Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f9753974-947c-42c4-885b-aa94c43c56a0.roa
File: f9753974-947c-42c4-885b-aa94c43c56a0.roa (raw, json)
Hash identifier: 3opG3f28CKav9q+yvsXfTRX/jGk99vXlvS8oAjxzWlU=
Subject key identifier: E5:CF:0E:83:0C:7E:F8:C2:EA:2F:69:6E:49:8F:09:58:18:41:2A:1B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 63FE6F9CC45E7A2DEA2D253FA47D631A3A06D23B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f9753974-947c-42c4-885b-aa94c43c56a0.roa
Signing time: Tue 19 May 2026 04:30:27 +0000
ROA not before: Tue 19 May 2026 04:30:27 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:a0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:fe:6f:9c:c4:5e:7a:2d:ea:2d:25:3f:a4:7d:63:1a:3a:06:d2:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:30:27 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=1c10f670340b908ecf3a8a32c512d79ece95f929692fe755edfae187ccef31f0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:a9:f9:e8:8c:c8:35:39:cd:79:26:fa:a1:51:
1a:21:4d:10:9c:5c:47:48:30:34:32:77:8a:a3:33:
87:7d:17:c4:c0:45:fb:4c:28:d3:71:bf:bc:f2:5f:
81:c7:34:32:ed:28:9f:7e:93:16:bb:43:a6:ef:de:
d3:8e:db:f3:73:4b:fe:9e:f8:84:4e:3f:ac:8a:23:
63:64:b1:88:fd:62:75:dc:05:28:53:be:17:fb:c2:
c1:75:97:d0:eb:0d:03:89:d4:d4:cb:35:ea:f1:e5:
dc:a7:54:d6:93:9e:01:e2:b2:fa:3a:a2:e5:8b:18:
1e:b6:c4:c3:95:b7:a6:c8:60:d3:4c:65:ff:b2:7d:
4b:9a:b3:a7:23:4e:00:84:8f:96:01:4b:b5:cb:c4:
bc:a0:1a:35:dd:57:77:49:57:1d:a6:07:e0:89:20:
1f:25:39:ec:63:a0:a8:7d:4d:ce:e7:85:9a:61:58:
57:14:c1:ff:6e:c6:c8:1b:fe:0c:50:b6:5b:78:b1:
e3:3a:70:94:b3:42:bd:8f:3c:30:2f:71:b1:92:a8:
a1:84:7e:7e:8b:28:1a:93:dc:94:1f:a7:9f:c7:f5:
d1:75:43:8a:61:e6:a1:a0:c2:a5:b2:84:7f:0d:9e:
76:ce:cd:f2:35:56:c9:1d:0a:50:64:aa:ad:27:97:
e8:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:CF:0E:83:0C:7E:F8:C2:EA:2F:69:6E:49:8F:09:58:18:41:2A:1B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f9753974-947c-42c4-885b-aa94c43c56a0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:a0c0::/48
Signature Algorithm: sha256WithRSAEncryption
13:f5:da:00:38:ba:75:d2:ae:62:a3:a9:d4:61:88:2e:58:7d:
c6:2a:8e:1a:a2:10:1d:f9:0b:03:30:a8:2e:b9:0f:0d:97:cd:
e2:e5:53:f0:ce:4c:aa:67:7b:fa:f5:47:40:8c:72:4a:92:4b:
11:3a:ab:32:d0:64:12:f9:97:42:5a:09:6a:33:61:d9:71:f1:
74:7f:fe:fb:dd:88:18:46:50:a3:76:f2:0b:9e:02:c8:38:c0:
47:63:e0:54:04:b8:ac:37:5d:f9:ae:7d:95:fc:92:b6:74:1a:
a5:52:2b:be:21:fe:f6:fd:fd:26:3b:65:e5:26:2d:a9:81:c7:
0d:43:e3:94:44:7c:82:86:ad:9a:9a:1f:87:32:00:08:76:16:
1a:49:36:54:80:1b:b5:ef:3d:c7:84:92:da:f2:e0:86:1b:61:
2a:5f:b0:34:bb:8e:5d:8f:9c:5a:4a:6d:01:4b:80:a4:f3:ef:
f5:8f:a2:1f:f6:b6:33:66:7c:98:55:f2:1e:3f:27:f7:28:4c:
54:61:90:94:ab:1d:bb:b8:89:9a:85:08:bc:19:92:75:05:76:
d9:be:91:52:36:24:8c:6c:b3:5a:8e:a9:a3:97:cc:06:13:9d:
4c:b2:61:b9:c8:68:12:48:39:db:86:24:e6:c7:da:ad:4f:66:
e3:b3:1e:54
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUY/5vnMReei3qLSU/pH1jGjoG0jswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDMwMjdaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDFjMTBmNjcwMzQwYjkwOGVjZjNhOGEzMmM1MTJkNzllY2U5NWY5Mjk2OTJm
ZTc1NWVkZmFlMTg3Y2NlZjMxZjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK2p+eiMyDU5zXkm+qFRGiFNEJxcR0gwNDJ3iqMzh30XxMBF+0wo03G/vPJf
gcc0Mu0on36TFrtDpu/e047b83NL/p74hE4/rIojY2SxiP1iddwFKFO+F/vCwXWX
0OsNA4nU1Ms16vHl3KdU1pOeAeKy+jqi5YsYHrbEw5W3pshg00xl/7J9S5qzpyNO
AISPlgFLtcvEvKAaNd1Xd0lXHaYH4IkgHyU57GOgqH1NzueFmmFYVxTB/27GyBv+
DFC2W3ix4zpwlLNCvY88MC9xsZKooYR+fosoGpPclB+nn8f10XVDimHmoaDCpbKE
fw2eds7N8jVWyR0KUGSqrSeX6O8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTlzw6D
DH74wuovaW5JjwlYGEEqGzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Zjk3NTM5NzQtOTQ3Yy00MmM0LTg4NWItYWE5NGM0M2M1NmEwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+g
wDANBgkqhkiG9w0BAQsFAAOCAQEAE/XaADi6ddKuYqOp1GGILlh9xiqOGqIQHfkL
AzCoLrkPDZfN4uVT8M5Mqmd7+vVHQIxySpJLETqrMtBkEvmXQloJajNh2XHxdH/+
+92IGEZQo3byC54CyDjAR2PgVAS4rDdd+a59lfyStnQapVIrviH+9v39Jjtl5SYt
qYHHDUPjlER8goatmpofhzIACHYWGkk2VIAbte89x4SS2vLghhthKl+wNLuOXY+c
WkptAUuApPPv9Y+iH/a2M2Z8mFXyHj8n9yhMVGGQlKsdu7iJmoUIvBmSdQV22b6R
UjYkjGyzWo6po5fMBhOdTLJhuchoEkg524Yk5sfarU9m47MeVA==
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:25:58 2026 by rpki-client