Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e396d806-dffa-4609-8ae4-1e8fdbde728e.roa
File: e396d806-dffa-4609-8ae4-1e8fdbde728e.roa (raw, json)
Hash identifier: K13H7TykPJEsK0cjmws+a6Ddm7H7nbghtCTux3OZqlM=
Subject key identifier: 31:5C:F0:50:E5:49:DF:43:AA:D4:F0:5D:8F:7E:F7:2E:2B:66:73:66
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5464D11ED09DBE5E336F1F305C140451D6465E23
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e396d806-dffa-4609-8ae4-1e8fdbde728e.roa
Signing time: Tue 19 May 2026 05:01:14 +0000
ROA not before: Tue 19 May 2026 05:01:14 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:a0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:64:d1:1e:d0:9d:be:5e:33:6f:1f:30:5c:14:04:51:d6:46:5e:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:01:14 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=58bc002734db0e221d9f54692b140c7bafb384a650f2ae57533f446c235cc47d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:7e:a3:9c:6b:3c:7b:b1:53:f0:ee:f8:8a:58:
6f:1d:c7:3c:b0:4a:6b:20:d9:53:be:c3:0c:1c:dd:
51:30:2a:d6:cd:b7:95:fb:a3:53:2e:29:7f:7c:d1:
fa:83:00:75:5c:15:23:83:51:1d:3a:85:52:da:ed:
96:a3:ad:44:7c:30:a9:2f:e8:d7:dd:4b:2a:aa:83:
da:a2:91:4f:69:60:4a:c1:1d:be:83:65:26:c1:36:
48:d9:00:09:6c:98:f8:db:81:93:92:d9:4e:61:fe:
9d:bd:89:79:89:92:f8:e2:8e:1e:1f:b9:69:8a:3c:
48:5a:5a:41:49:ec:79:c6:7f:25:54:35:25:84:c5:
38:a1:47:f8:ff:5f:76:37:3b:10:51:63:ef:b1:e4:
9c:d8:3a:af:6a:c5:1c:68:2a:05:69:c1:a1:0e:2c:
8f:31:8e:df:ca:9c:85:94:ec:05:df:8d:ff:83:e1:
ab:63:4a:91:07:f6:62:a9:ca:86:8b:70:ad:af:37:
fd:90:7d:8b:da:ec:67:53:cd:bf:27:1d:eb:5b:df:
48:c9:f8:55:1b:88:f2:50:6f:ef:37:f5:96:b4:3b:
bc:85:f7:19:6c:af:33:7e:a7:9f:2e:1e:ec:66:54:
e2:7b:12:73:4e:9d:94:f1:ce:f2:48:85:5e:ee:55:
1b:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:5C:F0:50:E5:49:DF:43:AA:D4:F0:5D:8F:7E:F7:2E:2B:66:73:66
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e396d806-dffa-4609-8ae4-1e8fdbde728e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:a0c0::/48
Signature Algorithm: sha256WithRSAEncryption
07:4a:50:c5:0c:60:ac:06:0d:73:86:98:ad:69:23:71:de:4a:
35:cb:e9:ab:9d:cb:0a:b4:fb:3d:6d:27:8a:9d:24:58:d8:72:
c9:a2:a9:78:df:8e:04:c8:24:7a:34:b0:6b:a4:13:69:ee:f2:
9f:13:7c:d9:b0:6a:d9:c2:87:f0:bb:1c:ef:b3:7e:89:66:5f:
7b:ce:b4:c1:0b:d8:d9:21:98:ef:2e:29:15:28:d4:31:0b:88:
55:02:fa:82:b8:af:4c:1b:4b:a5:1e:34:19:49:4b:85:68:64:
56:b1:53:a1:56:16:b2:93:a9:c2:df:d2:ff:92:81:3b:c1:ed:
78:3a:46:f6:ed:4a:f0:c4:e7:b9:11:87:59:67:02:b8:07:14:
87:83:50:71:af:f3:e0:80:ac:6f:43:8e:1b:7f:5e:18:bf:23:
b4:d2:39:77:ee:36:d5:42:9d:90:a5:41:b2:5a:10:43:4e:33:
0f:b1:f1:bb:b4:bd:fb:3a:02:7c:f9:dd:96:c5:f7:c4:71:8f:
78:85:f6:12:64:3d:ad:18:f5:ea:7d:16:4e:cc:ef:8d:5e:a7:
fc:f9:9e:6d:a0:8e:31:55:6e:da:28:e7:03:d5:8f:da:58:ea:
1b:c9:f1:c5:3e:56:8a:ed:29:cf:26:9f:91:b6:c0:31:be:d2:
e6:9b:3d:ec
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUVGTRHtCdvl4zbx8wXBQEUdZGXiMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTAxMTRaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDU4YmMwMDI3MzRkYjBlMjIxZDlmNTQ2OTJiMTQwYzdiYWZiMzg0YTY1MGYy
YWU1NzUzM2Y0NDZjMjM1Y2M0N2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALd+o5xrPHuxU/Du+IpYbx3HPLBKayDZU77DDBzdUTAq1s23lfujUy4pf3zR
+oMAdVwVI4NRHTqFUtrtlqOtRHwwqS/o191LKqqD2qKRT2lgSsEdvoNlJsE2SNkA
CWyY+NuBk5LZTmH+nb2JeYmS+OKOHh+5aYo8SFpaQUnsecZ/JVQ1JYTFOKFH+P9f
djc7EFFj77HknNg6r2rFHGgqBWnBoQ4sjzGO38qchZTsBd+N/4Phq2NKkQf2YqnK
hotwra83/ZB9i9rsZ1PNvycd61vfSMn4VRuI8lBv7zf1lrQ7vIX3GWyvM36nny4e
7GZU4nsSc06dlPHO8kiFXu5VG+UCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQxXPBQ
5UnfQ6rU8F2PfvcuK2ZzZjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTM5NmQ4MDYtZGZmYS00NjA5LThhZTQtMWU4ZmRiZGU3MjhlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HKg
wDANBgkqhkiG9w0BAQsFAAOCAQEAB0pQxQxgrAYNc4aYrWkjcd5KNcvpq53LCrT7
PW0nip0kWNhyyaKpeN+OBMgkejSwa6QTae7ynxN82bBq2cKH8Lsc77N+iWZfe860
wQvY2SGY7y4pFSjUMQuIVQL6grivTBtLpR40GUlLhWhkVrFToVYWspOpwt/S/5KB
O8HteDpG9u1K8MTnuRGHWWcCuAcUh4NQca/z4ICsb0OOG39eGL8jtNI5d+421UKd
kKVBsloQQ04zD7Hxu7S9+zoCfPndlsX3xHGPeIX2EmQ9rRj16n0WTszvjV6n/Pme
baCOMVVu2ijnA9WP2ljqG8nxxT5Wiu0pzyafkbbAMb7S5ps97A==
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:44:09 2026 by rpki-client