Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc3cf1ff-209d-46f6-a7dd-a7ba5d5bfba7.roa
File: fc3cf1ff-209d-46f6-a7dd-a7ba5d5bfba7.roa (raw, json)
Hash identifier: GhVQtQr851YovUaL6mZYXdQ1lu3wbdxGx4d5nwWdIqA=
Subject key identifier: B4:04:FD:13:40:58:E7:E6:52:FE:AB:5E:F8:57:88:08:EF:AC:8C:0A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 20571F97CBA451B55D2A62EA1AD5C2223975FF89
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc3cf1ff-209d-46f6-a7dd-a7ba5d5bfba7.roa
Signing time: Tue 19 May 2026 05:11:00 +0000
ROA not before: Tue 19 May 2026 05:11:00 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:8000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:57:1f:97:cb:a4:51:b5:5d:2a:62:ea:1a:d5:c2:22:39:75:ff:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:11:00 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=e8738e3c1016fa62d14dc708684faddb1a659913ca423fdff11ad9c99c8b822c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:5d:4a:dd:ac:6c:be:8f:4d:1e:1d:4c:de:b2:
75:ca:8c:a3:df:84:95:55:d2:5a:e4:fe:05:39:6c:
6e:24:e9:46:49:47:c3:fe:b5:cc:e8:da:af:0c:49:
67:cc:33:a3:27:4c:5d:96:ff:b7:92:79:53:48:c7:
73:ca:bf:e8:cf:e0:f1:1b:ec:63:93:40:b9:e3:b1:
a6:d4:da:11:78:13:be:1d:18:dd:52:fa:07:91:bd:
f9:51:34:8d:8c:f0:83:01:da:78:10:7e:79:b5:30:
19:40:ea:82:78:b0:70:7c:f6:f9:a8:73:f6:a3:be:
57:01:f7:60:1e:f5:22:fb:9a:7d:5b:1f:9e:cb:90:
46:83:77:d1:c9:a6:99:3c:16:27:93:6e:0f:d1:88:
c1:78:3a:2c:90:18:0a:60:cd:82:bd:74:91:53:b6:
0d:16:7d:60:76:6f:2b:e9:63:e1:9f:b2:0b:3f:bd:
69:2d:14:a3:c6:9e:f2:4c:d6:69:79:48:0e:f2:e1:
c0:e7:c2:ab:cc:f6:0a:6a:6a:ae:d0:c1:38:31:5c:
95:8d:06:dc:47:60:14:c3:c6:bc:d1:10:5b:bf:66:
53:d5:00:51:27:1d:5d:50:d9:e3:26:4d:e2:b0:09:
7b:9a:1e:51:07:11:c2:f3:2c:00:d5:0c:ae:9d:d3:
0d:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:04:FD:13:40:58:E7:E6:52:FE:AB:5E:F8:57:88:08:EF:AC:8C:0A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc3cf1ff-209d-46f6-a7dd-a7ba5d5bfba7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:8000::/40
Signature Algorithm: sha256WithRSAEncryption
05:c7:d1:e9:b8:b4:da:4e:ab:3b:93:ba:b2:f5:59:61:c8:d0:
e9:c6:e4:e0:9a:d4:79:c0:71:8b:78:ca:4b:6d:db:fc:38:b2:
9b:91:3e:7f:a0:2c:ea:a5:5e:54:22:00:15:98:96:c1:3d:fa:
f9:41:cc:7e:29:cc:8c:18:1a:c9:a2:44:05:bd:67:b0:03:9d:
dd:c6:14:af:46:cf:36:b4:cf:2d:9b:b0:3b:5c:ae:41:0f:55:
a2:0f:92:1d:46:8f:b2:f1:19:84:51:5e:f6:63:fe:9e:46:6f:
e6:50:cc:90:49:83:35:ff:5b:27:11:96:2c:93:c7:92:f9:a0:
d7:a3:c2:bb:04:d9:8a:fb:6a:d7:ad:f0:f9:8c:3a:14:67:32:
1d:57:dd:00:86:a7:86:42:69:9c:4a:c4:17:2e:9c:be:e0:8e:
66:7d:09:f6:3d:09:43:9c:bb:61:9d:c5:2a:4b:6c:8e:84:74:
96:fc:33:d4:d6:7b:a8:92:2f:fa:c4:c6:08:d6:e2:ab:46:1a:
37:2d:60:de:ee:a7:ab:6a:ea:1c:2d:1c:0e:5d:cf:d4:86:2b:
a6:ce:0b:92:5e:81:60:8b:c1:56:3a:c8:43:dc:91:5c:a7:82:
9a:cb:4d:20:80:00:8d:7e:01:73:19:fd:ed:74:6f:0e:b5:42:
ea:0b:07:0d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIFcfl8ukUbVdKmLqGtXCIjl1/4kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTExMDBaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGU4NzM4ZTNjMTAxNmZhNjJkMTRkYzcwODY4NGZhZGRiMWE2NTk5MTNjYTQy
M2ZkZmYxMWFkOWM5OWM4YjgyMmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANJdSt2sbL6PTR4dTN6ydcqMo9+ElVXSWuT+BTlsbiTpRklHw/61zOjarwxJ
Z8wzoydMXZb/t5J5U0jHc8q/6M/g8RvsY5NAueOxptTaEXgTvh0Y3VL6B5G9+VE0
jYzwgwHaeBB+ebUwGUDqgniwcHz2+ahz9qO+VwH3YB71IvuafVsfnsuQRoN30cmm
mTwWJ5NuD9GIwXg6LJAYCmDNgr10kVO2DRZ9YHZvK+lj4Z+yCz+9aS0Uo8ae8kzW
aXlIDvLhwOfCq8z2CmpqrtDBODFclY0G3EdgFMPGvNEQW79mU9UAUScdXVDZ4yZN
4rAJe5oeUQcRwvMsANUMrp3TDbcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS0BP0T
QFjn5lL+q174V4gI76yMCjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmMzY2YxZmYtMjA5ZC00NmY2LWE3ZGQtYTdiYTVkNWJmYmE3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DiA
MA0GCSqGSIb3DQEBCwUAA4IBAQAFx9HpuLTaTqs7k7qy9VlhyNDpxuTgmtR5wHGL
eMpLbdv8OLKbkT5/oCzqpV5UIgAVmJbBPfr5Qcx+KcyMGBrJokQFvWewA53dxhSv
Rs82tM8tm7A7XK5BD1WiD5IdRo+y8RmEUV72Y/6eRm/mUMyQSYM1/1snEZYsk8eS
+aDXo8K7BNmK+2rXrfD5jDoUZzIdV90AhqeGQmmcSsQXLpy+4I5mfQn2PQlDnLth
ncUqS2yOhHSW/DPU1nuoki/6xMYI1uKrRho3LWDe7qerauocLRwOXc/UhiumzguS
XoFgi8FWOshD3JFcp4Kay00ggACNfgFzGf3tdG8OtULqCwcN
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:12:00 2026 by rpki-client