Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e5179068-cbcf-4f9a-864d-3c97430c84f4.roa
File: e5179068-cbcf-4f9a-864d-3c97430c84f4.roa (raw, json)
Hash identifier: cHKKZ0lTRrLr20NoINleHcbF7+hLMszZoW7Msyik36g=
Subject key identifier: DE:D7:80:A6:9F:5A:73:95:7C:32:A6:32:B6:7E:68:65:15:70:61:AA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6290E59C9161150B5972A84CBBC0DB360A212E80
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e5179068-cbcf-4f9a-864d-3c97430c84f4.roa
Signing time: Tue 19 May 2026 05:30:10 +0000
ROA not before: Tue 19 May 2026 05:30:10 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d015::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:90:e5:9c:91:61:15:0b:59:72:a8:4c:bb:c0:db:36:0a:21:2e:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:30:10 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=5337bf1ba17664ebe05bdffd81430fd7837838817906cde29df4b69fd75a35a7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:fb:16:38:a1:14:6e:9a:f4:0e:d6:6a:20:a9:
85:ab:24:9e:6d:ce:27:aa:95:3b:f4:80:28:97:e4:
6b:37:92:59:66:8b:c2:1b:be:a7:e9:41:95:49:e7:
ba:e5:65:8a:54:a8:8e:81:ff:cc:fc:df:e2:a7:73:
84:88:ac:97:d3:e5:5f:80:80:d3:9e:e5:09:6c:f2:
5f:9e:8d:97:ea:72:6e:91:23:ce:ff:43:a4:02:62:
eb:04:42:1c:aa:2d:4b:5b:06:cb:d3:a3:e7:14:4e:
4b:75:55:06:14:07:f0:93:7b:65:11:df:39:2b:fc:
93:76:98:b8:b6:03:1a:00:15:95:79:dc:07:e0:3a:
e5:fb:aa:ab:54:88:dd:61:7b:46:10:eb:23:80:05:
bf:d7:86:43:80:a7:e6:34:9e:cc:df:b6:ab:5a:eb:
c0:7d:42:85:e8:da:26:eb:af:3d:64:cd:62:cb:98:
61:a0:e6:22:9f:84:2d:ca:26:af:53:7a:91:8c:b5:
d5:66:dd:7f:4f:a9:96:55:3d:99:f7:ae:2b:90:08:
25:5a:cf:df:4f:bf:ba:39:d3:ff:44:cc:94:f6:43:
40:3e:85:ee:0e:a5:4c:33:71:62:a2:d3:dc:7f:b6:
41:c0:16:2b:9c:7c:4f:23:c1:a7:89:e7:e9:0d:9c:
79:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:D7:80:A6:9F:5A:73:95:7C:32:A6:32:B6:7E:68:65:15:70:61:AA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e5179068-cbcf-4f9a-864d-3c97430c84f4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d015::/38
Signature Algorithm: sha256WithRSAEncryption
99:8b:c0:61:e9:ad:6f:8a:70:97:66:e2:cc:33:69:10:cd:c4:
c1:c4:2d:9e:59:90:5b:5a:ad:f3:3d:50:43:c1:0a:a6:9c:ad:
51:ac:b5:fd:3c:ce:9b:3c:d9:7a:a7:63:86:df:3a:ac:de:4c:
70:e1:c8:8d:34:d3:d4:b4:3d:3f:06:6a:df:2f:ea:21:6f:f0:
05:b0:ad:b4:67:e8:95:a6:39:23:99:95:62:09:81:db:3d:ed:
76:bb:15:67:e6:86:fe:b5:5f:35:32:3c:d2:14:a8:7e:f7:29:
84:33:88:c7:f2:67:4f:f9:b5:0a:e9:09:bc:0c:51:ab:01:10:
52:21:f3:3e:ec:1f:30:c3:8a:cd:5e:c4:68:0a:6b:69:52:39:
c3:63:4a:92:38:6b:53:fc:8a:38:f0:80:ac:a0:bb:3a:26:94:
cd:c9:5c:95:e5:3c:d0:f3:57:d4:d6:c3:ee:ed:d6:c6:9e:dd:
71:6f:43:c6:3a:97:0e:48:68:67:76:93:a3:90:d8:39:e9:60:
aa:69:f4:08:91:0e:41:cc:a6:58:42:20:1f:50:9e:34:af:dd:
90:4a:30:79:1a:49:96:42:8d:ad:6a:e0:6b:05:a1:5f:3e:24:
78:77:8a:21:ed:6f:7f:e0:00:df:70:f1:eb:6b:3f:8e:71:a6:
a8:ba:ed:c2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUYpDlnJFhFQtZcqhMu8DbNgohLoAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTMwMTBaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDUzMzdiZjFiYTE3NjY0ZWJlMDViZGZmZDgxNDMwZmQ3ODM3ODM4ODE3OTA2
Y2RlMjlkZjRiNjlmZDc1YTM1YTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL37FjihFG6a9A7WaiCphasknm3OJ6qVO/SAKJfkazeSWWaLwhu+p+lBlUnn
uuVlilSojoH/zPzf4qdzhIisl9PlX4CA057lCWzyX56Nl+pybpEjzv9DpAJi6wRC
HKotS1sGy9Oj5xROS3VVBhQH8JN7ZRHfOSv8k3aYuLYDGgAVlXncB+A65fuqq1SI
3WF7RhDrI4AFv9eGQ4Cn5jSezN+2q1rrwH1ChejaJuuvPWTNYsuYYaDmIp+ELcom
r1N6kYy11Wbdf0+pllU9mfeuK5AIJVrP30+/ujnT/0TMlPZDQD6F7g6lTDNxYqLT
3H+2QcAWK5x8TyPBp4nn6Q2cecMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTe14Cm
n1pzlXwypjK2fmhlFXBhqjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTUxNzkwNjgtY2JjZi00ZjlhLTg2NGQtM2M5NzQzMGM4NGY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BUA
MA0GCSqGSIb3DQEBCwUAA4IBAQCZi8Bh6a1vinCXZuLMM2kQzcTBxC2eWZBbWq3z
PVBDwQqmnK1RrLX9PM6bPNl6p2OG3zqs3kxw4ciNNNPUtD0/BmrfL+ohb/AFsK20
Z+iVpjkjmZViCYHbPe12uxVn5ob+tV81MjzSFKh+9ymEM4jH8mdP+bUK6Qm8DFGr
ARBSIfM+7B8ww4rNXsRoCmtpUjnDY0qSOGtT/Io48ICsoLs6JpTNyVyV5TzQ81fU
1sPu7dbGnt1xb0PGOpcOSGhndpOjkNg56WCqafQIkQ5BzKZYQiAfUJ40r92QSjB5
GkmWQo2tauBrBaFfPiR4d4oh7W9/4ADfcPHraz+Ocaaouu3C
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:25:09 2026 by rpki-client