Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/34c01ebb-9e77-41b5-a2ef-1caa5f389bf1.roa
File: 34c01ebb-9e77-41b5-a2ef-1caa5f389bf1.roa (raw, json)
Hash identifier: VaP1yV0595n4mtG/iYntEeloLAxFoPsbxYzIuh4+aWE=
Subject key identifier: D9:30:94:22:E1:AE:E7:F1:A9:80:1F:0D:BF:4E:4F:A6:3B:C8:F3:AA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6C40FB8109C79165E23F50D7750169ACCF0D2C89
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/34c01ebb-9e77-41b5-a2ef-1caa5f389bf1.roa
Signing time: Sat 02 May 2026 01:30:21 +0000
ROA not before: Sat 02 May 2026 01:30:21 +0000
ROA not after: Fri 31 Jul 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06a:50c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:40:fb:81:09:c7:91:65:e2:3f:50:d7:75:01:69:ac:cf:0d:2c:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 2 01:30:21 2026 GMT
Not After : Jul 31 23:59:59 2026 GMT
Subject: serialNumber=b758b41a94752a9a206d83007c9c8f631b10eec58762ce3a64cecad3f47ad1d8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:dc:9e:d6:1f:93:16:46:0e:fd:79:31:0b:d1:
30:fe:f9:f0:11:31:85:07:3f:67:4e:0d:0c:fc:34:
46:54:4c:a4:cd:31:cc:8b:7e:8c:14:8d:a7:e9:28:
96:6d:ef:0d:31:71:33:ad:45:a1:a3:25:96:37:0c:
a1:32:f0:f5:a5:47:2b:2a:4a:ad:27:29:68:4b:7d:
69:c1:bd:7a:d8:7c:a0:d4:88:bd:a4:9e:0b:a8:2f:
f9:22:fb:0b:fa:0e:6d:dc:58:c4:bf:d7:aa:a6:29:
0a:49:e0:44:50:35:e3:4d:90:49:f5:a1:40:22:cc:
57:94:8f:ef:a6:ec:17:65:56:e6:36:40:f4:f1:d5:
62:04:e3:0d:8e:c4:02:95:c6:d2:1c:e5:df:0f:db:
e9:b9:b9:6e:45:0b:92:f7:03:1a:94:6a:6e:0b:e3:
00:45:28:5c:38:ae:de:ec:f0:29:fe:82:ec:f9:52:
87:70:2a:c8:76:73:32:0d:8e:c3:0c:a6:0a:9f:c7:
0c:76:e1:56:56:98:a4:e7:09:fd:ee:8e:23:2a:3e:
a9:34:88:77:e1:71:ba:75:fc:12:3e:fc:bb:d1:f1:
f8:00:37:aa:7b:91:43:a0:c4:9a:36:fd:34:5b:01:
bc:2a:41:aa:74:28:47:12:eb:95:68:8d:cf:99:bf:
bf:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:30:94:22:E1:AE:E7:F1:A9:80:1F:0D:BF:4E:4F:A6:3B:C8:F3:AA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/34c01ebb-9e77-41b5-a2ef-1caa5f389bf1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06a:50c0::/48
Signature Algorithm: sha256WithRSAEncryption
1b:93:09:d4:48:f7:1e:12:85:02:31:75:4c:83:a8:03:74:2c:
ad:e8:c6:21:68:93:90:29:59:2e:2b:40:26:4e:41:6a:ee:b0:
45:28:f4:72:59:95:ef:4d:fd:36:87:dd:17:d7:67:5c:24:0f:
9a:69:ed:3f:8b:99:57:29:d3:cb:be:dc:8d:28:5b:91:1d:5a:
9e:a2:28:37:e3:67:77:43:44:3e:35:5d:eb:45:af:bc:f7:a3:
2a:7b:bb:7e:b5:a1:bc:33:53:e1:de:04:6c:91:a3:f7:8a:80:
fb:c5:4b:5b:64:ef:da:7b:c5:5e:8a:b7:86:01:07:00:7e:0a:
c7:3c:f0:00:80:7b:e5:ac:84:01:7e:29:e6:8c:f9:a4:f3:ff:
4f:c4:9c:60:ed:9d:a4:11:ef:65:20:36:64:0b:bd:c9:da:0d:
ad:30:af:81:35:a0:dd:19:9a:43:df:21:fa:8b:4a:96:4f:ce:
5e:53:79:82:da:b8:15:99:ce:95:25:71:ed:76:3b:86:90:fc:
c6:28:b3:bd:42:52:9e:15:0e:93:8b:ae:4f:f5:f7:52:44:c6:
93:58:55:ba:e0:fe:60:55:2d:55:78:56:17:84:14:b0:89:f1:
6e:f2:a0:be:a2:74:c9:b1:6c:82:87:8f:c9:39:13:18:41:ac:
61:b3:7e:d2
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUbED7gQnHkWXiP1DXdQFprM8NLIkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDIwMTMwMjFaFw0yNjA3MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGI3NThiNDFhOTQ3NTJhOWEyMDZkODMwMDdjOWM4ZjYzMWIxMGVlYzU4NzYy
Y2UzYTY0Y2VjYWQzZjQ3YWQxZDgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALjcntYfkxZGDv15MQvRMP758BExhQc/Z04NDPw0RlRMpM0xzIt+jBSNp+ko
lm3vDTFxM61FoaMlljcMoTLw9aVHKypKrScpaEt9acG9eth8oNSIvaSeC6gv+SL7
C/oObdxYxL/XqqYpCkngRFA1402QSfWhQCLMV5SP76bsF2VW5jZA9PHVYgTjDY7E
ApXG0hzl3w/b6bm5bkULkvcDGpRqbgvjAEUoXDiu3uzwKf6C7PlSh3AqyHZzMg2O
wwymCp/HDHbhVlaYpOcJ/e6OIyo+qTSId+FxunX8Ej78u9Hx+AA3qnuRQ6DEmjb9
NFsBvCpBqnQoRxLrlWiNz5m/v9cCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTZMJQi
4a7n8amAHw2/Tk+mO8jzqjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzRjMDFlYmItOWU3Ny00MWI1LWEyZWYtMWNhYTVmMzg5YmYxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0GpQ
wDANBgkqhkiG9w0BAQsFAAOCAQEAG5MJ1Ej3HhKFAjF1TIOoA3QsrejGIWiTkClZ
LitAJk5Bau6wRSj0clmV7039NofdF9dnXCQPmmntP4uZVynTy77cjShbkR1anqIo
N+Nnd0NEPjVd60WvvPejKnu7frWhvDNT4d4EbJGj94qA+8VLW2Tv2nvFXoq3hgEH
AH4KxzzwAIB75ayEAX4p5oz5pPP/T8ScYO2dpBHvZSA2ZAu9ydoNrTCvgTWg3Rma
Q98h+otKlk/OXlN5gtq4FZnOlSVx7XY7hpD8xiizvUJSnhUOk4uuT/X3UkTGk1hV
uuD+YFUtVXhWF4QUsInxbvKgvqJ0ybFsgoePyTkTGEGsYbN+0g==
-----END CERTIFICATE-----
Generated at Tue May 12 23:13:57 2026 by rpki-client