8DbOoDmDRf3Fp5X+bZhGmKcnxfDMHWOfuDCN9R7ebpPy
e9DeGe7+GkIjbGmjb8K6N2rk4Hcua5cQXlCu8KXCnVMFxbyeYtXfH9JqyHzJIL5/
AcAphgu9bpjxFxO3QQ+kCZdaHQZEg4x64ZuBmqWIao5dRkVM
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:03:34 2026 by rpki-client