Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a961f3a-fb71-4357-a4fc-28c4024b0441.roa
File: 1a961f3a-fb71-4357-a4fc-28c4024b0441.roa (raw, json)
Hash identifier: JRDOlywGmUgH8vSgOm4K0l9J3YDHaSjdesBo4a2SXng=
Subject key identifier: 90:AB:F6:B6:3F:11:07:0C:2B:57:07:07:FB:C4:AD:37:A6:31:2E:3F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3240CB423CD3C5252B7F96779C0D2B83959C3E92
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a961f3a-fb71-4357-a4fc-28c4024b0441.roa
Signing time: Mon 11 May 2026 01:50:11 +0000
ROA not before: Mon 11 May 2026 01:50:11 +0000
ROA not after: Sun 09 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000::/25 maxlen: 25
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:40:cb:42:3c:d3:c5:25:2b:7f:96:77:9c:0d:2b:83:95:9c:3e:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 11 01:50:11 2026 GMT
Not After : Aug 9 23:59:59 2026 GMT
Subject: serialNumber=fc0bfe5a768838baa90ea9697f86f07c2ad41e48eab3c6386630f467e453bd0d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:92:5d:16:1d:9c:b2:e8:ff:5c:34:96:c8:50:
65:72:b2:99:46:7e:59:03:bf:f6:b8:66:84:e5:48:
2e:57:86:7e:6b:96:7a:a2:3e:60:3c:30:e4:8f:5a:
99:5c:d2:83:a1:06:f1:c9:37:90:7e:c1:ed:99:55:
3d:a0:6a:bd:cf:15:b8:ce:54:53:76:99:9a:2d:cf:
1d:9d:7a:27:be:fd:96:60:53:aa:36:9d:bd:d7:c9:
17:6d:c6:8a:6d:52:ac:a8:8c:d4:13:b9:c8:6b:15:
a4:65:67:83:ec:bf:48:3b:aa:8a:c2:14:6c:a4:f1:
e5:da:a0:53:0c:03:be:f4:88:98:2b:60:2f:4c:a1:
d7:5d:fe:d0:89:6e:1e:28:4f:1f:53:cc:2c:33:d0:
07:e6:83:36:7f:47:8d:e3:aa:27:84:0f:d5:86:93:
d8:52:9e:3f:99:f0:1d:3b:6f:95:18:b5:84:fb:63:
0b:37:ce:a7:02:15:9e:f9:6e:4a:f0:8b:11:4e:98:
7a:7f:15:19:b2:e8:61:7a:fa:cf:42:de:f5:f6:43:
9b:e5:c2:ff:36:44:91:88:0c:0a:28:d8:b2:92:c8:
4c:a9:1c:6d:53:8f:91:e0:ed:85:cd:10:c8:23:4e:
1b:f5:d2:29:18:fa:6e:85:a2:14:1e:4e:c1:08:1b:
68:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:AB:F6:B6:3F:11:07:0C:2B:57:07:07:FB:C4:AD:37:A6:31:2E:3F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1a961f3a-fb71-4357-a4fc-28c4024b0441.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000::/25
Signature Algorithm: sha256WithRSAEncryption
11:a9:9c:11:b9:d7:f3:bd:80:a8:b3:6c:76:ad:47:75:cc:49:
a8:c5:cf:ff:d7:f5:75:d6:65:03:48:b0:5f:f1:58:2e:22:09:
a6:60:8b:e1:b0:c9:77:f6:a6:2f:cf:54:7d:3a:16:99:02:24:
ff:a7:68:75:fc:9f:9e:ab:1d:3d:81:99:ac:65:b6:f3:0a:6e:
35:41:e3:ed:58:d9:12:61:86:b7:c4:5c:54:cb:68:e5:d6:bb:
e2:b0:3e:38:87:73:2a:75:81:a3:55:0f:6a:02:a2:73:88:fc:
b4:b4:e0:a8:1a:f5:8b:d3:84:2e:00:a6:88:6e:ac:0e:da:81:
19:ec:d9:fb:00:e2:bf:6e:2e:d0:81:d6:ba:fb:23:aa:0c:df:
7f:d1:15:08:e2:c0:da:26:b4:c8:a9:ff:4c:b8:b8:ed:ad:f0:
4c:38:b1:c0:f4:c4:56:95:0e:af:6d:22:ef:e9:c5:fe:49:56:
9c:df:3d:fd:ce:0f:75:d1:0a:d4:ae:eb:09:9f:bc:63:8a:66:
0a:de:5b:57:82:c9:d4:2b:f3:92:ad:da:78:04:85:a3:69:ab:
ee:6f:94:ba:ba:1f:ff:ea:b5:e3:75:47:6a:05:ce:28:d6:e9:
c5:ba:c0:91:9a:56:54:fe:25:c1:e5:0f:be:8d:6e:a6:fb:40:
6e:f6:18:0a
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUMkDLQjzTxSUrf5Z3nA0rg5WcPpIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTEwMTUwMTFaFw0yNjA4MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGZjMGJmZTVhNzY4ODM4YmFhOTBlYTk2OTdmODZmMDdjMmFkNDFlNDhlYWIz
YzYzODY2MzBmNDY3ZTQ1M2JkMGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANaSXRYdnLLo/1w0lshQZXKymUZ+WQO/9rhmhOVILleGfmuWeqI+YDww5I9a
mVzSg6EG8ck3kH7B7ZlVPaBqvc8VuM5UU3aZmi3PHZ16J779lmBTqjadvdfJF23G
im1SrKiM1BO5yGsVpGVng+y/SDuqisIUbKTx5dqgUwwDvvSImCtgL0yh113+0Ilu
HihPH1PMLDPQB+aDNn9HjeOqJ4QP1YaT2FKeP5nwHTtvlRi1hPtjCzfOpwIVnvlu
SvCLEU6Yen8VGbLoYXr6z0Le9fZDm+XC/zZEkYgMCijYspLITKkcbVOPkeDthc0Q
yCNOG/XSKRj6boWiFB5OwQgbaDUCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBSQq/a2
PxEHDCtXBwf7xK03pjEuPzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWE5NjFmM2EtZmI3MS00MzU3LWE0ZmMtMjhjNDAyNGIwNDQxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFByoF0AAw
DQYJKoZIhvcNAQELBQADggEBABGpnBG51/O9gKizbHatR3XMSajFz//X9XXWZQNI
sF/xWC4iCaZgi+GwyXf2pi/PVH06FpkCJP+naHX8n56rHT2BmaxltvMKbjVB4+1Y
2RJhhrfEXFTLaOXWu+KwPjiHcyp1gaNVD2oConOI/LS04Kga9YvThC4ApohurA7a
gRns2fsA4r9uLtCB1rr7I6oM33/RFQjiwNomtMip/0y4uO2t8Ew4scD0xFaVDq9t
Iu/pxf5JVpzfPf3OD3XRCtSu6wmfvGOKZgreW1eCydQr85Kt2ngEhaNpq+5vlLq6
H//qteN1R2oFzijW6cW6wJGaVlT+JcHlD76Nbqb7QG72GAo=
-----END CERTIFICATE-----
Generated at Tue May 12 23:14:52 2026 by rpki-client