Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e11a1fd-46e4-4d91-84e8-f174e0774136.roa
File: 6e11a1fd-46e4-4d91-84e8-f174e0774136.roa (raw, json)
Hash identifier: vCFAUMm3GDcixI0ylzjgZafwVeCXpgf4udfH2wEEGKE=
Subject key identifier: EC:63:CE:CA:18:BF:77:B2:AB:B8:1A:F1:DD:35:16:C0:87:F1:E0:BD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 456A32AECCCFB7A0BEA2DEA91131B2D7B8FCB993
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e11a1fd-46e4-4d91-84e8-f174e0774136.roa
Signing time: Mon 04 May 2026 15:30:14 +0000
ROA not before: Mon 04 May 2026 15:30:14 +0000
ROA not after: Sun 02 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:e0c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:6a:32:ae:cc:cf:b7:a0:be:a2:de:a9:11:31:b2:d7:b8:fc:b9:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 4 15:30:14 2026 GMT
Not After : Aug 2 23:59:59 2026 GMT
Subject: serialNumber=d4671ee932bc0a6190608cb9d6dd0427f4e3b7f84e6f8881668ed4066988a630, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:55:75:5b:f4:0f:61:b0:2d:f4:cb:75:48:3d:
7d:c7:5c:f2:75:24:f8:9e:f3:ad:01:db:6f:2c:98:
7e:1c:5b:b4:6d:3e:a9:8a:da:8f:30:ae:73:9e:0f:
21:8d:67:0f:01:fa:40:e9:ad:35:4d:95:79:a9:4e:
79:2a:1a:e6:b8:09:18:b5:12:83:16:3a:a8:4d:35:
6a:b7:81:7c:dd:74:2a:fb:56:ce:36:fc:4a:05:e6:
3a:f0:52:d1:2a:dc:fb:3f:9d:7b:b5:a7:51:60:f4:
96:cd:19:11:c1:20:18:e8:63:dd:97:9d:b9:76:cf:
91:9f:1d:c0:16:24:a0:24:87:a9:64:db:e3:e2:69:
32:c7:c0:1e:54:a2:2d:89:0e:9b:a5:a2:bf:54:50:
78:fa:a3:50:a0:df:f8:4e:bf:eb:fc:e9:51:de:30:
ac:7a:7d:c5:1c:2b:37:38:56:af:ba:9f:6c:ec:43:
b4:93:cb:1b:72:8f:15:f1:90:16:c9:30:41:22:6d:
77:01:29:e3:a0:47:85:4e:4b:be:20:a3:ea:4b:8f:
88:e8:11:e8:b0:0e:39:c2:a5:85:30:0a:aa:7e:a1:
36:88:1d:d5:9c:f5:dc:ae:f3:31:57:e5:f7:c8:e4:
4a:6e:61:c5:47:e7:e8:d6:86:7e:3a:d2:57:a5:65:
5d:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:63:CE:CA:18:BF:77:B2:AB:B8:1A:F1:DD:35:16:C0:87:F1:E0:BD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e11a1fd-46e4-4d91-84e8-f174e0774136.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:e0c0::/46
Signature Algorithm: sha256WithRSAEncryption
1d:6b:fa:1a:0a:04:59:5a:48:21:0a:6a:70:80:35:89:be:d3:
59:e0:41:7a:5b:10:bb:6d:21:97:ec:65:3c:0c:1e:9d:8b:9b:
45:36:43:92:92:b1:c9:16:26:db:74:23:f4:a5:a7:14:ff:5d:
87:6f:e9:e0:f8:2d:d3:f0:77:38:22:22:f1:e0:1d:68:5e:4d:
13:da:21:4c:20:cb:52:be:e0:9a:68:bd:b8:98:7f:e1:b8:71:
eb:6f:49:e1:63:aa:38:7b:f5:64:ad:04:5b:c8:21:50:16:42:
f4:b8:d2:93:98:a9:d5:8e:47:8f:e9:e1:f3:af:25:4d:3b:ed:
91:ef:71:3d:6a:f4:2f:37:38:41:0d:f8:66:59:ab:05:14:b9:
f6:a0:a9:e8:1a:e4:5c:f4:9b:83:ed:7f:47:42:dd:97:b1:ce:
e1:0d:32:7d:b3:73:5d:c2:46:41:00:fb:de:05:55:49:1d:eb:
74:ff:a5:19:18:74:03:5c:48:1b:65:06:47:a5:c1:8f:ca:af:
97:b9:4a:52:85:d5:f7:8a:39:f1:e6:f9:56:5d:19:9c:ea:20:
17:1e:bb:20:f5:0d:a1:34:8c:78:42:1b:b9:db:dc:e9:6d:4a:
34:c3:d1:82:50:7d:51:5f:36:7f:27:7c:12:85:1d:6c:45:a2:
7a:46:e1:ad
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIURWoyrszPt6C+ot6pETGy17j8uZMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDQxNTMwMTRaFw0yNjA4MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ0NjcxZWU5MzJiYzBhNjE5MDYwOGNiOWQ2ZGQwNDI3ZjRlM2I3Zjg0ZTZm
ODg4MTY2OGVkNDA2Njk4OGE2MzAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKpVdVv0D2GwLfTLdUg9fcdc8nUk+J7zrQHbbyyYfhxbtG0+qYrajzCuc54P
IY1nDwH6QOmtNU2VealOeSoa5rgJGLUSgxY6qE01areBfN10KvtWzjb8SgXmOvBS
0Src+z+de7WnUWD0ls0ZEcEgGOhj3ZeduXbPkZ8dwBYkoCSHqWTb4+JpMsfAHlSi
LYkOm6Wiv1RQePqjUKDf+E6/6/zpUd4wrHp9xRwrNzhWr7qfbOxDtJPLG3KPFfGQ
FskwQSJtdwEp46BHhU5LviCj6kuPiOgR6LAOOcKlhTAKqn6hNogd1Zz13K7zMVfl
98jkSm5hxUfn6NaGfjrSV6VlXV0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTsY87K
GL93squ4GvHdNRbAh/HgvTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmUxMWExZmQtNDZlNC00ZDkxLTg0ZTgtZjE3NGUwNzc0MTM2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HPg
wDANBgkqhkiG9w0BAQsFAAOCAQEAHWv6GgoEWVpIIQpqcIA1ib7TWeBBelsQu20h
l+xlPAwenYubRTZDkpKxyRYm23Qj9KWnFP9dh2/p4Pgt0/B3OCIi8eAdaF5NE9oh
TCDLUr7gmmi9uJh/4bhx629J4WOqOHv1ZK0EW8ghUBZC9LjSk5ip1Y5Hj+nh868l
TTvtke9xPWr0Lzc4QQ34ZlmrBRS59qCp6BrkXPSbg+1/R0Ldl7HO4Q0yfbNzXcJG
QQD73gVVSR3rdP+lGRh0A1xIG2UGR6XBj8qvl7lKUoXV94o58eb5Vl0ZnOogFx67
IPUNoTSMeEIbudvc6W1KNMPRglB9UV82fyd8EoUdbEWiekbhrQ==
-----END CERTIFICATE-----
Generated at Tue May 12 22:58:55 2026 by rpki-client