Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e615fea3-3826-4c59-9574-72fb6cc8f2ee.roa
File: e615fea3-3826-4c59-9574-72fb6cc8f2ee.roa (raw, json)
Hash identifier: slFQWGGm9nbed6fxUcOw1abVlTcAmvxWfaqzeGHD9k4=
Subject key identifier: EC:B9:93:6C:3E:68:FB:E0:A8:10:A8:C1:EB:C3:AC:7F:96:A7:9E:AE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3A9A33E14CC6B084ECF5150B0C30427AC3309130
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e615fea3-3826-4c59-9574-72fb6cc8f2ee.roa
Signing time: Fri 15 May 2026 02:00:04 +0000
ROA not before: Fri 15 May 2026 02:00:04 +0000
ROA not after: Thu 13 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:a000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:9a:33:e1:4c:c6:b0:84:ec:f5:15:0b:0c:30:42:7a:c3:30:91:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 15 02:00:04 2026 GMT
Not After : Aug 13 23:59:59 2026 GMT
Subject: serialNumber=eb4f38266e84f016972f432c529de78d2e88f15e4c9c4baa55e06a67486c901f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:23:66:af:d7:20:90:da:88:96:06:39:4c:12:
33:c9:b6:d5:b2:57:87:58:5a:54:ee:5b:f0:96:05:
83:74:c2:97:65:d6:88:cf:b3:57:dd:f4:1d:40:5e:
d6:25:4e:d8:2a:76:2e:3c:29:39:c9:fa:15:6f:62:
59:67:6f:6e:ba:d7:de:01:9c:28:74:77:90:c3:af:
8d:66:20:0d:f8:62:69:de:d0:62:20:79:b1:8f:10:
1c:d7:6a:a4:2d:70:1f:f7:e7:aa:d5:8a:ce:7e:9f:
59:95:74:33:1f:c0:91:58:2f:18:56:15:02:d9:d0:
99:c4:30:d2:1d:f4:ad:b6:2a:65:36:da:3e:54:18:
2f:23:a2:43:14:f3:ce:06:2b:f5:ed:3d:cd:40:8d:
86:46:c7:33:66:1a:be:8a:9d:f3:a8:ef:38:5a:e3:
27:99:bf:7f:50:40:ff:83:54:0a:11:e6:9a:c7:cc:
5f:8d:50:de:0a:fa:5f:b8:60:84:3b:50:67:3f:76:
51:d4:2f:26:24:31:dd:e4:d5:39:bd:2a:0c:ca:bc:
50:b4:b1:db:10:b7:ce:71:f6:fb:86:10:62:2c:45:
9c:aa:79:80:c3:cc:d3:d2:c5:44:f7:64:28:61:3b:
16:1e:30:db:70:8d:ef:e3:c0:27:9b:1d:fb:2c:27:
68:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:B9:93:6C:3E:68:FB:E0:A8:10:A8:C1:EB:C3:AC:7F:96:A7:9E:AE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e615fea3-3826-4c59-9574-72fb6cc8f2ee.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:a000::/40
Signature Algorithm: sha256WithRSAEncryption
77:f2:ea:d4:2a:fb:0f:c3:a3:8b:01:c1:19:1c:ce:21:4d:9e:
ce:46:75:48:b4:59:ff:fc:e7:08:9b:39:d5:bd:dc:6b:5f:b5:
33:9d:ab:94:b7:40:d6:bf:aa:c0:ba:99:84:84:0d:72:c7:f8:
23:86:81:64:10:ed:06:a0:72:48:af:d1:f3:88:22:bf:6a:fc:
19:3f:b3:f9:ac:a2:83:a7:b0:02:bd:5c:ca:5e:1f:86:83:33:
94:b6:dc:80:68:be:93:eb:ea:db:5e:98:c9:71:d5:6e:b5:0a:
8b:31:58:3f:16:44:26:cd:b9:61:c2:d7:7b:74:6a:24:3d:8a:
49:db:5f:86:a1:c7:c4:17:f4:24:9b:1e:ce:76:c9:e7:50:ab:
87:0f:03:ef:70:14:99:a5:80:bf:79:19:cb:21:3b:ac:28:9b:
a9:2c:0f:a0:fb:7e:67:82:16:e1:aa:30:6d:0e:af:79:30:2f:
9b:38:d8:87:c6:93:33:39:51:a5:a0:79:6f:ce:de:79:96:30:
23:84:07:61:cf:49:ce:dc:db:b8:3a:20:80:28:df:91:33:ab:
cf:d7:3c:61:bd:1b:af:04:37:bf:9f:4a:1d:b3:b1:d6:a0:a3:
e3:ac:2c:2e:47:3e:78:d7:8a:0f:51:66:9e:4a:a2:11:9e:b8:
6c:bb:72:57
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOpoz4UzGsITs9RULDDBCesMwkTAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTUwMjAwMDRaFw0yNjA4MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGViNGYzODI2NmU4NGYwMTY5NzJmNDMyYzUyOWRlNzhkMmU4OGYxNWU0Yzlj
NGJhYTU1ZTA2YTY3NDg2YzkwMWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANYjZq/XIJDaiJYGOUwSM8m21bJXh1haVO5b8JYFg3TCl2XWiM+zV930HUBe
1iVO2Cp2LjwpOcn6FW9iWWdvbrrX3gGcKHR3kMOvjWYgDfhiad7QYiB5sY8QHNdq
pC1wH/fnqtWKzn6fWZV0Mx/AkVgvGFYVAtnQmcQw0h30rbYqZTbaPlQYLyOiQxTz
zgYr9e09zUCNhkbHM2Yavoqd86jvOFrjJ5m/f1BA/4NUChHmmsfMX41Q3gr6X7hg
hDtQZz92UdQvJiQx3eTVOb0qDMq8ULSx2xC3znH2+4YQYixFnKp5gMPM09LFRPdk
KGE7Fh4w23CN7+PAJ5sd+ywnaGMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTsuZNs
Pmj74KgQqMHrw6x/lqeerjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTYxNWZlYTMtMzgyNi00YzU5LTk1NzQtNzJmYjZjYzhmMmVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hag
MA0GCSqGSIb3DQEBCwUAA4IBAQB38urUKvsPw6OLAcEZHM4hTZ7ORnVItFn//OcI
mznVvdxrX7UznauUt0DWv6rAupmEhA1yx/gjhoFkEO0GoHJIr9HziCK/avwZP7P5
rKKDp7ACvVzKXh+GgzOUttyAaL6T6+rbXpjJcdVutQqLMVg/FkQmzblhwtd7dGok
PYpJ21+GocfEF/Qkmx7OdsnnUKuHDwPvcBSZpYC/eRnLITusKJupLA+g+35nghbh
qjBtDq95MC+bONiHxpMzOVGloHlvzt55ljAjhAdhz0nO3Nu4OiCAKN+RM6vP1zxh
vRuvBDe/n0ods7HWoKPjrCwuRz5414oPUWaeSqIRnrhsu3JX
-----END CERTIFICATE-----
Generated at Sat Jun 13 07:59:38 2026 by rpki-client