Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7fccc2a-aa8a-4cbc-89d7-d6a8ca121ba0.roa
File: f7fccc2a-aa8a-4cbc-89d7-d6a8ca121ba0.roa (raw, json)
Hash identifier: 7LeZKZV2AaY3x1KsmlyH8xaxASXG5KteuV7HNjy6p5Y=
Subject key identifier: 80:6C:A9:22:B7:60:F5:25:32:B8:D7:D4:47:4A:8E:D4:61:4B:C2:EF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 26910D7D1E946A5FE7AED03DE112D4FD06767CCA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7fccc2a-aa8a-4cbc-89d7-d6a8ca121ba0.roa
Signing time: Tue 19 May 2026 04:40:26 +0000
ROA not before: Tue 19 May 2026 04:40:26 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d019::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:91:0d:7d:1e:94:6a:5f:e7:ae:d0:3d:e1:12:d4:fd:06:76:7c:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:40:26 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=2542ffff560b1270e77a9a63d90c99e8c5f5b989ba18cfd400898ae2029b4275, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:58:96:b3:6c:03:18:8a:45:a7:aa:a2:ef:f7:
e5:8a:3a:54:21:e5:1d:37:db:9e:5f:24:1c:6a:32:
20:19:ba:82:9b:c5:5f:e8:99:0b:37:8b:5f:e3:9f:
55:5b:22:e5:d2:e8:4f:f4:13:5c:1a:65:39:ec:9a:
e3:6f:f0:aa:31:89:f2:1d:f9:66:24:aa:8d:51:6a:
d5:5c:8a:86:62:a0:fe:16:95:7c:d8:ea:ec:7f:ef:
66:c4:af:97:d6:38:f0:7d:ed:57:24:17:4e:85:60:
a3:97:02:8a:99:ba:22:5d:07:80:10:2a:10:87:a6:
2c:70:0f:5f:bf:6b:35:a7:d4:8b:4b:90:8c:e6:14:
39:92:35:50:bc:b7:11:5e:38:2f:df:e4:f8:d4:14:
ae:da:fc:ac:76:5d:ee:3e:1d:3b:6c:40:10:aa:83:
fa:ab:d0:fd:a8:0e:3a:be:27:cc:d1:08:e8:3a:08:
20:15:3d:f9:41:51:a2:c3:20:f4:32:b0:23:ea:ed:
7f:d3:65:60:7f:53:ff:58:51:00:4b:b5:02:aa:91:
74:25:0b:af:0a:3a:4d:90:ef:0d:7c:c2:f9:5d:c3:
0f:38:a9:93:1f:92:1b:34:46:84:1b:84:5a:c5:7a:
3c:a4:f6:1b:a6:1c:1a:0a:a7:8b:d6:14:90:6e:fe:
62:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:6C:A9:22:B7:60:F5:25:32:B8:D7:D4:47:4A:8E:D4:61:4B:C2:EF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f7fccc2a-aa8a-4cbc-89d7-d6a8ca121ba0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d019::/36
Signature Algorithm: sha256WithRSAEncryption
62:c6:e1:33:b3:1f:73:c0:3d:81:41:6d:3f:5d:09:d7:7c:2e:
32:7b:f8:98:d6:f6:eb:c8:3d:24:d9:8f:0b:b5:11:e7:c0:e6:
e7:98:93:31:86:2c:74:6a:38:51:00:0e:26:c8:d0:be:5a:d7:
fc:c6:06:2d:15:44:f0:ad:a3:e3:1b:67:e9:44:2d:45:2a:8f:
4a:5b:7e:d3:08:91:d8:08:b3:dc:ba:78:1b:fc:6a:2e:3f:fd:
e0:c3:98:84:34:fa:b2:d0:1e:59:fa:7b:a1:ea:be:7c:a0:9d:
22:f2:e7:a4:7f:76:97:46:a7:51:68:df:89:32:6f:f9:53:6b:
6f:2a:c5:d4:80:ff:a4:63:52:7b:51:71:52:2d:21:54:19:58:
4f:69:dc:31:d2:f8:ad:7f:be:81:3f:d1:a2:97:17:67:2b:82:
a0:84:19:39:97:10:47:4a:2d:35:ab:2c:b9:d0:39:3b:14:f6:
03:f4:14:3c:d1:9f:14:61:4b:15:5a:58:c1:14:e7:d2:af:11:
b9:87:25:43:e2:f7:d2:91:2d:59:51:8f:26:5d:62:39:c0:b1:
11:30:fc:dd:c1:4b:cf:8c:99:44:ea:d1:5d:8a:72:af:48:1e:
64:5f:a3:89:c9:cf:55:69:b6:a8:0e:5a:00:52:3c:aa:7c:d7:
cb:97:92:db
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJpENfR6Ual/nrtA94RLU/QZ2fMowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDQwMjZaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDI1NDJmZmZmNTYwYjEyNzBlNzdhOWE2M2Q5MGM5OWU4YzVmNWI5ODliYTE4
Y2ZkNDAwODk4YWUyMDI5YjQyNzUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALVYlrNsAxiKRaeqou/35Yo6VCHlHTfbnl8kHGoyIBm6gpvFX+iZCzeLX+Of
VVsi5dLoT/QTXBplOeya42/wqjGJ8h35ZiSqjVFq1VyKhmKg/haVfNjq7H/vZsSv
l9Y48H3tVyQXToVgo5cCipm6Il0HgBAqEIemLHAPX79rNafUi0uQjOYUOZI1ULy3
EV44L9/k+NQUrtr8rHZd7j4dO2xAEKqD+qvQ/agOOr4nzNEI6DoIIBU9+UFRosMg
9DKwI+rtf9NlYH9T/1hRAEu1AqqRdCULrwo6TZDvDXzC+V3DDzipkx+SGzRGhBuE
WsV6PKT2G6YcGgqni9YUkG7+YksCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSAbKki
t2D1JTK419RHSo7UYUvC7zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjdmY2NjMmEtYWE4YS00Y2JjLTg5ZDctZDZhOGNhMTIxYmEwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BkA
MA0GCSqGSIb3DQEBCwUAA4IBAQBixuEzsx9zwD2BQW0/XQnXfC4ye/iY1vbryD0k
2Y8LtRHnwObnmJMxhix0ajhRAA4myNC+Wtf8xgYtFUTwraPjG2fpRC1FKo9KW37T
CJHYCLPcungb/GouP/3gw5iENPqy0B5Z+nuh6r58oJ0i8uekf3aXRqdRaN+JMm/5
U2tvKsXUgP+kY1J7UXFSLSFUGVhPadwx0vitf76BP9GilxdnK4KghBk5lxBHSi01
qyy50Dk7FPYD9BQ80Z8UYUsVWljBFOfSrxG5hyVD4vfSkS1ZUY8mXWI5wLERMPzd
wUvPjJlE6tFdinKvSB5kX6OJyc9VabaoDloAUjyqfNfLl5Lb
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:11:57 2026 by rpki-client