Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a5fec2d-2c40-4068-9bcf-c47d7601d087.roa
File: 9a5fec2d-2c40-4068-9bcf-c47d7601d087.roa (raw, json)
Hash identifier: Nsjs8BvfCaVyzZEmG6O1/3gbYDMkE7xtVa6OXAFAs7U=
Subject key identifier: 02:60:B6:29:03:C4:59:C4:76:39:23:91:98:86:79:E9:2E:12:1F:FF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6DF796A4428500B98843BCEB7C6A38DA77CC4CC6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a5fec2d-2c40-4068-9bcf-c47d7601d087.roa
Signing time: Mon 04 May 2026 15:20:57 +0000
ROA not before: Mon 04 May 2026 15:20:57 +0000
ROA not after: Sun 02 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:90c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:f7:96:a4:42:85:00:b9:88:43:bc:eb:7c:6a:38:da:77:cc:4c:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 4 15:20:57 2026 GMT
Not After : Aug 2 23:59:59 2026 GMT
Subject: serialNumber=a2956a1452db1ef0c20164fcd69b1b200bcf37a0bd883df22c10ea12b3324588, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:d4:8a:a6:39:d0:fd:86:a0:43:9e:4e:95:2f:
dc:78:b4:c4:3e:ac:30:50:75:7d:3a:ea:84:e9:b1:
e0:c3:9c:f9:0e:42:fc:47:b5:ed:d0:01:ca:d8:5f:
1a:bd:d8:36:c7:d2:77:af:07:8d:c2:4f:e4:7a:e0:
4f:e8:ec:ec:a3:b2:48:41:53:5e:6e:5b:fc:9d:91:
da:25:4c:07:7f:42:65:6c:33:30:41:e2:bd:c7:67:
53:0f:ed:16:3d:39:ef:7c:48:76:b4:87:57:7c:4c:
d8:3d:4d:e1:e7:af:40:9b:59:08:f0:c5:6d:29:45:
6b:6f:bf:c1:84:9f:66:b0:c9:93:f6:ed:cc:73:54:
32:15:49:a2:52:f8:7f:d1:30:43:c6:13:b8:c2:0b:
9a:c2:a8:6b:da:b1:80:d9:b9:11:2b:32:f2:e9:4b:
d3:46:f4:46:bb:44:c0:7c:ff:a7:4e:be:f7:c9:d9:
b1:b6:78:e0:0f:46:e9:50:f7:88:5c:b2:99:40:6f:
25:ab:4a:81:46:f4:5d:e2:9a:ff:76:ee:25:31:a7:
d2:c3:25:01:e0:51:51:27:c5:25:9f:9d:eb:68:ba:
7d:5f:fb:d5:e4:86:c3:6a:e8:a7:9d:bb:7b:67:3f:
ca:fe:34:de:ce:4e:df:a0:b9:e5:47:22:72:0a:82:
e4:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:60:B6:29:03:C4:59:C4:76:39:23:91:98:86:79:E9:2E:12:1F:FF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9a5fec2d-2c40-4068-9bcf-c47d7601d087.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:90c0::/46
Signature Algorithm: sha256WithRSAEncryption
12:3f:d9:7d:a3:ce:dd:26:3e:38:a3:13:e6:de:47:8b:c5:35:
2a:5e:98:2d:b9:d0:1d:8c:9c:44:25:0e:12:66:7e:79:52:bc:
75:dd:c2:f3:03:00:eb:ea:06:03:a3:69:2c:cb:79:20:38:fc:
b3:eb:79:c1:a7:c6:2f:5f:c5:61:6a:04:16:43:cc:0d:6f:31:
25:ab:f2:69:50:d2:24:bf:ca:f7:49:d9:63:cd:e9:97:25:b0:
98:86:09:f1:c9:23:c1:55:a6:d7:68:b6:f3:30:17:fa:66:b9:
4a:ef:82:da:f8:fd:af:e0:4f:eb:53:c2:65:a5:b4:40:43:a3:
1b:03:fa:68:19:64:40:df:78:cc:50:d6:5a:ee:56:e3:3f:59:
39:b9:f5:04:9b:7c:3d:e0:06:be:32:79:f7:69:13:34:a2:6c:
a1:c0:c4:a5:83:76:78:27:13:ad:b3:5f:65:29:ce:51:52:1b:
df:02:c0:a4:a6:b7:84:59:0c:e6:99:b0:e8:ea:70:61:f5:dd:
c6:af:ea:dc:5b:61:bb:4a:88:b9:6a:40:a7:1b:92:54:53:79:
35:22:7f:e1:98:d2:6a:8a:0b:27:27:1f:35:75:92:7b:85:c4:
3d:72:d9:28:f7:a3:c4:c9:bb:ef:87:20:39:20:1d:30:4b:0b:
1b:5b:94:d3
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUbfeWpEKFALmIQ7zrfGo42nfMTMYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDQxNTIwNTdaFw0yNjA4MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQGEyOTU2YTE0NTJkYjFlZjBjMjAxNjRmY2Q2OWIxYjIwMGJjZjM3YTBiZDg4
M2RmMjJjMTBlYTEyYjMzMjQ1ODgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKnUiqY50P2GoEOeTpUv3Hi0xD6sMFB1fTrqhOmx4MOc+Q5C/Ee17dABythf
Gr3YNsfSd68HjcJP5HrgT+js7KOySEFTXm5b/J2R2iVMB39CZWwzMEHivcdnUw/t
Fj0573xIdrSHV3xM2D1N4eevQJtZCPDFbSlFa2+/wYSfZrDJk/btzHNUMhVJolL4
f9EwQ8YTuMILmsKoa9qxgNm5ESsy8ulL00b0RrtEwHz/p06+98nZsbZ44A9G6VD3
iFyymUBvJatKgUb0XeKa/3buJTGn0sMlAeBRUSfFJZ+d62i6fV/71eSGw2rop527
e2c/yv403s5O36C55UcicgqC5N0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQCYLYp
A8RZxHY5I5GYhnnpLhIf/zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWE1ZmVjMmQtMmM0MC00MDY4LTliY2YtYzQ3ZDc2MDFkMDg3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HOQ
wDANBgkqhkiG9w0BAQsFAAOCAQEAEj/ZfaPO3SY+OKMT5t5Hi8U1Kl6YLbnQHYyc
RCUOEmZ+eVK8dd3C8wMA6+oGA6NpLMt5IDj8s+t5wafGL1/FYWoEFkPMDW8xJavy
aVDSJL/K90nZY83plyWwmIYJ8ckjwVWm12i28zAX+ma5Su+C2vj9r+BP61PCZaW0
QEOjGwP6aBlkQN94zFDWWu5W4z9ZObn1BJt8PeAGvjJ592kTNKJsocDEpYN2eCcT
rbNfZSnOUVIb3wLApKa3hFkM5pmw6OpwYfXdxq/q3Fthu0qIuWpApxuSVFN5NSJ/
4ZjSaooLJycfNXWSe4XEPXLZKPejxMm774cgOSAdMEsLG1uU0w==
-----END CERTIFICATE-----
Generated at Tue May 12 23:13:01 2026 by rpki-client