Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/486a9d1e-bc45-467a-9db2-1a7e5e9068f0.roa
File: 486a9d1e-bc45-467a-9db2-1a7e5e9068f0.roa (raw, json)
Hash identifier: /OZH/+7/ptSeqTkxiH92+zAfh+2Q4IX+2Y4dKhdq8VE=
Subject key identifier: AD:F3:65:14:70:5F:A2:63:8A:48:F6:EB:B6:17:01:94:09:94:C4:0E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 59B4681CACA98F20EE28DC738691AF333A75C9D6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/486a9d1e-bc45-467a-9db2-1a7e5e9068f0.roa
Signing time: Mon 04 May 2026 15:30:15 +0000
ROA not before: Mon 04 May 2026 15:30:15 +0000
ROA not after: Sun 02 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:6080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:b4:68:1c:ac:a9:8f:20:ee:28:dc:73:86:91:af:33:3a:75:c9:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 4 15:30:15 2026 GMT
Not After : Aug 2 23:59:59 2026 GMT
Subject: serialNumber=fbe63f4010c9bb7ca58565f2784a725bb6eec9f48a4e5e82ab2f0a8fc751c34d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:2f:bc:7a:bc:fb:6b:7c:d4:ba:29:03:f2:43:
a6:67:00:83:f8:43:fc:cd:ac:a1:59:ab:37:f6:46:
f6:59:7a:65:c0:f5:df:1b:f8:e3:aa:00:30:bc:6d:
68:4e:5c:f8:c7:33:ff:85:3d:fc:3a:e6:cf:a7:f7:
49:b8:cb:f7:91:39:54:8e:5e:89:df:60:8c:f8:7d:
d7:3e:b9:a6:d1:c8:03:fe:f6:3c:5b:81:d0:19:62:
95:e9:f6:f6:fa:d9:6f:7f:3b:8f:e5:c1:45:b9:da:
f7:70:45:61:95:b5:5c:84:29:d0:f9:65:8a:6a:79:
a2:ba:f8:69:de:22:13:77:17:37:d0:17:f7:27:d5:
1a:5a:f6:9c:1f:8d:d4:2c:06:9b:24:03:0d:43:dc:
7e:57:ab:06:30:29:7b:17:d7:60:07:e7:bc:96:a0:
fd:c6:4a:b8:6e:61:bb:ed:79:e1:bb:f3:47:8c:ce:
2b:93:13:79:6d:e8:5a:aa:9e:47:65:ae:43:10:20:
69:0d:a8:ee:fd:cd:15:01:f6:e4:0b:38:46:0f:ba:
97:9d:75:78:71:33:69:9e:34:fa:4e:d3:dd:c3:55:
64:98:0c:04:0c:86:2a:f1:7b:80:68:8f:b9:d2:9b:
c2:0c:db:b3:36:68:4e:6a:1d:63:8c:88:4d:ec:44:
60:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:F3:65:14:70:5F:A2:63:8A:48:F6:EB:B6:17:01:94:09:94:C4:0E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/486a9d1e-bc45-467a-9db2-1a7e5e9068f0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:6080::/46
Signature Algorithm: sha256WithRSAEncryption
63:23:93:f4:4c:17:fe:c8:5d:b4:6e:32:a8:53:d4:fe:dc:8b:
d2:0a:47:6c:87:c8:4b:00:28:b1:7f:38:05:c8:8c:35:8a:9c:
51:ed:3f:00:9e:71:e3:8d:db:f7:c7:ec:c6:69:ca:ab:ca:18:
cd:a0:5e:34:33:35:28:b7:03:9b:ec:f9:c2:18:8e:62:48:1f:
28:d3:a3:99:42:15:cb:db:95:57:52:fb:b1:58:af:ca:51:73:
57:95:94:01:ca:f8:8a:d1:f4:e3:b2:e8:1d:ff:0e:70:98:c4:
c9:de:aa:f5:e2:ca:11:1e:5f:07:32:b4:bd:1a:ea:b3:7b:52:
71:34:8e:2d:cd:6e:d4:86:e7:d3:5c:f9:91:f3:5a:63:76:97:
7b:49:51:74:75:ab:5e:d8:f7:cc:d6:78:6b:3e:c6:a4:b4:37:
5d:85:63:03:0c:4c:45:78:24:9b:6f:30:20:9e:04:a0:1a:9f:
9f:ce:1d:90:2b:4c:50:18:c5:8a:95:e3:6b:b4:77:72:65:55:
8f:9b:62:3b:e0:0e:21:65:2b:2e:5d:63:67:cf:f9:77:3f:3e:
5b:25:79:e9:b4:8f:c8:98:89:44:d7:81:38:b5:7e:d7:9a:f0:
fb:70:55:3f:21:49:d3:da:c9:c8:06:3c:d1:04:87:e7:7e:b5:
71:22:50:56
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUWbRoHKypjyDuKNxzhpGvMzp1ydYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDQxNTMwMTVaFw0yNjA4MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQGZiZTYzZjQwMTBjOWJiN2NhNTg1NjVmMjc4NGE3MjViYjZlZWM5ZjQ4YTRl
NWU4MmFiMmYwYThmYzc1MWMzNGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKAvvHq8+2t81LopA/JDpmcAg/hD/M2soVmrN/ZG9ll6ZcD13xv446oAMLxt
aE5c+Mcz/4U9/Drmz6f3SbjL95E5VI5eid9gjPh91z65ptHIA/72PFuB0Blilen2
9vrZb387j+XBRbna93BFYZW1XIQp0Pllimp5orr4ad4iE3cXN9AX9yfVGlr2nB+N
1CwGmyQDDUPcflerBjApexfXYAfnvJag/cZKuG5hu+154bvzR4zOK5MTeW3oWqqe
R2WuQxAgaQ2o7v3NFQH25As4Rg+6l511eHEzaZ40+k7T3cNVZJgMBAyGKvF7gGiP
udKbwgzbszZoTmodY4yITexEYAUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSt82UU
cF+iY4pI9uu2FwGUCZTEDjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDg2YTlkMWUtYmM0NS00NjdhLTlkYjItMWE3ZTVlOTA2OGYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HNg
gDANBgkqhkiG9w0BAQsFAAOCAQEAYyOT9EwX/shdtG4yqFPU/tyL0gpHbIfISwAo
sX84BciMNYqcUe0/AJ5x443b98fsxmnKq8oYzaBeNDM1KLcDm+z5whiOYkgfKNOj
mUIVy9uVV1L7sVivylFzV5WUAcr4itH047LoHf8OcJjEyd6q9eLKER5fBzK0vRrq
s3tScTSOLc1u1Ibn01z5kfNaY3aXe0lRdHWrXtj3zNZ4az7GpLQ3XYVjAwxMRXgk
m28wIJ4EoBqfn84dkCtMUBjFipXja7R3cmVVj5tiO+AOIWUrLl1jZ8/5dz8+WyV5
6bSPyJiJRNeBOLV+15rw+3BVPyFJ09rJyAY80QSH5361cSJQVg==
-----END CERTIFICATE-----
Generated at Tue May 12 23:12:53 2026 by rpki-client