Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/356f05f3-9814-4715-9f58-bf044bf5d10f.roa
File: 356f05f3-9814-4715-9f58-bf044bf5d10f.roa (raw, json)
Hash identifier: 6rIhpzekONyQTItMGSW4UNqKdufPZ/t6HzH/5rriX0g=
Subject key identifier: A9:4D:CE:BE:46:FA:C7:B0:06:54:8F:3E:A0:D0:88:71:75:04:44:8A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 35AB47BFC0BF044199316F61747A5F155203D89A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/356f05f3-9814-4715-9f58-bf044bf5d10f.roa
Signing time: Mon 04 May 2026 15:30:09 +0000
ROA not before: Mon 04 May 2026 15:30:09 +0000
ROA not after: Sun 02 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:880::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:ab:47:bf:c0:bf:04:41:99:31:6f:61:74:7a:5f:15:52:03:d8:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 4 15:30:09 2026 GMT
Not After : Aug 2 23:59:59 2026 GMT
Subject: serialNumber=a8df914d80d3389327c4e2aa8b99dba5ca23949ae409a5578cec5f8769d2315b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:a5:a8:cf:fb:33:bc:06:6a:3b:e3:ef:38:91:
7b:8d:5a:4f:66:21:b3:30:11:c3:65:fd:1f:1b:42:
dd:a7:aa:29:72:4b:49:80:65:c8:7a:32:bc:c4:0c:
0a:5a:fd:c1:77:99:ce:2a:52:bc:3a:4b:88:93:73:
d0:71:6f:43:3c:29:02:dc:a8:fe:20:37:da:0f:3b:
fa:88:83:6d:e9:62:cd:68:6d:c2:6f:f9:9d:d5:19:
7a:98:f1:c7:43:a2:33:c9:1c:8c:06:f9:f2:95:69:
b4:1a:8e:5b:31:d6:85:c0:93:30:9b:08:f8:18:92:
65:6e:29:db:27:e5:3d:67:29:dc:d3:14:ba:8b:90:
73:42:94:e8:fc:a6:b6:73:b9:0a:8b:14:6d:16:1e:
34:c5:37:f1:d9:a2:c7:d9:2e:2d:00:df:71:94:a3:
66:bc:f3:47:f1:57:82:63:dc:0d:55:4e:4e:a7:f8:
68:0f:c7:1f:d5:39:82:82:e2:56:02:c8:a3:cd:25:
1b:78:03:ca:a1:36:2e:54:76:1f:b6:4e:a4:4f:0e:
98:28:15:c5:8f:de:37:a9:09:a5:94:c3:e7:27:f9:
ea:9f:aa:2a:3b:6c:9e:f7:c5:fa:22:b5:2f:2f:53:
bc:25:e1:7f:2f:89:db:97:86:42:6e:26:42:d0:b4:
43:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:4D:CE:BE:46:FA:C7:B0:06:54:8F:3E:A0:D0:88:71:75:04:44:8A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/356f05f3-9814-4715-9f58-bf044bf5d10f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:880::/46
Signature Algorithm: sha256WithRSAEncryption
12:99:d3:85:71:25:a5:00:95:8d:5b:ef:56:39:d3:42:59:c6:
70:07:72:44:98:7e:86:41:4e:5c:14:7c:0d:d4:dc:6c:3b:cd:
7d:dd:b6:21:ad:9b:99:89:39:be:88:b6:31:8a:31:83:fe:f1:
51:f5:61:8c:ff:8a:8a:6f:15:a0:ba:49:d3:b7:35:02:7f:56:
f6:27:a0:46:5d:c3:1f:99:8f:15:03:2d:79:c5:2c:47:23:51:
9f:8f:8b:b6:64:33:b3:e7:38:54:30:42:10:a5:cb:53:40:f1:
8a:4a:39:4f:cb:3d:28:50:d9:18:3c:45:02:2b:1b:7d:59:80:
3f:82:cd:b1:c4:1b:65:ef:81:80:cb:32:ef:2e:77:e7:a9:51:
af:5f:3d:cf:4c:d0:d9:88:86:fa:d3:18:3e:ab:60:c5:2d:c5:
06:79:06:92:ea:04:f2:9c:3a:86:9e:53:2d:f4:07:b4:f7:ae:
a0:38:24:d4:2d:13:75:f1:ae:59:2a:18:32:9c:ed:1c:27:ee:
df:f7:cf:41:6d:db:4e:c4:11:c0:77:de:91:80:81:33:c4:6a:
eb:66:ba:a4:7f:89:07:66:f1:01:89:42:a5:c4:f3:e4:3b:e6:
15:27:7b:13:0a:f3:2b:87:6e:40:e2:69:be:a2:df:ae:18:2b:
7a:6a:51:54
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUNatHv8C/BEGZMW9hdHpfFVID2JowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDQxNTMwMDlaFw0yNjA4MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQGE4ZGY5MTRkODBkMzM4OTMyN2M0ZTJhYThiOTlkYmE1Y2EyMzk0OWFlNDA5
YTU1NzhjZWM1Zjg3NjlkMjMxNWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKqlqM/7M7wGajvj7ziRe41aT2YhszARw2X9HxtC3aeqKXJLSYBlyHoyvMQM
Clr9wXeZzipSvDpLiJNz0HFvQzwpAtyo/iA32g87+oiDbelizWhtwm/5ndUZepjx
x0OiM8kcjAb58pVptBqOWzHWhcCTMJsI+BiSZW4p2yflPWcp3NMUuouQc0KU6Pym
tnO5CosUbRYeNMU38dmix9kuLQDfcZSjZrzzR/FXgmPcDVVOTqf4aA/HH9U5goLi
VgLIo80lG3gDyqE2LlR2H7ZOpE8OmCgVxY/eN6kJpZTD5yf56p+qKjtsnvfF+iK1
Ly9TvCXhfy+J25eGQm4mQtC0Q70CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSpTc6+
RvrHsAZUjz6g0IhxdQREijAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzU2ZjA1ZjMtOTgxNC00NzE1LTlmNTgtYmYwNDRiZjVkMTBmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HMI
gDANBgkqhkiG9w0BAQsFAAOCAQEAEpnThXElpQCVjVvvVjnTQlnGcAdyRJh+hkFO
XBR8DdTcbDvNfd22Ia2bmYk5voi2MYoxg/7xUfVhjP+Kim8VoLpJ07c1An9W9ieg
Rl3DH5mPFQMtecUsRyNRn4+LtmQzs+c4VDBCEKXLU0Dxiko5T8s9KFDZGDxFAisb
fVmAP4LNscQbZe+BgMsy7y5356lRr189z0zQ2YiG+tMYPqtgxS3FBnkGkuoE8pw6
hp5TLfQHtPeuoDgk1C0TdfGuWSoYMpztHCfu3/fPQW3bTsQRwHfekYCBM8Rq62a6
pH+JB2bxAYlCpcTz5DvmFSd7EwrzK4duQOJpvqLfrhgrempRVA==
-----END CERTIFICATE-----
Generated at Wed May 13 00:37:58 2026 by rpki-client