Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/de8b1a9f-0a06-4e9e-a49e-a5abeb7a4707.roa
File: de8b1a9f-0a06-4e9e-a49e-a5abeb7a4707.roa (raw, json)
Hash identifier: w23vrZWypNLcpNXbefN7ykmWcB229dgjOIV0wKU4hbg=
Subject key identifier: E7:4B:58:B7:D1:C9:8A:EF:1F:AE:F8:7B:07:C7:02:2B:0E:FE:85:66
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 669E6A58D53130D52BEEA04EC663A3AFAFE0E32D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/de8b1a9f-0a06-4e9e-a49e-a5abeb7a4707.roa
Signing time: Mon 04 May 2026 15:20:06 +0000
ROA not before: Mon 04 May 2026 15:20:06 +0000
ROA not after: Sun 02 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:e080::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:9e:6a:58:d5:31:30:d5:2b:ee:a0:4e:c6:63:a3:af:af:e0:e3:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 4 15:20:06 2026 GMT
Not After : Aug 2 23:59:59 2026 GMT
Subject: serialNumber=887405bae3df7e0f1e04cc41e71adaa10755663ffe8b8f01176658065ea93aab, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:de:6c:b1:22:6f:87:5d:32:8b:df:2c:74:35:
94:df:1c:39:c7:d0:e8:4e:59:88:fe:d2:23:11:97:
b1:62:1e:55:2a:3c:e8:f4:99:c2:d8:28:b5:1e:73:
48:68:80:b6:b0:06:af:da:b8:2d:d0:60:64:21:18:
7b:9a:25:bd:5f:95:a5:98:f5:3a:0e:46:35:23:93:
b4:41:fe:bd:bf:b1:d1:7b:4b:13:67:49:99:17:fd:
96:f0:74:7c:a1:b1:06:51:bd:d5:2e:2e:8e:eb:83:
dd:11:b5:73:63:33:98:55:1d:fa:19:69:3f:82:77:
ee:ae:7d:e4:2e:0c:aa:6e:8f:73:59:4b:58:18:fb:
13:ce:cf:27:53:22:84:94:8a:66:c2:d1:66:18:64:
62:39:9e:ac:fe:4e:d7:62:e3:fa:b4:b7:67:d8:da:
9d:6d:b4:cb:a0:2c:8e:c6:1a:af:0e:e0:16:25:8b:
6a:27:21:31:73:20:fe:b8:0d:48:94:cc:41:29:41:
ee:b8:d5:fe:7c:ac:c2:94:af:61:da:a7:07:16:b9:
b3:2d:a0:bf:a4:59:b8:5a:4b:a0:6a:71:55:6a:b4:
bc:fc:73:a6:df:df:2d:75:93:e5:ee:e1:02:65:c0:
2f:de:33:5d:23:c7:e2:72:02:31:a1:00:57:9d:86:
3f:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:4B:58:B7:D1:C9:8A:EF:1F:AE:F8:7B:07:C7:02:2B:0E:FE:85:66
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/de8b1a9f-0a06-4e9e-a49e-a5abeb7a4707.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:e080::/46
Signature Algorithm: sha256WithRSAEncryption
96:10:4c:ac:f1:9e:5e:1d:36:45:ee:7b:56:f9:5b:0f:db:f1:
bc:6b:b4:e9:14:72:50:05:45:b1:d4:61:39:db:63:c9:66:68:
7d:f5:03:90:85:aa:f3:d7:d7:20:49:7c:b4:dd:6a:77:8e:ba:
4a:71:df:26:9f:9a:aa:43:57:96:74:3a:0f:fd:79:0d:38:db:
68:a3:1c:30:4d:a9:af:96:bf:59:43:28:a1:af:31:17:22:6c:
76:2d:79:09:03:34:9b:55:c2:89:c4:a6:cc:f0:f2:a7:30:d6:
cd:b3:d6:ea:13:d4:80:ac:30:e8:f8:4c:2e:df:53:87:83:55:
42:75:63:a8:89:f8:f7:5e:5e:93:98:3b:bd:be:77:d4:d7:06:
97:8d:95:53:ed:4e:61:ee:52:ec:b4:12:ca:a3:e8:3b:a0:45:
6b:fb:cb:21:78:12:9f:1d:f9:fd:84:d4:47:ec:83:78:e1:76:
96:27:5a:68:d9:4a:0c:a2:09:4f:4d:d4:9b:8f:d3:ec:3c:82:
22:eb:ed:f4:07:59:e8:1d:3b:a9:28:b2:5b:dd:8f:09:4b:40:
81:c3:d1:0c:74:45:bc:6f:76:04:65:2a:2d:c0:cf:68:76:f2:
1b:5e:a0:54:07:aa:eb:09:07:23:ed:f5:50:1a:14:92:15:06:
cd:2d:73:11
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUZp5qWNUxMNUr7qBOxmOjr6/g4y0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDQxNTIwMDZaFw0yNjA4MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDg4NzQwNWJhZTNkZjdlMGYxZTA0Y2M0MWU3MWFkYWExMDc1NTY2M2ZmZThi
OGYwMTE3NjY1ODA2NWVhOTNhYWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJnebLEib4ddMovfLHQ1lN8cOcfQ6E5ZiP7SIxGXsWIeVSo86PSZwtgotR5z
SGiAtrAGr9q4LdBgZCEYe5olvV+VpZj1Og5GNSOTtEH+vb+x0XtLE2dJmRf9lvB0
fKGxBlG91S4ujuuD3RG1c2MzmFUd+hlpP4J37q595C4Mqm6Pc1lLWBj7E87PJ1Mi
hJSKZsLRZhhkYjmerP5O12Lj+rS3Z9janW20y6AsjsYarw7gFiWLaichMXMg/rgN
SJTMQSlB7rjV/nyswpSvYdqnBxa5sy2gv6RZuFpLoGpxVWq0vPxzpt/fLXWT5e7h
AmXAL94zXSPH4nICMaEAV52GP5kCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTnS1i3
0cmK7x+u+HsHxwIrDv6FZjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGU4YjFhOWYtMGEwNi00ZTllLWE0OWUtYTVhYmViN2E0NzA3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HPg
gDANBgkqhkiG9w0BAQsFAAOCAQEAlhBMrPGeXh02Re57VvlbD9vxvGu06RRyUAVF
sdRhOdtjyWZoffUDkIWq89fXIEl8tN1qd466SnHfJp+aqkNXlnQ6D/15DTjbaKMc
ME2pr5a/WUMooa8xFyJsdi15CQM0m1XCicSmzPDypzDWzbPW6hPUgKww6PhMLt9T
h4NVQnVjqIn4915ek5g7vb531NcGl42VU+1OYe5S7LQSyqPoO6BFa/vLIXgSnx35
/YTUR+yDeOF2lidaaNlKDKIJT03Um4/T7DyCIuvt9AdZ6B07qSiyW92PCUtAgcPR
DHRFvG92BGUqLcDPaHbyG16gVAeq6wkHI+31UBoUkhUGzS1zEQ==
-----END CERTIFICATE-----
Generated at Tue May 12 23:13:56 2026 by rpki-client