Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68b6fd3e-e06c-4456-bd88-6e8d9ce92b22.roa
File: 68b6fd3e-e06c-4456-bd88-6e8d9ce92b22.roa (raw, json)
Hash identifier: yxqe3OahkWd5LxGJ3JhLvATeL02xpURk0+qLEPhfnqw=
Subject key identifier: 86:D8:0C:D3:D8:A3:0E:2B:4D:34:C0:86:C9:F3:46:0C:1A:50:A4:71
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6A19F659CB453271895BB8E808B984A3DB3BFFEA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68b6fd3e-e06c-4456-bd88-6e8d9ce92b22.roa
Signing time: Mon 04 May 2026 15:20:58 +0000
ROA not before: Mon 04 May 2026 15:20:58 +0000
ROA not after: Sun 02 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:c000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:19:f6:59:cb:45:32:71:89:5b:b8:e8:08:b9:84:a3:db:3b:ff:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 4 15:20:58 2026 GMT
Not After : Aug 2 23:59:59 2026 GMT
Subject: serialNumber=eba4d7bb040fa80f87b2835cd26ba584596602dc5a8609a384385164a5131c03, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:de:26:27:0b:d0:01:7b:57:c3:e4:dd:93:52:
95:2b:00:29:9c:a4:95:16:ce:36:23:80:d3:e2:ad:
74:8f:71:63:72:28:7f:ff:54:bf:c2:56:9e:79:f5:
9d:01:c9:9a:05:8f:7b:87:cc:40:74:68:b6:e7:bc:
f9:cf:eb:97:97:01:49:ab:33:0d:40:7e:a2:fb:0d:
4a:0c:a8:65:c1:79:43:20:01:67:17:26:79:d2:d6:
c5:b2:49:85:17:30:e2:66:a7:2f:74:cb:2c:e7:12:
06:ff:8b:48:0a:c3:d7:30:37:cd:13:53:ed:29:f3:
7b:e4:6d:7a:f4:0d:2e:63:f7:70:83:11:30:74:96:
d0:73:6b:41:04:55:83:f1:fd:09:f2:85:ef:8a:53:
d8:ae:86:e1:6c:a1:69:58:7c:c5:86:79:84:73:c6:
fd:af:eb:19:6a:17:26:70:80:09:a5:0e:b8:b7:cd:
2a:0f:38:f0:67:89:8c:b8:1c:77:34:7c:bb:c1:a8:
81:73:a6:d5:5d:fa:bb:64:6f:d6:54:1a:99:8d:35:
33:99:4d:4f:5e:42:d4:b8:3b:3d:b5:9f:0a:47:d4:
b3:09:a2:7a:54:a5:4e:8d:66:f1:28:fe:c5:66:c3:
5c:62:62:92:d2:05:b2:54:7d:04:ca:17:12:91:f7:
d9:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:D8:0C:D3:D8:A3:0E:2B:4D:34:C0:86:C9:F3:46:0C:1A:50:A4:71
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/68b6fd3e-e06c-4456-bd88-6e8d9ce92b22.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:c000::/40
Signature Algorithm: sha256WithRSAEncryption
02:f4:7d:d7:b3:b1:8f:50:1f:be:46:18:82:5d:e1:fc:a2:a1:
79:22:78:3b:05:de:0e:06:21:5e:f1:f2:1a:21:90:df:c4:42:
3e:80:00:e0:b3:00:72:ff:ab:a1:19:1e:4e:a7:a2:7f:82:dd:
f8:83:7e:2c:d1:59:34:8d:df:f2:b0:e3:2a:10:4a:94:3e:6b:
d0:6d:d8:bf:de:61:9a:e6:46:a6:36:29:80:59:c0:f9:f1:7c:
2f:04:13:d9:77:c8:71:9e:0b:12:d6:98:af:88:86:30:61:43:
0d:df:26:8d:55:61:a4:31:e1:3d:cb:cf:84:5b:dd:d2:0e:6a:
fc:7b:a1:ae:ee:e9:c5:3b:da:3b:f0:c4:67:38:65:e9:33:3b:
2a:dc:eb:b8:6d:53:6b:55:59:a9:7d:ef:93:d4:5a:47:48:d3:
ad:22:e1:b2:77:5c:f4:99:1d:44:20:b9:57:65:f0:a9:63:f6:
d9:da:0f:ae:1d:d8:27:db:b0:5d:01:8c:04:9c:8b:99:7a:79:
60:ef:a1:b9:f0:df:6d:c7:40:d6:6d:28:8c:49:ff:6d:19:aa:
b3:6e:61:ef:51:e0:1e:af:81:97:d7:28:8d:90:24:63:e7:d2:
dc:48:d5:4f:df:13:dd:c9:76:cd:9f:56:92:fc:06:17:b6:c5:
5e:6f:c1:b7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUahn2WctFMnGJW7joCLmEo9s7/+owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDQxNTIwNThaFw0yNjA4MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQGViYTRkN2JiMDQwZmE4MGY4N2IyODM1Y2QyNmJhNTg0NTk2NjAyZGM1YTg2
MDlhMzg0Mzg1MTY0YTUxMzFjMDMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAILeJicL0AF7V8Pk3ZNSlSsAKZyklRbONiOA0+KtdI9xY3Iof/9Uv8JWnnn1
nQHJmgWPe4fMQHRotue8+c/rl5cBSaszDUB+ovsNSgyoZcF5QyABZxcmedLWxbJJ
hRcw4manL3TLLOcSBv+LSArD1zA3zRNT7Snze+RtevQNLmP3cIMRMHSW0HNrQQRV
g/H9CfKF74pT2K6G4WyhaVh8xYZ5hHPG/a/rGWoXJnCACaUOuLfNKg848GeJjLgc
dzR8u8GogXOm1V36u2Rv1lQamY01M5lNT15C1Lg7PbWfCkfUswmielSlTo1m8Sj+
xWbDXGJiktIFslR9BMoXEpH32bUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSG2AzT
2KMOK000wIbJ80YMGlCkcTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjhiNmZkM2UtZTA2Yy00NDU2LWJkODgtNmU4ZDljZTkyYjIyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HLA
MA0GCSqGSIb3DQEBCwUAA4IBAQAC9H3Xs7GPUB++RhiCXeH8oqF5Ing7Bd4OBiFe
8fIaIZDfxEI+gADgswBy/6uhGR5Op6J/gt34g34s0Vk0jd/ysOMqEEqUPmvQbdi/
3mGa5kamNimAWcD58XwvBBPZd8hxngsS1piviIYwYUMN3yaNVWGkMeE9y8+EW93S
Dmr8e6Gu7unFO9o78MRnOGXpMzsq3Ou4bVNrVVmpfe+T1FpHSNOtIuGyd1z0mR1E
ILlXZfCpY/bZ2g+uHdgn27BdAYwEnIuZenlg76G58N9tx0DWbSiMSf9tGaqzbmHv
UeAer4GX1yiNkCRj59LcSNVP3xPdyXbNn1aS/AYXtsVeb8G3
-----END CERTIFICATE-----
Generated at Tue May 12 23:13:46 2026 by rpki-client