Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0ffa6bfd-cc78-4a05-ad58-fd42ec48307e.roa
File: 0ffa6bfd-cc78-4a05-ad58-fd42ec48307e.roa (raw, json)
Hash identifier: xwceyCrApduBdwhwRLAUJq4uwC+tIO3OyLLfLAKif4o=
Subject key identifier: 7F:E4:52:78:46:AA:17:4A:B7:99:E2:C2:93:DA:12:07:88:C8:66:C9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 53D365F93B619FA27823B0721A90CDD44D1022A9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0ffa6bfd-cc78-4a05-ad58-fd42ec48307e.roa
Signing time: Mon 04 May 2026 15:20:44 +0000
ROA not before: Mon 04 May 2026 15:20:44 +0000
ROA not after: Sun 02 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:9080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:d3:65:f9:3b:61:9f:a2:78:23:b0:72:1a:90:cd:d4:4d:10:22:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 4 15:20:44 2026 GMT
Not After : Aug 2 23:59:59 2026 GMT
Subject: serialNumber=cda72de9dda0ed36f3fb5017c09f7ff46b8239157258cda5545ed59d4f4a7c6c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:ed:c8:74:4f:43:6d:91:12:fd:9c:98:83:8d:
db:ab:bf:44:a0:bc:82:d9:b5:f5:3a:7a:0b:1d:8d:
fd:01:99:88:f8:ce:5b:96:96:fb:b9:10:12:75:e2:
c0:04:ed:5b:6e:c5:e4:cd:c6:59:aa:10:46:db:de:
c9:75:db:f2:ac:f5:65:56:65:b1:5d:be:b2:e2:7c:
ed:4c:65:ca:49:26:a0:63:5a:7a:f4:fc:f3:97:9c:
39:f2:a4:55:57:00:1d:0a:7d:6d:42:98:8a:32:f0:
e0:a4:32:df:5f:10:02:11:e7:eb:ad:40:0d:88:78:
41:e3:36:cd:e2:97:5f:b0:29:28:21:ab:f5:4d:f0:
79:6b:fe:61:2f:49:fa:80:cf:c9:04:6c:cf:68:d2:
1e:e4:19:f0:a7:96:eb:b1:12:e9:60:7c:d5:97:f9:
89:3f:87:a6:57:d5:9c:b5:60:43:3a:c2:eb:c3:e9:
4d:3c:6a:bc:ef:15:19:48:fe:ee:8b:10:06:3a:ac:
e2:11:de:d7:b5:77:37:92:91:c7:66:e3:99:5a:58:
53:b3:3a:b1:56:d4:51:96:ad:67:47:d3:5d:61:69:
e2:b7:94:e8:26:7c:fd:9d:ed:c4:ce:94:c8:e7:88:
97:d9:91:8c:bc:45:d2:61:af:1c:6c:d4:60:7c:dd:
4b:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:E4:52:78:46:AA:17:4A:B7:99:E2:C2:93:DA:12:07:88:C8:66:C9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0ffa6bfd-cc78-4a05-ad58-fd42ec48307e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:9080::/46
Signature Algorithm: sha256WithRSAEncryption
7b:90:a9:5d:32:1f:50:e1:0d:70:a0:be:83:6f:71:79:b9:bd:
45:b6:84:bf:08:55:f4:39:b0:7c:04:44:27:b3:44:d5:18:f3:
a3:a7:27:5d:c4:5e:cd:09:8a:25:83:4e:90:39:05:92:fa:58:
9c:73:d9:13:fb:19:3d:6d:9b:63:71:93:8c:90:20:68:c3:2d:
f7:cd:25:90:c2:3d:0f:16:e6:57:d8:dc:71:30:4d:21:8f:21:
e6:dc:6c:57:7e:7c:b7:27:39:94:78:21:6b:61:4a:27:af:6a:
71:78:41:9d:fe:36:64:56:b1:cd:70:35:30:d7:93:3f:f3:68:
a2:91:74:75:e9:f6:ca:92:8d:ac:ac:f7:89:05:22:26:b9:14:
32:6a:3e:2a:fd:bd:08:ff:06:21:fc:b0:60:ce:52:79:f6:6d:
e1:26:08:93:70:bb:e6:9c:2d:d9:f3:20:f4:51:95:0d:a5:54:
df:13:ab:0f:90:53:b5:09:9f:9d:f5:01:a5:ca:09:c4:b9:fb:
dc:df:44:af:79:38:c8:f4:43:42:b0:1e:ae:93:2a:93:9a:f8:
6c:74:d4:06:ab:85:92:a2:20:3a:c4:b7:87:4c:a3:7d:ce:84:
49:6c:c8:07:81:d1:db:5c:b4:1e:ca:26:5c:c1:c1:68:73:67:
54:d2:22:c5
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUU9Nl+Tthn6J4I7ByGpDN1E0QIqkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDQxNTIwNDRaFw0yNjA4MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQGNkYTcyZGU5ZGRhMGVkMzZmM2ZiNTAxN2MwOWY3ZmY0NmI4MjM5MTU3MjU4
Y2RhNTU0NWVkNTlkNGY0YTdjNmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMbtyHRPQ22REv2cmION26u/RKC8gtm19Tp6Cx2N/QGZiPjOW5aW+7kQEnXi
wATtW27F5M3GWaoQRtveyXXb8qz1ZVZlsV2+suJ87UxlykkmoGNaevT885ecOfKk
VVcAHQp9bUKYijLw4KQy318QAhHn661ADYh4QeM2zeKXX7ApKCGr9U3weWv+YS9J
+oDPyQRsz2jSHuQZ8KeW67ES6WB81Zf5iT+HplfVnLVgQzrC68PpTTxqvO8VGUj+
7osQBjqs4hHe17V3N5KRx2bjmVpYU7M6sVbUUZatZ0fTXWFp4reU6CZ8/Z3txM6U
yOeIl9mRjLxF0mGvHGzUYHzdSycCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR/5FJ4
RqoXSreZ4sKT2hIHiMhmyTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGZmYTZiZmQtY2M3OC00YTA1LWFkNTgtZmQ0MmVjNDgzMDdlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HOQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAe5CpXTIfUOENcKC+g29xebm9RbaEvwhV9Dmw
fAREJ7NE1Rjzo6cnXcRezQmKJYNOkDkFkvpYnHPZE/sZPW2bY3GTjJAgaMMt980l
kMI9DxbmV9jccTBNIY8h5txsV358tyc5lHgha2FKJ69qcXhBnf42ZFaxzXA1MNeT
P/NoopF0den2ypKNrKz3iQUiJrkUMmo+Kv29CP8GIfywYM5SefZt4SYIk3C75pwt
2fMg9FGVDaVU3xOrD5BTtQmfnfUBpcoJxLn73N9Er3k4yPRDQrAerpMqk5r4bHTU
BquFkqIgOsS3h0yjfc6ESWzIB4HR21y0HsomXMHBaHNnVNIixQ==
-----END CERTIFICATE-----
Generated at Tue May 12 23:28:53 2026 by rpki-client