Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dc148af9-68cc-4a7f-b7fd-6ac691016888.roa
File: dc148af9-68cc-4a7f-b7fd-6ac691016888.roa (raw, json)
Hash identifier: Znf0L6ddPSZvbnExmji1qNOBch75EkHxztinJsi34ZY=
Subject key identifier: 26:E0:8B:01:C0:DF:79:64:3A:FB:F8:E4:CA:78:D8:74:95:C7:66:76
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1776834CCCEE3B3E0F10AEDCC18D8DEE5A2A08B3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dc148af9-68cc-4a7f-b7fd-6ac691016888.roa
Signing time: Tue 19 May 2026 04:40:42 +0000
ROA not before: Tue 19 May 2026 04:40:42 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d025::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:76:83:4c:cc:ee:3b:3e:0f:10:ae:dc:c1:8d:8d:ee:5a:2a:08:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:40:42 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=456df48c9a5081512d62877d83a9dcf2d3516e5c36e26cdb3eb28c75b72850b2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:32:ae:4c:80:f6:05:b9:ef:16:b3:d8:ae:8d:
f2:1c:94:0c:4f:cd:59:7b:b7:5f:bc:6b:95:05:81:
ae:9e:9e:86:00:4a:1e:ed:23:ba:fe:1a:6a:a9:03:
5d:9a:6f:73:dc:16:e5:91:b0:25:49:0a:19:5e:cf:
ae:8f:22:cb:62:c6:7c:fa:3d:6c:d2:1d:30:3b:e2:
2c:40:21:86:47:03:5b:ae:d2:12:90:99:09:63:86:
38:40:1a:ec:b1:9c:66:21:a9:c2:f3:99:84:9c:0e:
14:a2:e7:ae:e5:8f:77:cf:10:7e:19:77:ab:87:c9:
ad:27:48:8a:e9:6d:5e:17:95:75:32:93:11:11:c1:
07:85:e1:a1:3c:a9:ee:52:da:66:01:01:87:f4:ad:
fd:8a:f7:13:92:91:17:d7:5e:a2:d0:a7:c7:d4:93:
ff:7d:ba:30:13:1c:31:ed:e3:5f:43:3b:75:df:91:
d5:62:7d:fe:25:6a:94:be:4e:b3:0f:70:1e:38:a8:
7f:f0:4b:8f:18:b2:f7:c4:7a:0d:cb:29:94:eb:5e:
07:62:aa:4c:4a:0e:c7:e6:25:38:de:92:eb:33:b6:
41:9b:66:be:f4:3d:4a:1b:02:67:52:8b:03:22:17:
2a:41:f2:1b:06:af:bf:f5:a2:29:da:a7:89:46:d5:
f3:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:E0:8B:01:C0:DF:79:64:3A:FB:F8:E4:CA:78:D8:74:95:C7:66:76
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dc148af9-68cc-4a7f-b7fd-6ac691016888.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d025::/36
Signature Algorithm: sha256WithRSAEncryption
24:4f:bc:8a:1a:4c:9d:77:7b:5e:c3:3f:e1:5b:fd:ad:89:f1:
b0:ac:98:83:3b:a8:8d:eb:53:3a:69:db:f6:a2:51:92:72:2c:
b7:55:e8:ed:b9:08:61:e2:34:1a:e0:c0:32:d0:03:1f:0e:f8:
30:50:91:9c:ae:6d:f4:05:41:32:4a:81:ee:ac:f2:12:1e:f0:
fd:03:dc:7b:65:57:7c:01:31:ee:4b:35:9d:b6:b4:7c:9f:bd:
1c:90:12:49:d1:2a:bb:74:d5:0b:7b:5f:b9:79:ae:88:a3:30:
bf:e5:22:c3:67:ab:6e:04:08:2c:79:89:af:5c:33:d3:b4:4e:
4e:55:c9:1f:af:07:18:b8:c7:83:26:33:90:4e:15:9d:15:3a:
1f:5b:35:1a:bd:5c:de:96:97:9d:8f:07:17:29:c2:06:b4:66:
3b:40:73:de:6b:05:03:3a:a7:2e:6f:d2:35:91:84:db:76:ee:
f4:6c:36:ee:97:92:d4:69:39:aa:4f:0a:e7:fe:f7:98:05:b3:
f9:ae:d2:56:00:0f:5e:76:2b:24:b3:39:c4:12:80:31:f6:20:
ea:47:5c:63:2e:1a:8f:a2:a1:36:90:23:59:b3:02:3c:cb:7c:
12:a2:f5:32:fb:0e:d7:c1:d5:48:4c:1a:7f:b5:46:63:f9:58:
1d:30:80:6f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUF3aDTMzuOz4PEK7cwY2N7loqCLMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDQwNDJaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ1NmRmNDhjOWE1MDgxNTEyZDYyODc3ZDgzYTlkY2YyZDM1MTZlNWMzNmUy
NmNkYjNlYjI4Yzc1YjcyODUwYjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK4yrkyA9gW57xaz2K6N8hyUDE/NWXu3X7xrlQWBrp6ehgBKHu0juv4aaqkD
XZpvc9wW5ZGwJUkKGV7Pro8iy2LGfPo9bNIdMDviLEAhhkcDW67SEpCZCWOGOEAa
7LGcZiGpwvOZhJwOFKLnruWPd88Qfhl3q4fJrSdIiultXheVdTKTERHBB4XhoTyp
7lLaZgEBh/St/Yr3E5KRF9deotCnx9ST/326MBMcMe3jX0M7dd+R1WJ9/iVqlL5O
sw9wHjiof/BLjxiy98R6DcsplOteB2KqTEoOx+YlON6S6zO2QZtmvvQ9ShsCZ1KL
AyIXKkHyGwavv/WiKdqniUbV86MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQm4IsB
wN95ZDr7+OTKeNh0lcdmdjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGMxNDhhZjktNjhjYy00YTdmLWI3ZmQtNmFjNjkxMDE2ODg4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CUA
MA0GCSqGSIb3DQEBCwUAA4IBAQAkT7yKGkydd3tewz/hW/2tifGwrJiDO6iN61M6
adv2olGSciy3VejtuQhh4jQa4MAy0AMfDvgwUJGcrm30BUEySoHurPISHvD9A9x7
ZVd8ATHuSzWdtrR8n70ckBJJ0Sq7dNULe1+5ea6IozC/5SLDZ6tuBAgseYmvXDPT
tE5OVckfrwcYuMeDJjOQThWdFTofWzUavVzelpedjwcXKcIGtGY7QHPeawUDOqcu
b9I1kYTbdu70bDbul5LUaTmqTwrn/veYBbP5rtJWAA9edisksznEEoAx9iDqR1xj
LhqPoqE2kCNZswI8y3wSovUy+w7XwdVITBp/tUZj+VgdMIBv
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:25:01 2026 by rpki-client