Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ed4fb2e2-531d-453d-9efc-d69a8a9e2312.roa
File: ed4fb2e2-531d-453d-9efc-d69a8a9e2312.roa (raw, json)
Hash identifier: u6jgjZXryE+wODByaRDCD0z7fbpFsJfBRB9/fjFjKVk=
Subject key identifier: 91:1D:97:E5:4A:34:FA:F6:17:6B:70:6E:A4:44:BD:C5:8B:5C:C6:7C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0A605F84C33EFA862DF52FDEBC0FA1BE5FA970F9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ed4fb2e2-531d-453d-9efc-d69a8a9e2312.roa
Signing time: Sat 16 May 2026 00:40:04 +0000
ROA not before: Sat 16 May 2026 00:40:04 +0000
ROA not after: Fri 14 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:8000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:60:5f:84:c3:3e:fa:86:2d:f5:2f:de:bc:0f:a1:be:5f:a9:70:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 16 00:40:04 2026 GMT
Not After : Aug 14 23:59:59 2026 GMT
Subject: serialNumber=a64e57ab8fa254c1f66aabec97f17204d37ab77b3d1e458f1be6be976a2def46, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:8d:37:7a:5f:ae:61:1e:8d:d5:ec:bb:a5:2a:
63:cd:67:3a:33:1c:51:47:31:ec:1d:c6:41:b0:09:
a7:9e:83:99:26:83:81:c3:d0:04:8b:50:39:b4:d0:
77:41:1c:b6:8c:f9:77:97:01:cc:93:64:54:03:85:
41:65:f8:3b:a6:14:67:24:1e:48:c3:9f:ed:28:6a:
68:a1:47:0d:33:e1:99:66:61:4b:8c:b0:12:61:76:
eb:aa:4a:53:12:56:da:57:4c:11:ba:d5:05:4f:6c:
78:76:17:4d:51:6d:5c:0c:99:54:dd:96:42:3b:16:
d8:2d:da:ea:e8:2d:cf:2d:ec:84:ab:59:a9:c6:13:
67:dd:4a:68:13:11:6b:1f:14:68:f1:c3:e2:2a:66:
30:3f:93:a0:51:61:b3:ec:6e:d5:38:f7:2e:9c:6f:
36:47:9c:2a:54:62:a7:66:d9:b3:de:8d:72:35:ab:
98:8d:3f:20:6a:f0:b0:07:e9:db:a8:43:23:53:6a:
5f:0b:06:83:43:4d:2c:37:e6:95:8b:46:b4:70:42:
71:ab:bd:81:1f:84:08:59:72:87:dc:6d:c5:0a:be:
ab:47:88:52:fd:e9:22:36:87:27:ee:09:45:74:c0:
fc:45:d8:e4:40:a5:26:72:99:73:fd:26:cf:f1:27:
3f:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:1D:97:E5:4A:34:FA:F6:17:6B:70:6E:A4:44:BD:C5:8B:5C:C6:7C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ed4fb2e2-531d-453d-9efc-d69a8a9e2312.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:8000::/40
Signature Algorithm: sha256WithRSAEncryption
9f:1c:23:99:7b:b1:01:1a:4b:26:50:88:1e:66:72:81:07:12:
6d:00:31:f0:0c:d7:49:d3:78:35:43:6a:50:f3:a6:64:c1:fa:
58:e9:5b:93:9b:74:f1:91:aa:39:ac:c6:8e:41:44:5b:2c:f3:
2b:51:3f:9b:3a:aa:f6:9e:37:e2:b7:30:9b:cb:2c:59:91:90:
ee:a9:4d:15:49:fb:89:bc:d2:76:75:bb:4d:24:c0:28:dd:79:
38:cf:81:61:9c:21:95:30:4d:ef:4f:86:22:49:86:05:0c:6c:
27:08:56:9f:91:57:89:cb:62:02:f0:2f:24:48:68:9d:4c:5a:
88:d4:69:2c:81:c5:a0:54:e0:42:db:bc:9f:7a:aa:b6:9e:64:
47:6a:ae:80:8e:23:74:4f:12:98:42:c4:c6:9e:53:32:e5:19:
bc:00:a1:92:5f:fa:38:a7:f8:a0:14:80:c5:16:7a:a0:74:56:
5e:06:3e:86:6e:59:4b:dc:92:83:db:5e:9c:d8:f5:65:9f:7b:
b4:44:84:ef:b1:fc:1e:5c:3d:3f:43:22:7c:5a:bc:39:71:56:
6e:d3:c7:a7:8a:43:c0:d0:04:77:ba:fb:e1:58:f6:f3:aa:21:
ac:d4:2c:d7:12:7c:42:0a:42:27:d8:d2:17:ae:e1:2e:66:e2:
4a:d7:8c:5f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCmBfhMM++oYt9S/evA+hvl+pcPkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTYwMDQwMDRaFw0yNjA4MTQyMzU5NTlaMHoxSTBHBgNV
BAUTQGE2NGU1N2FiOGZhMjU0YzFmNjZhYWJlYzk3ZjE3MjA0ZDM3YWI3N2IzZDFl
NDU4ZjFiZTZiZTk3NmEyZGVmNDYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKWNN3pfrmEejdXsu6UqY81nOjMcUUcx7B3GQbAJp56DmSaDgcPQBItQObTQ
d0Ectoz5d5cBzJNkVAOFQWX4O6YUZyQeSMOf7ShqaKFHDTPhmWZhS4ywEmF266pK
UxJW2ldMEbrVBU9seHYXTVFtXAyZVN2WQjsW2C3a6ugtzy3shKtZqcYTZ91KaBMR
ax8UaPHD4ipmMD+ToFFhs+xu1Tj3LpxvNkecKlRip2bZs96NcjWrmI0/IGrwsAfp
26hDI1NqXwsGg0NNLDfmlYtGtHBCcau9gR+ECFlyh9xtxQq+q0eIUv3pIjaHJ+4J
RXTA/EXY5EClJnKZc/0mz/EnP9MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSRHZfl
SjT69hdrcG6kRL3Fi1zGfDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWQ0ZmIyZTItNTMxZC00NTNkLTllZmMtZDY5YThhOWUyMzEyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DWA
MA0GCSqGSIb3DQEBCwUAA4IBAQCfHCOZe7EBGksmUIgeZnKBBxJtADHwDNdJ03g1
Q2pQ86ZkwfpY6VuTm3Txkao5rMaOQURbLPMrUT+bOqr2njfitzCbyyxZkZDuqU0V
SfuJvNJ2dbtNJMAo3Xk4z4FhnCGVME3vT4YiSYYFDGwnCFafkVeJy2IC8C8kSGid
TFqI1GksgcWgVOBC27yfeqq2nmRHaq6AjiN0TxKYQsTGnlMy5Rm8AKGSX/o4p/ig
FIDFFnqgdFZeBj6GbllL3JKD216c2PVln3u0RITvsfweXD0/QyJ8Wrw5cVZu08en
ikPA0AR3uvvhWPbzqiGs1CzXEnxCCkIn2NIXruEuZuJK14xf
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:10:59 2026 by rpki-client