Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f6aec084-593c-47be-8e46-9024b5572011.roa
File: f6aec084-593c-47be-8e46-9024b5572011.roa (raw, json)
Hash identifier: BiMN1DWLZqGcgf5/Wwo98RDltAGKJJ2+ziPiUESgfoA=
Subject key identifier: C0:CB:49:58:0C:BD:53:7F:C8:F7:01:8F:58:BA:4C:D9:70:D6:11:09
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 35A97CFCCABCB3A397613E32990E89407C01BC91
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f6aec084-593c-47be-8e46-9024b5572011.roa
Signing time: Mon 11 May 2026 01:50:52 +0000
ROA not before: Mon 11 May 2026 01:50:52 +0000
ROA not after: Sun 09 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:a9:7c:fc:ca:bc:b3:a3:97:61:3e:32:99:0e:89:40:7c:01:bc:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 11 01:50:52 2026 GMT
Not After : Aug 9 23:59:59 2026 GMT
Subject: serialNumber=801725a20adf7864ebaf9c671276080e5141901c0f20482df8989d316b88a84d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:84:f6:f6:a3:1b:51:d0:5c:48:3b:ac:0f:1c:
c4:eb:96:8c:45:5b:7c:41:c0:02:1b:57:e7:fb:04:
c1:f3:2b:90:ca:57:14:01:c8:b5:f3:fe:a9:8a:69:
ee:ab:00:46:5c:85:96:db:c2:26:57:7a:c2:88:27:
a6:9a:74:72:64:2b:da:0c:38:c3:99:ac:2f:05:37:
25:32:f7:54:fb:2a:c3:97:84:47:56:80:3c:ba:fb:
2d:10:25:f7:25:f4:24:2b:07:1d:ad:47:ab:bd:b9:
3c:ef:aa:b2:53:ce:73:07:ae:fd:34:8f:81:0a:17:
14:72:10:b9:12:7e:21:64:04:73:69:ae:5c:12:3f:
88:48:47:5f:01:cf:e0:bd:40:d0:c1:bc:66:f2:1e:
c0:e4:42:d9:00:2c:15:1e:7f:f1:b7:9d:4b:80:dc:
36:26:fb:21:f8:13:8c:a3:af:6b:05:5a:ba:43:d9:
a8:a0:9d:46:79:bb:b0:bb:55:5b:58:e5:14:db:4b:
90:7e:80:34:45:d0:67:2a:ba:32:2d:7a:d3:f6:c3:
58:70:76:03:47:30:16:b3:f2:4d:9f:b0:b2:13:bb:
5e:ae:07:4e:6b:70:2c:70:e3:0e:0c:99:4d:16:3e:
31:f7:ca:29:76:74:7e:8f:f7:ce:35:0d:de:ad:39:
36:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:CB:49:58:0C:BD:53:7F:C8:F7:01:8F:58:BA:4C:D9:70:D6:11:09
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f6aec084-593c-47be-8e46-9024b5572011.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:e000::/40
Signature Algorithm: sha256WithRSAEncryption
98:41:55:9a:f0:1f:8c:21:37:7b:a1:6f:a7:eb:ca:3b:7c:4b:
f0:e6:a4:07:d2:2d:b2:f4:05:c4:04:96:73:36:3f:e0:f3:53:
7d:13:ca:31:ac:d8:26:0a:57:61:d4:09:18:ce:a2:56:2d:54:
f1:4d:19:c3:25:cd:8f:f5:37:1b:01:14:3b:9b:81:da:98:4e:
8b:7c:e5:cd:83:c4:09:4d:b6:92:6f:ec:53:be:56:9d:2c:3f:
52:f2:66:97:9f:ee:a9:94:2b:88:21:11:e4:49:1c:e4:94:04:
a3:8d:73:6f:07:2b:8c:87:be:fc:23:50:a0:b2:a6:4b:d2:99:
f9:70:81:cf:c3:6f:99:2b:fc:47:80:37:07:be:36:2b:69:c0:
35:ab:a6:d3:8f:ad:78:7d:a8:9c:90:fa:d9:64:e0:90:77:6e:
f7:43:f0:43:15:aa:ad:6d:7c:55:ca:29:d6:9c:59:05:16:63:
15:23:87:c9:71:7c:07:9a:af:13:4c:e5:b3:ce:2c:ba:97:7a:
f6:88:f9:70:b5:d7:6d:4b:26:c4:23:b3:36:88:e3:95:dd:1b:
f8:a1:29:b2:3b:2f:bd:14:f1:e3:de:e5:88:2f:f3:73:90:24:
d3:9e:a1:bd:af:c2:2d:b1:90:b9:d6:f4:8f:74:ba:14:e5:96:
a4:31:48:50
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNal8/Mq8s6OXYT4ymQ6JQHwBvJEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTEwMTUwNTJaFw0yNjA4MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDgwMTcyNWEyMGFkZjc4NjRlYmFmOWM2NzEyNzYwODBlNTE0MTkwMWMwZjIw
NDgyZGY4OTg5ZDMxNmI4OGE4NGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM2E9vajG1HQXEg7rA8cxOuWjEVbfEHAAhtX5/sEwfMrkMpXFAHItfP+qYpp
7qsARlyFltvCJld6wognppp0cmQr2gw4w5msLwU3JTL3VPsqw5eER1aAPLr7LRAl
9yX0JCsHHa1Hq725PO+qslPOcweu/TSPgQoXFHIQuRJ+IWQEc2muXBI/iEhHXwHP
4L1A0MG8ZvIewORC2QAsFR5/8bedS4DcNib7IfgTjKOvawVaukPZqKCdRnm7sLtV
W1jlFNtLkH6ANEXQZyq6Mi160/bDWHB2A0cwFrPyTZ+wshO7Xq4HTmtwLHDjDgyZ
TRY+MffKKXZ0fo/3zjUN3q05NpkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTAy0lY
DL1Tf8j3AY9YukzZcNYRCTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjZhZWMwODQtNTkzYy00N2JlLThlNDYtOTAyNGI1NTcyMDExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DDg
MA0GCSqGSIb3DQEBCwUAA4IBAQCYQVWa8B+MITd7oW+n68o7fEvw5qQH0i2y9AXE
BJZzNj/g81N9E8oxrNgmCldh1AkYzqJWLVTxTRnDJc2P9TcbARQ7m4HamE6LfOXN
g8QJTbaSb+xTvladLD9S8maXn+6plCuIIRHkSRzklASjjXNvByuMh778I1CgsqZL
0pn5cIHPw2+ZK/xHgDcHvjYracA1q6bTj614faickPrZZOCQd273Q/BDFaqtbXxV
yinWnFkFFmMVI4fJcXwHmq8TTOWzziy6l3r2iPlwtddtSybEI7M2iOOV3Rv4oSmy
Oy+9FPHj3uWIL/NzkCTTnqG9r8ItsZC51vSPdLoU5ZakMUhQ
-----END CERTIFICATE-----
Generated at Tue May 12 23:14:19 2026 by rpki-client