Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cceafdf4-c97a-45c6-a4d2-b319afc6f49e.roa
File: cceafdf4-c97a-45c6-a4d2-b319afc6f49e.roa (raw, json)
Hash identifier: AHyVpYRdniIdjliU/QOs+loBnP/r5JCfN9PddACoUbw=
Subject key identifier: 6C:F1:68:6E:21:69:B0:A4:64:9F:7E:9C:3A:E8:5C:4F:9E:C3:37:D2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 059146FAC65A9CF3562CF063D7AD682239B0650A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cceafdf4-c97a-45c6-a4d2-b319afc6f49e.roa
Signing time: Mon 04 May 2026 15:20:08 +0000
ROA not before: Mon 04 May 2026 15:20:08 +0000
ROA not after: Sun 02 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:8040::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:91:46:fa:c6:5a:9c:f3:56:2c:f0:63:d7:ad:68:22:39:b0:65:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 4 15:20:08 2026 GMT
Not After : Aug 2 23:59:59 2026 GMT
Subject: serialNumber=e27a48aec5a641e910af78b2aeb3b8c350548d7b6e4699ebfecfc39c9eccf12d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:e1:7c:84:5f:a6:1f:4b:53:3c:30:4b:be:5d:
53:1a:c8:75:96:02:7a:dc:94:f0:7c:03:b4:32:47:
11:6e:16:6c:00:2d:35:73:b1:1e:a6:b2:7a:86:85:
6a:db:a2:54:36:c4:d8:3f:ed:6e:65:26:05:98:c3:
15:13:f7:4d:a8:c3:40:83:e5:39:de:af:4c:c8:c5:
16:22:c7:46:64:2d:0d:96:00:26:29:d9:14:d6:9b:
84:b6:23:f6:d6:fb:e1:39:f0:5b:4b:7d:d5:b4:9e:
38:a3:c9:9b:c7:d8:45:72:5e:42:64:f3:4b:4e:e6:
4e:76:58:b0:d7:97:ee:0b:e3:17:69:4a:30:37:ad:
ff:04:18:22:50:f7:0e:94:c9:d2:d4:f7:d2:b8:38:
18:3c:5e:f0:1b:15:84:66:b2:a1:26:56:e6:d0:7a:
36:5e:89:17:ba:87:68:f4:9a:57:33:4d:c6:0d:fb:
1f:fd:90:18:c7:8f:af:bd:e8:b0:15:5b:17:cf:f2:
07:1f:f3:a0:a9:cd:24:5a:f4:1e:91:a0:82:50:05:
bc:ea:8b:42:d7:88:ba:bb:79:ae:63:95:9f:88:77:
8a:af:6f:54:2e:bf:4b:8e:79:e5:e3:2b:96:ef:5f:
de:ec:c8:56:c7:cf:2a:3b:ee:05:5a:64:29:ab:e2:
b1:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:F1:68:6E:21:69:B0:A4:64:9F:7E:9C:3A:E8:5C:4F:9E:C3:37:D2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cceafdf4-c97a-45c6-a4d2-b319afc6f49e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:8040::/46
Signature Algorithm: sha256WithRSAEncryption
9e:d6:3d:11:49:61:35:ab:0b:b0:2c:0e:c2:fb:26:85:81:22:
c9:ac:f0:b7:d9:bb:ee:b3:b9:dc:cb:a8:5a:2a:37:6c:02:9b:
2a:07:af:54:0c:35:c0:03:44:07:45:19:7c:c2:04:c7:4a:a5:
37:e9:21:b8:31:59:cd:0d:25:6a:a2:40:3e:29:38:88:72:cd:
2b:ed:bd:bd:74:5d:7c:2f:d1:7f:86:70:52:17:7a:f9:e1:9c:
62:f9:95:e7:fc:80:dd:8f:8a:4b:3a:97:67:99:46:59:52:35:
55:95:b5:de:82:ab:e7:66:16:ec:47:08:73:99:55:be:ce:60:
74:f6:75:fc:c5:2f:8d:01:a1:83:43:dd:cd:63:0a:96:cf:99:
31:3e:0d:43:1e:26:46:c4:ad:1d:59:ad:18:db:b2:85:2a:49:
62:47:9c:77:33:81:aa:c2:99:f9:fd:22:94:96:08:b0:54:15:
c1:53:48:2f:9e:4a:99:69:c4:dd:04:5a:80:20:6b:23:02:69:
1a:30:1e:a2:5e:db:34:cc:a4:ae:7d:f2:74:90:28:9d:fd:2a:
2a:75:a6:a0:d5:67:40:57:4b:38:a3:ff:8b:57:3b:17:15:32:
cd:dc:de:6b:8c:59:a4:4d:e1:5c:18:34:34:13:60:cd:81:29:
b8:75:2e:9d
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUBZFG+sZanPNWLPBj161oIjmwZQowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDQxNTIwMDhaFw0yNjA4MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQGUyN2E0OGFlYzVhNjQxZTkxMGFmNzhiMmFlYjNiOGMzNTA1NDhkN2I2ZTQ2
OTllYmZlY2ZjMzljOWVjY2YxMmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMDhfIRfph9LUzwwS75dUxrIdZYCetyU8HwDtDJHEW4WbAAtNXOxHqayeoaF
atuiVDbE2D/tbmUmBZjDFRP3TajDQIPlOd6vTMjFFiLHRmQtDZYAJinZFNabhLYj
9tb74TnwW0t91bSeOKPJm8fYRXJeQmTzS07mTnZYsNeX7gvjF2lKMDet/wQYIlD3
DpTJ0tT30rg4GDxe8BsVhGayoSZW5tB6Nl6JF7qHaPSaVzNNxg37H/2QGMePr73o
sBVbF8/yBx/zoKnNJFr0HpGgglAFvOqLQteIurt5rmOVn4h3iq9vVC6/S4555eMr
lu9f3uzIVsfPKjvuBVpkKavisUECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRs8Whu
IWmwpGSffpw66FxPnsM30jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2NlYWZkZjQtYzk3YS00NWM2LWE0ZDItYjMxOWFmYzZmNDllLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HOA
QDANBgkqhkiG9w0BAQsFAAOCAQEAntY9EUlhNasLsCwOwvsmhYEiyazwt9m77rO5
3MuoWio3bAKbKgevVAw1wANEB0UZfMIEx0qlN+khuDFZzQ0laqJAPik4iHLNK+29
vXRdfC/Rf4ZwUhd6+eGcYvmV5/yA3Y+KSzqXZ5lGWVI1VZW13oKr52YW7EcIc5lV
vs5gdPZ1/MUvjQGhg0PdzWMKls+ZMT4NQx4mRsStHVmtGNuyhSpJYkecdzOBqsKZ
+f0ilJYIsFQVwVNIL55KmWnE3QRagCBrIwJpGjAeol7bNMykrn3ydJAonf0qKnWm
oNVnQFdLOKP/i1c7FxUyzdzea4xZpE3hXBg0NBNgzYEpuHUunQ==
-----END CERTIFICATE-----
Generated at Tue May 12 23:12:54 2026 by rpki-client