Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fbd3a3af-f307-4148-9e34-70199540a838.roa
File: fbd3a3af-f307-4148-9e34-70199540a838.roa (raw, json)
Hash identifier: X1L9H4vsxeS9F++yR3YFyq4+ZX3K2clQiOfuQXBY+g0=
Subject key identifier: BD:01:5A:39:CC:0F:82:85:E7:B4:33:6B:88:C8:93:3D:65:C6:FC:32
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 68527BADA397D537E383FDACEF2F806F14F8F8CD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fbd3a3af-f307-4148-9e34-70199540a838.roa
Signing time: Tue 19 May 2026 05:40:54 +0000
ROA not before: Tue 19 May 2026 05:40:54 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:b000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:52:7b:ad:a3:97:d5:37:e3:83:fd:ac:ef:2f:80:6f:14:f8:f8:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:40:54 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=b1af411760e4447eee8b948ff9d0153d942a80155773c8df219ce464aeeb9595, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:0c:49:01:ad:f1:30:d9:43:2b:87:06:14:9a:
a2:57:81:49:eb:86:36:a6:ad:45:52:37:65:6b:fe:
1f:ae:fa:da:d1:02:64:24:c1:33:a1:5b:fa:ce:13:
d0:c2:8e:96:1e:4c:2f:7b:ed:e5:aa:49:c3:29:23:
74:a7:6c:32:cd:d5:d9:f5:79:de:50:6a:6c:10:3e:
88:60:e6:bf:bb:2d:8c:3a:80:de:46:fb:50:d4:ed:
35:63:27:31:a8:64:a1:4b:3f:a0:4f:98:3c:31:4e:
d8:98:67:ae:80:54:9f:c6:ac:d8:26:5a:91:de:d2:
20:d3:2b:81:fe:83:c7:bd:a3:d9:3f:70:63:75:36:
27:76:cc:71:fa:61:9e:8a:3d:8c:e2:bd:c6:b3:a8:
7a:6d:8d:bd:c6:61:0b:75:9c:e3:e3:76:57:ad:1c:
75:8f:9a:40:99:d0:c6:0f:f3:7b:73:4c:a0:e5:6b:
a1:4c:a1:ed:7e:8e:6a:92:2e:6b:8d:eb:42:a3:bf:
2c:87:63:5e:68:74:16:47:a0:bb:cd:6e:b2:0b:c4:
c5:16:1f:53:b7:e3:12:30:12:ed:ce:c9:5e:ca:3c:
d9:e6:23:ce:ac:d7:2b:ef:2d:15:e2:5b:c0:b8:ae:
0f:de:0d:12:47:75:27:c5:a4:5b:20:20:53:27:e3:
78:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:01:5A:39:CC:0F:82:85:E7:B4:33:6B:88:C8:93:3D:65:C6:FC:32
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fbd3a3af-f307-4148-9e34-70199540a838.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:b000::/40
Signature Algorithm: sha256WithRSAEncryption
99:ad:ff:59:bd:39:69:3c:ca:b7:47:d7:0c:26:05:70:72:68:
03:c4:f4:05:2a:29:89:00:ca:d5:99:af:b8:d2:87:d7:ee:50:
e7:56:c3:7a:91:88:8b:a0:94:f8:ed:7c:25:4f:25:ad:07:ed:
b3:31:a4:9f:a8:f8:c5:97:07:ab:3a:ff:1b:99:63:a8:e2:bd:
fb:b4:f7:20:ce:91:52:30:1f:df:82:17:ba:a5:0c:49:eb:64:
4b:49:82:50:b4:d6:48:0f:4f:be:e9:7c:18:d5:8a:04:18:64:
d9:eb:e0:d8:80:9a:d1:b8:b3:62:1a:66:14:08:8a:e1:84:2c:
a4:88:3d:cd:90:3c:2f:6b:bd:89:8d:74:d9:9d:72:ce:49:6d:
9f:a8:e8:0b:a6:48:9a:28:88:88:e5:45:f9:21:c5:2f:ae:5b:
aa:6a:93:f1:65:87:86:b8:72:29:b5:d7:c5:3c:c8:46:b8:5b:
4f:9e:6a:4e:de:98:3c:75:09:a1:df:66:51:3b:83:e0:28:e7:
ee:16:28:74:13:59:cc:17:56:71:04:f8:2c:e2:05:78:20:31:
c9:9c:bf:25:6c:7f:2f:8a:5a:a6:93:c0:8e:0d:b1:92:f4:5b:
82:f6:b8:cf:fa:21:30:5c:34:05:2a:38:b7:1e:a2:23:7c:ad:
15:32:37:22
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUaFJ7raOX1Tfjg/2s7y+AbxT4+M0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTQwNTRaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGIxYWY0MTE3NjBlNDQ0N2VlZThiOTQ4ZmY5ZDAxNTNkOTQyYTgwMTU1Nzcz
YzhkZjIxOWNlNDY0YWVlYjk1OTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALsMSQGt8TDZQyuHBhSaoleBSeuGNqatRVI3ZWv+H6762tECZCTBM6Fb+s4T
0MKOlh5ML3vt5apJwykjdKdsMs3V2fV53lBqbBA+iGDmv7stjDqA3kb7UNTtNWMn
MahkoUs/oE+YPDFO2JhnroBUn8as2CZakd7SINMrgf6Dx72j2T9wY3U2J3bMcfph
noo9jOK9xrOoem2NvcZhC3Wc4+N2V60cdY+aQJnQxg/ze3NMoOVroUyh7X6OapIu
a43rQqO/LIdjXmh0Fkegu81usgvExRYfU7fjEjAS7c7JXso82eYjzqzXK+8tFeJb
wLiuD94NEkd1J8WkWyAgUyfjeGcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS9AVo5
zA+Chee0M2uIyJM9Zcb8MjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmJkM2EzYWYtZjMwNy00MTQ4LTllMzQtNzAxOTk1NDBhODM4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Diw
MA0GCSqGSIb3DQEBCwUAA4IBAQCZrf9ZvTlpPMq3R9cMJgVwcmgDxPQFKimJAMrV
ma+40ofX7lDnVsN6kYiLoJT47XwlTyWtB+2zMaSfqPjFlwerOv8bmWOo4r37tPcg
zpFSMB/fghe6pQxJ62RLSYJQtNZID0++6XwY1YoEGGTZ6+DYgJrRuLNiGmYUCIrh
hCykiD3NkDwva72JjXTZnXLOSW2fqOgLpkiaKIiI5UX5IcUvrluqapPxZYeGuHIp
tdfFPMhGuFtPnmpO3pg8dQmh32ZRO4PgKOfuFih0E1nMF1ZxBPgs4gV4IDHJnL8l
bH8vilqmk8CODbGS9FuC9rjP+iEwXDQFKji3HqIjfK0VMjci
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:15:31 2026 by rpki-client