Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f19a1ce3-3726-4d8d-8d3a-b2ec0509cc76.roa
File: f19a1ce3-3726-4d8d-8d3a-b2ec0509cc76.roa (raw, json)
Hash identifier: GRZr3MS11U5cRmonfHX9TMMnKbyigkYkBTUsXgGVFLc=
Subject key identifier: 56:8A:D5:EA:ED:FE:11:B7:9D:21:FE:88:4A:8B:35:BB:FC:8C:96:A0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3CE9B87A383BF7B5B09DFDEF0AF984159AFFCB0C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f19a1ce3-3726-4d8d-8d3a-b2ec0509cc76.roa
Signing time: Tue 19 May 2026 05:01:12 +0000
ROA not before: Tue 19 May 2026 05:01:12 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:9000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:e9:b8:7a:38:3b:f7:b5:b0:9d:fd:ef:0a:f9:84:15:9a:ff:cb:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:01:12 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=52be24d209454c4493d6e90cf1585109a9e86208f9034fd0ce312f506a0671ef, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:99:b7:ed:0a:37:cf:55:d2:51:a6:1f:3d:ad:
6c:e8:37:7b:f5:3c:79:fb:8e:8f:a8:a1:e4:af:32:
5c:a6:5c:15:be:9a:9f:55:d3:10:16:25:ba:3d:6c:
9e:47:a6:15:29:77:e3:ca:b8:54:fa:78:b3:5e:b9:
26:cf:68:b2:ee:83:f1:7b:c9:4c:d4:46:0e:62:6e:
c7:22:09:c8:eb:c4:69:43:99:4e:c9:df:c5:05:aa:
e8:2b:e0:64:d1:a7:fa:46:65:57:8d:1e:43:6a:1f:
d1:3d:49:d9:f1:8e:61:e2:7d:c1:54:53:cf:a6:bd:
23:6e:39:cc:2b:df:9a:da:16:20:eb:3a:73:41:4a:
e8:1f:de:8a:19:22:88:c8:3c:ac:9c:7f:39:f2:c7:
64:25:aa:ea:6e:f1:ee:a8:46:4b:c6:68:c3:7a:cd:
d7:60:37:52:ef:56:44:1d:80:7b:35:aa:b1:04:16:
95:69:7c:70:69:b5:4d:33:63:cc:9b:87:c8:2c:39:
d3:5d:5b:03:82:e6:c6:b8:2f:7e:d2:0b:df:8c:d9:
48:99:ff:93:88:78:4d:48:6b:a5:22:a6:b5:6c:a7:
64:df:44:62:1d:3f:18:59:75:f8:cc:08:29:ba:a0:
3d:aa:0d:8e:8b:ec:19:4e:df:6f:22:6e:d6:06:91:
1b:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:8A:D5:EA:ED:FE:11:B7:9D:21:FE:88:4A:8B:35:BB:FC:8C:96:A0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f19a1ce3-3726-4d8d-8d3a-b2ec0509cc76.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:9000::/40
Signature Algorithm: sha256WithRSAEncryption
03:25:26:d1:ab:51:d8:06:94:e5:aa:d1:73:2c:28:00:be:97:
85:c7:4b:a3:52:07:8d:16:ce:ff:15:f7:be:fa:23:fa:0b:ed:
fb:eb:5f:ae:80:e0:b0:4f:58:0f:ce:58:31:ab:8e:08:1c:f1:
0e:32:78:66:55:0f:81:b0:a0:30:f0:00:fd:e5:46:e5:a3:15:
5b:89:09:14:9e:55:a5:85:b5:4f:41:74:4b:93:f8:9f:f6:ae:
88:4c:0d:d9:21:9f:0c:3d:93:6e:dc:d8:8e:9e:75:91:67:21:
82:6f:77:66:0a:33:ea:f0:fe:e6:8d:6e:cd:97:2c:d3:30:18:
98:47:18:20:a0:18:17:a8:a8:61:2f:43:8f:35:e1:5a:37:88:
42:58:6b:7b:42:4a:c4:64:a1:dd:b4:3a:e1:15:d0:75:18:6a:
bd:dd:53:08:a4:40:b3:ae:a0:11:22:bf:32:a1:c2:6b:40:0f:
b9:14:71:e2:37:2f:7b:40:d7:46:97:6d:46:3f:c4:29:3a:1c:
0d:32:df:11:a4:79:45:7f:d8:d6:90:0e:54:a5:89:cb:b0:e0:
c7:e4:41:10:41:6f:30:be:f1:d2:0d:e3:7b:72:93:98:7c:b0:
6e:2f:7d:ea:91:21:e7:ab:70:c4:1e:37:05:b4:ef:b6:f9:6a:
03:b7:16:e1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUPOm4ejg797Wwnf3vCvmEFZr/ywwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTAxMTJaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDUyYmUyNGQyMDk0NTRjNDQ5M2Q2ZTkwY2YxNTg1MTA5YTllODYyMDhmOTAz
NGZkMGNlMzEyZjUwNmEwNjcxZWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANWZt+0KN89V0lGmHz2tbOg3e/U8efuOj6ih5K8yXKZcFb6an1XTEBYluj1s
nkemFSl348q4VPp4s165Js9osu6D8XvJTNRGDmJuxyIJyOvEaUOZTsnfxQWq6Cvg
ZNGn+kZlV40eQ2of0T1J2fGOYeJ9wVRTz6a9I245zCvfmtoWIOs6c0FK6B/eihki
iMg8rJx/OfLHZCWq6m7x7qhGS8Zow3rN12A3Uu9WRB2AezWqsQQWlWl8cGm1TTNj
zJuHyCw5011bA4LmxrgvftIL34zZSJn/k4h4TUhrpSKmtWynZN9EYh0/GFl1+MwI
KbqgPaoNjovsGU7fbyJu1gaRG4cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRWitXq
7f4Rt50h/ohKizW7/IyWoDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjE5YTFjZTMtMzcyNi00ZDhkLThkM2EtYjJlYzA1MDljYzc2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ACQ
MA0GCSqGSIb3DQEBCwUAA4IBAQADJSbRq1HYBpTlqtFzLCgAvpeFx0ujUgeNFs7/
Ffe++iP6C+3761+ugOCwT1gPzlgxq44IHPEOMnhmVQ+BsKAw8AD95UbloxVbiQkU
nlWlhbVPQXRLk/if9q6ITA3ZIZ8MPZNu3NiOnnWRZyGCb3dmCjPq8P7mjW7NlyzT
MBiYRxggoBgXqKhhL0OPNeFaN4hCWGt7QkrEZKHdtDrhFdB1GGq93VMIpECzrqAR
Ir8yocJrQA+5FHHiNy97QNdGl21GP8QpOhwNMt8RpHlFf9jWkA5UpYnLsODH5EEQ
QW8wvvHSDeN7cpOYfLBuL33qkSHnq3DEHjcFtO+2+WoDtxbh
-----END CERTIFICATE-----
Generated at Sat Jun 13 11:33:08 2026 by rpki-client