Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d79852cc-835c-4a8a-8412-323c0281d4bf.roa
File: d79852cc-835c-4a8a-8412-323c0281d4bf.roa (raw, json)
Hash identifier: YaTRCICW6IdAnXGf7MMH+EinbH1PcYrUbQLNKSd1TL8=
Subject key identifier: 24:81:9A:D2:06:D3:C6:90:91:14:A3:A3:5D:69:B0:66:54:4A:D5:0B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 18D140BCB49805D19C88C30A778766696AA3704B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d79852cc-835c-4a8a-8412-323c0281d4bf.roa
Signing time: Fri 15 May 2026 03:50:12 +0000
ROA not before: Fri 15 May 2026 03:50:12 +0000
ROA not after: Thu 13 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:d1:40:bc:b4:98:05:d1:9c:88:c3:0a:77:87:66:69:6a:a3:70:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 15 03:50:12 2026 GMT
Not After : Aug 13 23:59:59 2026 GMT
Subject: serialNumber=9c0141d7fdbf497cb9f46b567e7040f534ccb8479fc86e3141f24f8b86ebbd01, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:d8:91:99:e7:42:72:f8:c4:42:18:cb:0d:fa:
d3:27:0e:9c:48:b1:94:af:be:14:47:0a:37:ca:02:
42:7f:aa:d9:83:86:b9:23:18:f1:c5:59:8a:20:d1:
bf:8c:7d:a5:58:3c:a6:a3:c0:13:1f:95:6c:3c:47:
7c:a8:65:f9:6d:f2:7c:9e:71:d2:7b:e6:2d:06:c7:
8e:3c:91:f2:68:c4:8b:e7:e7:34:38:85:27:25:7c:
fd:79:f2:f1:f5:47:ba:76:e5:64:43:bd:d6:47:a1:
04:dd:4e:2c:e0:d1:41:37:fb:d0:a2:2c:14:7f:ab:
86:7e:6b:63:f6:0e:16:e8:04:f4:b4:9a:d7:df:d6:
f4:b8:8a:d0:14:bf:0c:ef:f0:05:d0:05:7d:9b:dd:
55:80:3a:c1:9b:39:51:20:b2:4e:50:1b:b0:d1:03:
e0:0e:1d:48:c4:ae:5d:f2:17:a4:79:16:45:3a:88:
b1:f6:f1:b4:11:61:a1:f3:df:8d:00:07:88:95:e0:
c1:a4:e0:71:b4:34:49:1e:dd:5e:45:f8:3a:6a:e3:
42:2b:9b:4d:85:bd:26:5a:d6:cd:44:12:31:76:e2:
66:d9:e6:a1:33:5f:0f:85:93:b5:b4:60:9f:a3:1e:
66:05:2c:dd:85:ef:3e:d3:b1:88:a8:ab:fd:ae:8a:
77:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:81:9A:D2:06:D3:C6:90:91:14:A3:A3:5D:69:B0:66:54:4A:D5:0B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d79852cc-835c-4a8a-8412-323c0281d4bf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:6000::/40
Signature Algorithm: sha256WithRSAEncryption
47:18:57:31:4c:41:74:b7:2e:a9:c5:31:62:c5:1e:f8:3d:aa:
5d:26:d9:2c:08:dc:b6:75:89:cf:57:10:0a:0e:b9:46:0f:5b:
04:86:b9:59:41:bd:ad:77:69:e5:9a:b1:f6:1b:32:64:6a:73:
f8:c6:88:5e:7c:33:99:68:99:f3:76:01:92:b3:b3:49:6c:54:
4a:30:55:91:81:3a:60:cf:63:0f:5d:cb:7f:db:77:67:2b:0c:
d0:3a:e8:90:f8:71:e8:6b:d0:f1:4b:a4:75:1e:34:e4:e7:16:
15:7b:7e:1a:f6:94:ff:f8:e7:5f:a1:e8:d2:c7:0a:67:d4:3d:
9c:f7:fb:23:68:a6:cc:42:1e:a1:7b:3a:c7:e7:fa:9c:1f:a2:
7a:f4:55:f2:ed:2a:d3:04:a9:97:95:a6:12:1b:41:21:b3:f9:
04:a4:55:67:4f:8d:26:e8:34:0f:1a:65:2e:7c:f5:a4:2e:85:
fa:9e:30:28:20:50:f5:fe:0f:66:45:f4:89:6c:34:83:94:12:
1f:0d:9e:3e:55:c6:26:5a:28:c4:06:0b:8a:a6:a2:66:02:4e:
86:e9:cc:33:d7:14:ab:ee:c7:e2:d0:94:c2:42:40:93:a6:2c:
33:33:b2:da:fe:3b:8b:55:42:70:0c:c0:b2:33:0b:fb:6a:18:
d9:f8:60:e4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUGNFAvLSYBdGciMMKd4dmaWqjcEswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTUwMzUwMTJaFw0yNjA4MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDljMDE0MWQ3ZmRiZjQ5N2NiOWY0NmI1NjdlNzA0MGY1MzRjY2I4NDc5ZmM4
NmUzMTQxZjI0ZjhiODZlYmJkMDExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKXYkZnnQnL4xEIYyw360ycOnEixlK++FEcKN8oCQn+q2YOGuSMY8cVZiiDR
v4x9pVg8pqPAEx+VbDxHfKhl+W3yfJ5x0nvmLQbHjjyR8mjEi+fnNDiFJyV8/Xny
8fVHunblZEO91kehBN1OLODRQTf70KIsFH+rhn5rY/YOFugE9LSa19/W9LiK0BS/
DO/wBdAFfZvdVYA6wZs5USCyTlAbsNED4A4dSMSuXfIXpHkWRTqIsfbxtBFhofPf
jQAHiJXgwaTgcbQ0SR7dXkX4OmrjQiubTYW9JlrWzUQSMXbiZtnmoTNfD4WTtbRg
n6MeZgUs3YXvPtOxiKir/a6Kd20CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQkgZrS
BtPGkJEUo6NdabBmVErVCzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDc5ODUyY2MtODM1Yy00YThhLTg0MTItMzIzYzAyODFkNGJmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Htg
MA0GCSqGSIb3DQEBCwUAA4IBAQBHGFcxTEF0ty6pxTFixR74PapdJtksCNy2dYnP
VxAKDrlGD1sEhrlZQb2td2nlmrH2GzJkanP4xohefDOZaJnzdgGSs7NJbFRKMFWR
gTpgz2MPXct/23dnKwzQOuiQ+HHoa9DxS6R1HjTk5xYVe34a9pT/+OdfoejSxwpn
1D2c9/sjaKbMQh6hezrH5/qcH6J69FXy7SrTBKmXlaYSG0Ehs/kEpFVnT40m6DQP
GmUufPWkLoX6njAoIFD1/g9mRfSJbDSDlBIfDZ4+VcYmWijEBguKpqJmAk6G6cwz
1xSr7sfi0JTCQkCTpiwzM7La/juLVUJwDMCyMwv7ahjZ+GDk
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:00:04 2026 by rpki-client