Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e236a15-c957-4409-8a2a-3a19150d1b43.roa
File: 6e236a15-c957-4409-8a2a-3a19150d1b43.roa (raw, json)
Hash identifier: eOpYqFKbqe43GoAhSfVm/XSUpfwoHzJwZYKcUs/cG5U=
Subject key identifier: FC:F8:0F:B2:BF:18:BA:7E:15:06:5D:EE:D3:F8:BF:42:D7:06:01:00
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7408B9ACB77A49D29569D0AFA15C8171E5ADF50F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e236a15-c957-4409-8a2a-3a19150d1b43.roa
Signing time: Mon 11 May 2026 01:40:06 +0000
ROA not before: Mon 11 May 2026 01:40:06 +0000
ROA not after: Sun 09 Aug 2026 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d030:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:08:b9:ac:b7:7a:49:d2:95:69:d0:af:a1:5c:81:71:e5:ad:f5:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 11 01:40:06 2026 GMT
Not After : Aug 9 23:59:59 2026 GMT
Subject: serialNumber=35b40eedf47491427c84634b9f508b08edb0ee64ab902ed637f843c5cfc677fa, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:aa:f2:27:5c:c7:e6:16:14:e4:74:10:b9:80:
7c:4b:f5:a7:f2:db:f1:67:2b:04:e3:6e:2b:8a:04:
22:e1:b2:30:ef:67:33:26:70:9c:50:2c:a6:b5:78:
0a:f0:1a:72:2e:ea:48:0a:d6:dc:51:94:44:3a:6c:
c9:9b:c6:2e:01:6b:e0:d8:88:72:98:80:b6:1e:a5:
d8:cb:4a:9f:cc:98:05:51:61:03:bf:f1:05:4e:f1:
6d:ff:72:75:d2:ec:2f:df:09:c8:69:81:4f:80:45:
2c:d8:79:79:ed:8f:b0:07:a0:97:f0:1e:9d:ef:4f:
b5:61:f0:47:fc:cd:2d:56:90:17:40:48:04:c3:12:
9e:18:50:6f:94:11:9b:fc:ba:e5:de:bb:5c:0e:81:
c4:f1:60:59:ca:54:76:1b:8a:88:a7:ff:3a:85:99:
ec:57:4d:f3:5e:3b:80:99:f0:d5:af:f9:6b:c9:db:
3f:91:12:88:b1:b8:02:3d:c0:c2:32:3c:45:a9:3b:
15:7b:6c:5d:c9:40:8f:b1:3b:ab:63:22:53:17:54:
a4:df:86:67:cf:d6:05:aa:1b:7a:5a:89:9f:4f:0a:
88:fb:64:86:cd:78:c6:45:f0:da:8d:54:ed:89:67:
b2:c5:2e:64:59:8f:49:b0:03:c3:ba:08:da:5a:60:
2f:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:F8:0F:B2:BF:18:BA:7E:15:06:5D:EE:D3:F8:BF:42:D7:06:01:00
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6e236a15-c957-4409-8a2a-3a19150d1b43.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:9000::/40
Signature Algorithm: sha256WithRSAEncryption
7c:90:95:4a:cc:b2:01:4e:ce:5e:f0:c9:54:0f:fe:da:42:90:
f3:5a:76:0b:b8:14:b1:67:06:51:4b:08:a6:0c:28:f2:35:2e:
28:ca:57:77:a4:0b:82:4e:fa:71:41:28:ba:af:42:1f:09:66:
7f:83:f1:08:5f:88:7f:df:ff:ef:3b:4d:16:0a:a3:9f:df:7f:
ca:47:d8:39:11:3f:49:2f:d1:4a:13:5e:df:fd:07:29:44:3c:
cc:e2:46:72:18:fa:87:1a:33:03:a5:cd:0e:6b:8e:84:9f:74:
20:79:40:8d:d2:de:10:9b:1b:7d:ff:34:ca:20:7d:38:a1:6d:
95:42:c1:0e:fa:2c:54:1a:52:46:cc:2d:33:c1:fd:98:79:b9:
b4:20:d9:f3:6a:47:41:1c:4c:ca:85:f7:a4:cb:ca:19:2b:58:
f4:41:df:a7:90:4b:6f:ea:89:f4:af:b9:41:e0:61:74:bc:dc:
85:de:93:04:73:1b:59:b6:2f:83:9b:f2:ba:d3:22:2c:5d:b3:
c5:bf:3c:f8:f6:21:83:95:d2:fe:a8:2c:35:d9:fb:10:56:1c:
f7:6a:d4:80:55:66:41:ce:84:a2:6a:05:99:a4:1d:52:f9:c1:
18:87:c3:30:1f:ad:c8:6d:1a:7d:58:f9:b9:78:98:38:2c:4a:
cf:f7:9a:b3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdAi5rLd6SdKVadCvoVyBceWt9Q8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTEwMTQwMDZaFw0yNjA4MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDM1YjQwZWVkZjQ3NDkxNDI3Yzg0NjM0YjlmNTA4YjA4ZWRiMGVlNjRhYjkw
MmVkNjM3Zjg0M2M1Y2ZjNjc3ZmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALOq8idcx+YWFOR0ELmAfEv1p/Lb8WcrBONuK4oEIuGyMO9nMyZwnFAsprV4
CvAaci7qSArW3FGURDpsyZvGLgFr4NiIcpiAth6l2MtKn8yYBVFhA7/xBU7xbf9y
ddLsL98JyGmBT4BFLNh5ee2PsAegl/Aene9PtWHwR/zNLVaQF0BIBMMSnhhQb5QR
m/y65d67XA6BxPFgWcpUdhuKiKf/OoWZ7FdN8147gJnw1a/5a8nbP5ESiLG4Aj3A
wjI8Rak7FXtsXclAj7E7q2MiUxdUpN+GZ8/WBaobelqJn08KiPtkhs14xkXw2o1U
7YlnssUuZFmPSbADw7oI2lpgL+cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT8+A+y
vxi6fhUGXe7T+L9C1wYBADAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmUyMzZhMTUtYzk1Ny00NDA5LThhMmEtM2ExOTE1MGQxYjQzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DCQ
MA0GCSqGSIb3DQEBCwUAA4IBAQB8kJVKzLIBTs5e8MlUD/7aQpDzWnYLuBSxZwZR
SwimDCjyNS4oyld3pAuCTvpxQSi6r0IfCWZ/g/EIX4h/3//vO00WCqOf33/KR9g5
ET9JL9FKE17f/QcpRDzM4kZyGPqHGjMDpc0Oa46En3QgeUCN0t4Qmxt9/zTKIH04
oW2VQsEO+ixUGlJGzC0zwf2Yebm0INnzakdBHEzKhfeky8oZK1j0Qd+nkEtv6on0
r7lB4GF0vNyF3pMEcxtZti+Dm/K60yIsXbPFvzz49iGDldL+qCw12fsQVhz3atSA
VWZBzoSiagWZpB1S+cEYh8MwH63IbRp9WPm5eJg4LErP95qz
-----END CERTIFICATE-----
Generated at Tue May 12 22:23:51 2026 by rpki-client