Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e2212154-4339-4293-b1a8-15f06519a708.roa
File: e2212154-4339-4293-b1a8-15f06519a708.roa (raw, json)
Hash identifier: a6UqtWmqEhw82xsbWtlHpaV/Syl5Vei3d4YcyVS2mdU=
Subject key identifier: 2B:60:35:02:09:CC:26:4C:B5:FE:A4:25:D3:80:C8:AF:0A:71:08:8D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4CB959DE026AA3272C4A1E41529312F8F8C0EEFA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e2212154-4339-4293-b1a8-15f06519a708.roa
Signing time: Tue 19 May 2026 04:30:07 +0000
ROA not before: Tue 19 May 2026 04:30:07 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06f:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:b9:59:de:02:6a:a3:27:2c:4a:1e:41:52:93:12:f8:f8:c0:ee:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:30:07 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=36dd3ef1a11adc3ff7424f0e163a889344f397a65130fc9b289144d5f5ef9cc9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:a3:16:1d:bc:82:d9:7c:d1:07:72:de:16:e6:
0b:24:06:ff:a9:b4:f2:74:0a:5a:12:cb:b8:9e:8a:
e4:21:78:f7:82:34:93:cc:0d:7c:98:05:cf:20:a6:
e1:2a:50:27:16:5b:5d:bc:d1:f1:7e:9a:1f:67:34:
25:85:79:0c:4f:82:9c:16:e1:c0:32:66:37:a7:65:
42:ec:f9:6e:4d:2d:75:f0:52:3a:df:33:9a:78:e1:
11:78:b3:ec:db:20:fb:ce:34:2d:15:be:6f:94:dc:
55:8b:e9:0f:cb:2d:0d:b0:23:b6:d4:d6:9a:e2:2d:
7c:97:f5:b4:a1:86:16:ce:e0:d2:a3:18:fc:a4:3b:
7f:55:17:a8:ae:d5:07:cb:08:74:ef:fa:3a:e0:4b:
da:4e:f9:51:8c:35:0d:e0:6c:04:6a:6b:90:33:94:
4c:53:0c:54:83:87:3b:d0:bb:0f:0d:0f:94:90:b0:
6b:e1:48:83:38:f7:8b:a0:52:88:b8:15:2e:1f:ec:
8c:3f:ad:5d:af:27:a6:ab:e1:d8:ee:12:29:75:de:
52:d0:b8:4e:31:89:51:bd:3a:0f:2c:a9:0f:f5:f3:
e7:60:16:dd:e2:38:ba:a7:a0:04:e9:2d:24:ad:01:
5a:fc:17:e8:6e:ab:3e:31:14:7f:79:26:d2:9e:e5:
a7:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:60:35:02:09:CC:26:4C:B5:FE:A4:25:D3:80:C8:AF:0A:71:08:8D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e2212154-4339-4293-b1a8-15f06519a708.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:a000::/40
Signature Algorithm: sha256WithRSAEncryption
c9:2d:02:59:0f:01:11:29:b9:bd:b3:3f:bd:35:01:59:e1:9e:
82:8d:4c:e0:7d:8c:48:0b:fe:36:82:cc:27:79:d2:c0:9c:76:
cf:7c:08:7f:b7:7f:39:d2:da:7d:fd:e6:cc:a4:60:3d:0b:01:
42:41:e6:9e:90:eb:f1:b1:f5:5a:c6:94:9c:da:15:f4:7c:08:
6a:02:84:f2:7b:2e:49:70:d8:b9:59:bb:d7:76:4d:a5:f4:39:
21:f3:61:c9:36:2a:88:d3:22:c6:c9:38:54:66:b9:09:7c:77:
f7:40:d9:87:d5:24:e9:0c:ac:2f:0c:5e:f0:3a:2a:6b:4b:f1:
59:3a:56:42:4e:dd:c5:47:c2:4b:e7:bd:aa:27:2e:d0:99:2f:
8c:7f:ca:5c:4d:6b:23:09:0a:d7:d0:60:b8:f2:b1:f5:10:40:
86:fc:da:50:30:f1:8d:e0:40:1f:f7:48:5e:cf:fc:6b:6c:39:
92:cb:5f:3f:7f:91:87:db:0c:45:c1:27:5f:99:06:89:4f:6a:
22:96:fc:58:6b:db:92:f0:5a:40:d9:d4:96:24:06:bd:6c:e5:
bd:45:71:a1:1d:cc:8b:ba:76:4b:3a:00:f2:09:95:65:ed:7c:
05:e2:d7:3f:ac:9e:55:24:ee:90:51:b4:60:18:44:65:ba:5e:
02:e5:25:cb
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUTLlZ3gJqoycsSh5BUpMS+PjA7vowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDMwMDdaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDM2ZGQzZWYxYTExYWRjM2ZmNzQyNGYwZTE2M2E4ODkzNDRmMzk3YTY1MTMw
ZmM5YjI4OTE0NGQ1ZjVlZjljYzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALGjFh28gtl80Qdy3hbmCyQG/6m08nQKWhLLuJ6K5CF494I0k8wNfJgFzyCm
4SpQJxZbXbzR8X6aH2c0JYV5DE+CnBbhwDJmN6dlQuz5bk0tdfBSOt8zmnjhEXiz
7Nsg+840LRW+b5TcVYvpD8stDbAjttTWmuItfJf1tKGGFs7g0qMY/KQ7f1UXqK7V
B8sIdO/6OuBL2k75UYw1DeBsBGprkDOUTFMMVIOHO9C7Dw0PlJCwa+FIgzj3i6BS
iLgVLh/sjD+tXa8npqvh2O4SKXXeUtC4TjGJUb06DyypD/Xz52AW3eI4uqegBOkt
JK0BWvwX6G6rPjEUf3km0p7lp08CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQrYDUC
CcwmTLX+pCXTgMivCnEIjTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTIyMTIxNTQtNDMzOS00MjkzLWIxYTgtMTVmMDY1MTlhNzA4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G+g
MA0GCSqGSIb3DQEBCwUAA4IBAQDJLQJZDwERKbm9sz+9NQFZ4Z6CjUzgfYxIC/42
gswnedLAnHbPfAh/t3850tp9/ebMpGA9CwFCQeaekOvxsfVaxpSc2hX0fAhqAoTy
ey5JcNi5WbvXdk2l9Dkh82HJNiqI0yLGyThUZrkJfHf3QNmH1STpDKwvDF7wOipr
S/FZOlZCTt3FR8JL572qJy7QmS+Mf8pcTWsjCQrX0GC48rH1EECG/NpQMPGN4EAf
90hez/xrbDmSy18/f5GH2wxFwSdfmQaJT2oilvxYa9uS8FpA2dSWJAa9bOW9RXGh
HcyLunZLOgDyCZVl7XwF4tc/rJ5VJO6QUbRgGERlul4C5SXL
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:04:07 2026 by rpki-client