Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f76388e2-5824-485d-aa99-c7ea5a481aa2.roa
File: f76388e2-5824-485d-aa99-c7ea5a481aa2.roa (raw, json)
Hash identifier: Jh9jW1hTKXRZxCuvcJfPCS1m5uCC6EtriOLvcxJRGQ4=
Subject key identifier: 8E:FD:85:0D:89:63:84:C2:71:34:12:89:1F:62:9B:63:66:C1:59:5D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 46701F839333EFC2300B1C025D8F338FAD8E03A7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f76388e2-5824-485d-aa99-c7ea5a481aa2.roa
Signing time: Tue 19 May 2026 05:10:58 +0000
ROA not before: Tue 19 May 2026 05:10:58 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:e000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:70:1f:83:93:33:ef:c2:30:0b:1c:02:5d:8f:33:8f:ad:8e:03:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:10:58 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=6e06f0ed7ba0e4e3385696e04bec2e1c19cf031971601cce4acc7567c8f00210, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:fa:6d:95:72:65:d2:de:d9:82:d4:18:2b:35:
57:6e:ca:b3:b2:2f:69:e2:a5:d1:03:f3:e9:19:c9:
c7:28:94:2d:e3:ff:b8:38:49:d8:53:8e:54:4c:0f:
50:87:8b:7e:17:34:47:22:41:4f:ba:92:cc:c4:60:
b0:45:f1:0f:4c:3d:8c:ab:39:d5:dc:4a:e4:1f:61:
98:3f:49:04:bf:68:b9:67:ee:a6:bb:b8:9f:df:53:
ab:40:89:0d:a5:69:13:b6:ce:14:75:dd:de:e5:19:
8d:61:9d:e3:32:ec:31:72:3e:c7:7c:82:ef:ab:5a:
94:59:ab:a2:7e:10:ad:48:52:72:16:5f:19:ac:7f:
8f:5a:32:c5:f9:15:ef:90:16:59:35:30:bc:3c:99:
fd:52:82:e8:f8:dc:86:89:86:5e:b0:4f:29:d3:32:
14:b8:1f:1d:18:57:c2:88:a5:ad:4f:ec:42:e0:85:
f9:e8:0b:2d:04:22:75:f5:61:a8:25:08:7d:a2:11:
c3:b9:e5:1f:36:30:d0:c5:1c:8f:25:fb:86:e5:bd:
bf:d0:06:9d:a9:78:74:2c:bb:b7:f2:f3:43:3d:d2:
4e:bd:4e:f0:3b:77:47:ff:85:59:cf:e6:47:51:07:
76:9f:a9:5d:83:0e:fb:0e:24:7c:81:6d:03:7a:19:
9a:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:FD:85:0D:89:63:84:C2:71:34:12:89:1F:62:9B:63:66:C1:59:5D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f76388e2-5824-485d-aa99-c7ea5a481aa2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:e000::/40
Signature Algorithm: sha256WithRSAEncryption
9c:29:1c:7d:b6:e3:58:d8:bf:d4:cc:e0:89:11:ce:41:ce:7b:
05:4e:07:2d:b8:a0:05:41:28:57:ee:c2:b2:85:6f:62:83:f3:
2b:8f:50:85:7e:d0:1c:4c:64:91:a4:27:dd:5e:83:bf:27:78:
2d:61:a5:0b:48:91:ed:c1:7c:99:52:e8:f7:4c:eb:35:10:90:
ba:16:c7:70:6b:4e:af:ea:d1:c1:f7:71:99:0f:99:1f:18:1b:
df:ed:b4:08:93:a6:fc:ca:f9:03:1f:9a:56:60:ce:f2:3f:85:
9e:d3:f2:a7:ac:17:50:f9:c7:8a:bf:b8:cf:d4:50:75:41:e3:
31:06:35:2f:8a:d2:1d:ff:8b:f8:12:1c:2c:17:42:10:9c:5a:
90:3c:97:e0:0c:44:e7:52:56:f0:18:fe:30:be:15:50:7c:9f:
21:ae:16:88:8b:ff:77:b8:2d:6f:00:38:8b:c2:1d:25:c2:da:
0b:33:fb:8b:5b:03:0f:dd:76:be:67:a7:4e:4b:9b:c6:7e:18:
9d:e3:a7:f4:04:89:24:2c:71:14:1e:03:e1:0f:7f:1d:f3:4e:
72:1c:fb:c6:35:b3:1f:26:a6:87:ad:87:b6:77:8e:6c:cb:44:
71:8f:d8:88:3e:fb:27:9c:f3:2c:d3:58:78:05:c4:b2:99:34:
41:1e:b9:3c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURnAfg5Mz78IwCxwCXY8zj62OA6cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTEwNThaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDZlMDZmMGVkN2JhMGU0ZTMzODU2OTZlMDRiZWMyZTFjMTljZjAzMTk3MTYw
MWNjZTRhY2M3NTY3YzhmMDAyMTAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANH6bZVyZdLe2YLUGCs1V27Ks7IvaeKl0QPz6RnJxyiULeP/uDhJ2FOOVEwP
UIeLfhc0RyJBT7qSzMRgsEXxD0w9jKs51dxK5B9hmD9JBL9ouWfupru4n99Tq0CJ
DaVpE7bOFHXd3uUZjWGd4zLsMXI+x3yC76talFmron4QrUhSchZfGax/j1oyxfkV
75AWWTUwvDyZ/VKC6PjchomGXrBPKdMyFLgfHRhXwoilrU/sQuCF+egLLQQidfVh
qCUIfaIRw7nlHzYw0MUcjyX7huW9v9AGnal4dCy7t/LzQz3STr1O8Dt3R/+FWc/m
R1EHdp+pXYMO+w4kfIFtA3oZmlECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSO/YUN
iWOEwnE0EokfYptjZsFZXTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Zjc2Mzg4ZTItNTgyNC00ODVkLWFhOTktYzdlYTVhNDgxYWEyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H/g
MA0GCSqGSIb3DQEBCwUAA4IBAQCcKRx9tuNY2L/UzOCJEc5BznsFTgctuKAFQShX
7sKyhW9ig/Mrj1CFftAcTGSRpCfdXoO/J3gtYaULSJHtwXyZUuj3TOs1EJC6Fsdw
a06v6tHB93GZD5kfGBvf7bQIk6b8yvkDH5pWYM7yP4We0/KnrBdQ+ceKv7jP1FB1
QeMxBjUvitId/4v4EhwsF0IQnFqQPJfgDETnUlbwGP4wvhVQfJ8hrhaIi/93uC1v
ADiLwh0lwtoLM/uLWwMP3Xa+Z6dOS5vGfhid46f0BIkkLHEUHgPhD38d805yHPvG
NbMfJqaHrYe2d45sy0Rxj9iIPvsnnPMs01h4BcSymTRBHrk8
-----END CERTIFICATE-----
Generated at Sat Jun 13 11:33:01 2026 by rpki-client