Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fce7a03b-9e90-4921-9c56-5b0bd4e60ed0.roa
File: fce7a03b-9e90-4921-9c56-5b0bd4e60ed0.roa (raw, json)
Hash identifier: nGFjPjAM9VdksU6/SiQkGRYWiGx/qTPUlqbcfMRcny4=
Subject key identifier: E2:B8:66:D8:9A:09:3B:3D:7E:0C:D5:15:7C:74:72:86:73:57:04:8A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 04F2A5DDDA11DF2166351DA29DA7B53B3D0122FE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fce7a03b-9e90-4921-9c56-5b0bd4e60ed0.roa
Signing time: Tue 19 May 2026 05:00:41 +0000
ROA not before: Tue 19 May 2026 05:00:41 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:80c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:f2:a5:dd:da:11:df:21:66:35:1d:a2:9d:a7:b5:3b:3d:01:22:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:00:41 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=d379a2f2a3924cabf6b47340a0774e09c33b15bccc4499fa04dea5e85cd7d6ac, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:5f:f1:01:a5:d9:30:99:78:06:c5:a6:97:b6:
0f:30:60:35:09:76:39:96:a5:bf:85:73:3a:00:20:
3a:5f:b2:1e:0e:39:df:7a:38:b8:82:b8:bb:c2:36:
30:3a:9b:5e:2f:ca:db:4f:df:f2:96:03:f0:ef:9f:
d8:43:bf:eb:12:85:d5:85:21:44:f5:bd:9b:4d:ec:
18:b6:d8:f8:98:01:c8:70:60:68:75:50:2a:e8:ff:
1e:e8:13:5b:a0:96:6d:35:f7:38:2d:3a:0d:30:f0:
87:27:88:a3:36:7b:e5:e3:2d:c1:8a:3c:bd:46:ea:
62:e3:5c:6d:5d:ad:6b:2c:92:d5:ef:02:ff:28:14:
bb:71:ec:43:fd:2f:b5:12:44:28:a1:d9:39:92:cc:
85:81:b0:af:38:30:19:8c:02:f2:7b:82:22:58:56:
24:4f:4b:03:8d:75:86:ed:a6:a9:4f:86:0c:98:45:
3b:ff:57:07:4e:60:8a:05:d2:48:2f:0a:69:42:0c:
35:44:18:e1:d9:f4:0d:de:80:8f:fc:36:cc:7c:82:
00:86:46:0b:8b:ff:28:af:b9:05:8f:ab:db:0c:8e:
92:76:2f:e3:53:d1:9d:6b:32:ad:cc:e9:56:76:86:
8b:d1:a1:7a:ea:d7:91:a2:20:07:9e:b2:c8:14:7e:
08:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:B8:66:D8:9A:09:3B:3D:7E:0C:D5:15:7C:74:72:86:73:57:04:8A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fce7a03b-9e90-4921-9c56-5b0bd4e60ed0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:80c0::/48
Signature Algorithm: sha256WithRSAEncryption
b5:96:75:9d:6d:77:a5:43:65:88:d5:bb:bb:71:ee:73:29:6c:
28:9c:df:b4:c1:4b:44:9c:81:fc:70:df:11:b5:00:f8:cf:31:
89:18:cd:b8:15:cd:d8:fd:51:27:41:8f:d7:7c:eb:ae:b4:a5:
73:91:d5:7d:d8:8a:aa:b5:56:ba:17:72:63:10:d9:71:51:67:
1d:be:2f:74:1c:2f:9d:56:77:ca:09:04:5f:3f:dd:35:11:5d:
21:7d:2a:cd:a9:40:3a:fb:4e:10:39:47:82:ab:12:73:21:4e:
40:e4:5f:f8:73:f8:67:03:db:07:3a:68:e2:84:4a:d0:f4:0a:
fe:54:d9:f6:84:7b:a5:c0:b9:95:1e:b5:27:78:70:01:7b:17:
19:7b:6b:eb:75:5c:b3:5b:c7:ee:d4:60:8c:f9:6a:4e:da:24:
c4:77:18:c4:19:dd:95:b6:95:73:f3:9f:c8:9b:d4:86:c9:9d:
50:f0:d3:3f:37:c2:39:c3:7d:03:cf:9d:f2:be:19:35:87:c0:
6e:e0:e3:51:b4:e0:3c:2a:7f:a2:f2:68:6e:58:f3:0b:18:a2:
18:58:d4:ac:5b:c0:e2:c3:66:2f:72:ab:ce:c3:45:17:d2:44:
5c:9b:8d:91:66:c5:07:fa:a9:d2:ae:10:23:02:89:8d:d8:30:
12:52:d0:a9
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUBPKl3doR3yFmNR2inae1Oz0BIv4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTAwNDFaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGQzNzlhMmYyYTM5MjRjYWJmNmI0NzM0MGEwNzc0ZTA5YzMzYjE1YmNjYzQ0
OTlmYTA0ZGVhNWU4NWNkN2Q2YWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMRf8QGl2TCZeAbFppe2DzBgNQl2OZalv4VzOgAgOl+yHg4533o4uIK4u8I2
MDqbXi/K20/f8pYD8O+f2EO/6xKF1YUhRPW9m03sGLbY+JgByHBgaHVQKuj/HugT
W6CWbTX3OC06DTDwhyeIozZ75eMtwYo8vUbqYuNcbV2tayyS1e8C/ygUu3HsQ/0v
tRJEKKHZOZLMhYGwrzgwGYwC8nuCIlhWJE9LA411hu2mqU+GDJhFO/9XB05gigXS
SC8KaUIMNUQY4dn0Dd6Aj/w2zHyCAIZGC4v/KK+5BY+r2wyOknYv41PRnWsyrczp
VnaGi9GheurXkaIgB56yyBR+CMECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTiuGbY
mgk7PX4M1RV8dHKGc1cEijAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmNlN2EwM2ItOWU5MC00OTIxLTljNTYtNWIwYmQ0ZTYwZWQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HKA
wDANBgkqhkiG9w0BAQsFAAOCAQEAtZZ1nW13pUNliNW7u3HucylsKJzftMFLRJyB
/HDfEbUA+M8xiRjNuBXN2P1RJ0GP13zrrrSlc5HVfdiKqrVWuhdyYxDZcVFnHb4v
dBwvnVZ3ygkEXz/dNRFdIX0qzalAOvtOEDlHgqsScyFOQORf+HP4ZwPbBzpo4oRK
0PQK/lTZ9oR7pcC5lR61J3hwAXsXGXtr63Vcs1vH7tRgjPlqTtokxHcYxBndlbaV
c/OfyJvUhsmdUPDTPzfCOcN9A8+d8r4ZNYfAbuDjUbTgPCp/ovJobljzCxiiGFjU
rFvA4sNmL3KrzsNFF9JEXJuNkWbFB/qp0q4QIwKJjdgwElLQqQ==
-----END CERTIFICATE-----
Generated at Sat Jun 13 07:58:59 2026 by rpki-client