Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2562684d-020c-40d9-b3bb-3fcb4c638494.roa
File: 2562684d-020c-40d9-b3bb-3fcb4c638494.roa (raw, json)
Hash identifier: QQGLdwsB0ZOS7lg1qyXwsIXl9tTzqBxFsAcqGf5+8wc=
Subject key identifier: 6B:4B:7B:EF:33:9B:AE:A7:0E:74:C8:90:7B:B2:D1:99:6D:82:50:36
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 71D3089D5C3E08F72DC93DFD31D295ACA5D01C89
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2562684d-020c-40d9-b3bb-3fcb4c638494.roa
Signing time: Fri 08 May 2026 03:21:14 +0000
ROA not before: Fri 08 May 2026 03:21:14 +0000
ROA not after: Thu 06 Aug 2026 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d059:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:d3:08:9d:5c:3e:08:f7:2d:c9:3d:fd:31:d2:95:ac:a5:d0:1c:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 8 03:21:14 2026 GMT
Not After : Aug 6 23:59:59 2026 GMT
Subject: serialNumber=8051c3bd19760150a851b7aa0b007a531ed82c6397e2ec4164672d6db6c3bae6, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:8a:8e:bd:4a:98:a4:db:17:43:26:10:70:c2:
1a:b2:a5:05:51:7f:2a:20:18:70:65:e4:57:43:e3:
77:5f:e6:ce:b2:13:45:8d:78:32:c5:8c:fc:9b:93:
de:25:d9:0c:24:69:1c:c4:62:5c:70:65:f5:96:47:
47:c0:e6:70:f3:ad:e0:7d:d9:85:9b:3e:6b:dc:b0:
67:48:6d:63:1a:9a:43:aa:0d:7d:1d:26:08:d2:a7:
36:55:c3:96:0e:fa:99:fd:d3:8f:9a:48:2f:61:63:
50:15:5d:54:ed:a5:a0:54:53:7a:21:5f:51:3f:b8:
fa:a1:09:ef:4a:7b:40:7d:4f:d8:4a:b6:96:77:de:
cb:01:b1:97:c1:4e:b1:31:ad:db:67:e1:9f:be:70:
12:fe:68:32:82:f9:e5:ca:3f:1b:01:fc:a1:35:be:
72:25:6e:42:1b:26:db:79:2a:e0:a1:15:77:95:e8:
7b:8b:0e:9e:fd:4d:13:9a:c1:69:14:58:0e:37:b1:
82:06:c6:a6:7b:0d:18:6b:7a:fd:c8:97:d8:97:57:
89:4d:cd:d7:26:2e:8f:13:00:62:2c:9d:d2:cd:14:
dc:8e:3d:a3:00:ae:58:23:b7:30:b2:a0:3f:d5:72:
14:e2:53:1b:b6:cf:e8:80:98:ef:65:76:97:09:99:
50:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:4B:7B:EF:33:9B:AE:A7:0E:74:C8:90:7B:B2:D1:99:6D:82:50:36
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2562684d-020c-40d9-b3bb-3fcb4c638494.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:9000::/40
Signature Algorithm: sha256WithRSAEncryption
c5:7e:35:ab:3d:11:eb:ba:82:46:3c:61:50:68:3e:08:78:f0:
17:9c:98:b0:66:3b:94:22:f9:06:51:ab:a7:22:ff:4e:59:fa:
76:22:14:b1:f4:02:1e:bc:70:61:e5:fc:cf:61:32:5b:cc:57:
90:ad:c4:b4:31:31:80:52:49:3e:73:48:15:42:e2:17:e8:94:
7f:e6:79:fe:7d:6c:84:b5:07:07:da:ae:93:7a:74:bb:97:80:
da:5e:aa:ca:2a:bc:e0:c6:ef:6b:cb:7b:6b:d0:47:a2:f6:a6:
0a:cd:ee:14:c3:ae:79:38:c7:15:80:a3:79:ba:92:45:df:97:
af:82:e6:43:bf:4b:fe:7b:f2:c4:05:3d:fd:dc:7e:72:1b:a2:
02:06:7c:6e:3f:58:72:40:f8:09:87:72:19:d9:6e:4e:85:2a:
71:38:c4:de:d0:7f:b7:bd:30:cb:6d:b0:88:cf:31:e2:60:44:
20:cc:ac:22:ba:c0:48:bf:1c:47:49:11:62:af:1c:35:00:36:
b6:19:0d:c9:29:5b:99:9b:b1:a1:c2:8e:cf:01:39:c7:14:7e:
b7:9a:4c:c0:76:67:d3:d8:b8:ee:e1:7f:3a:bd:87:64:1b:bd:
ce:51:6b:0f:4d:ba:62:95:cb:2c:a6:41:cb:da:cd:62:69:d6:
07:4d:6a:44
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUcdMInVw+CPctyT39MdKVrKXQHIkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDgwMzIxMTRaFw0yNjA4MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDgwNTFjM2JkMTk3NjAxNTBhODUxYjdhYTBiMDA3YTUzMWVkODJjNjM5N2Uy
ZWM0MTY0NjcyZDZkYjZjM2JhZTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKGKjr1KmKTbF0MmEHDCGrKlBVF/KiAYcGXkV0Pjd1/mzrITRY14MsWM/JuT
3iXZDCRpHMRiXHBl9ZZHR8DmcPOt4H3ZhZs+a9ywZ0htYxqaQ6oNfR0mCNKnNlXD
lg76mf3Tj5pIL2FjUBVdVO2loFRTeiFfUT+4+qEJ70p7QH1P2Eq2lnfeywGxl8FO
sTGt22fhn75wEv5oMoL55co/GwH8oTW+ciVuQhsm23kq4KEVd5Xoe4sOnv1NE5rB
aRRYDjexggbGpnsNGGt6/ciX2JdXiU3N1yYujxMAYiyd0s0U3I49owCuWCO3MLKg
P9VyFOJTG7bP6ICY72V2lwmZUJkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRrS3vv
M5uupw50yJB7stGZbYJQNjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjU2MjY4NGQtMDIwYy00MGQ5LWIzYmItM2ZjYjRjNjM4NDk0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FmQ
MA0GCSqGSIb3DQEBCwUAA4IBAQDFfjWrPRHruoJGPGFQaD4IePAXnJiwZjuUIvkG
UaunIv9OWfp2IhSx9AIevHBh5fzPYTJbzFeQrcS0MTGAUkk+c0gVQuIX6JR/5nn+
fWyEtQcH2q6TenS7l4DaXqrKKrzgxu9ry3tr0Eei9qYKze4Uw655OMcVgKN5upJF
35evguZDv0v+e/LEBT393H5yG6ICBnxuP1hyQPgJh3IZ2W5OhSpxOMTe0H+3vTDL
bbCIzzHiYEQgzKwiusBIvxxHSRFirxw1ADa2GQ3JKVuZm7Ghwo7PATnHFH63mkzA
dmfT2Lju4X86vYdkG73OUWsPTbpilcsspkHL2s1iadYHTWpE
-----END CERTIFICATE-----
Generated at Wed May 13 00:25:07 2026 by rpki-client