Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1b11a093-87c1-4dc3-b6a7-b701618ae3ce.roa
File: 1b11a093-87c1-4dc3-b6a7-b701618ae3ce.roa (raw, json)
Hash identifier: Aqjd2RE6IUAsRE/imlYeLzQO71w2vlOGaHOunL0nOU0=
Subject key identifier: 10:90:31:2D:B7:86:04:AE:D1:D9:B3:F6:FC:39:ED:53:54:0D:94:CC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 47192B6BBDE7DCD2AE581E677859A599033E09DC
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1b11a093-87c1-4dc3-b6a7-b701618ae3ce.roa
Signing time: Mon 27 Apr 2026 00:30:09 +0000
ROA not before: Mon 27 Apr 2026 00:30:09 +0000
ROA not after: Sun 26 Jul 2026 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d034:60c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Apr 2026 14:21:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:19:2b:6b:bd:e7:dc:d2:ae:58:1e:67:78:59:a5:99:03:3e:09:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 27 00:30:09 2026 GMT
Not After : Jul 26 23:59:59 2026 GMT
Subject: serialNumber=1634089b165e3c4ed9945ae3dc32e414ac56964fa58b508d0af4596ca97c9c0a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:cc:43:99:13:a6:85:58:91:91:0a:1b:a9:0b:
d4:57:28:dd:61:cb:4d:e1:77:06:8e:0b:67:f2:3d:
03:a3:69:33:17:e8:67:79:1c:d7:2b:a7:5b:25:57:
94:39:e9:43:c0:49:6b:6c:30:95:bb:d7:ec:b7:9d:
27:28:4f:08:ba:e2:dc:a5:aa:b9:d0:ec:b0:90:2e:
21:2f:9d:8b:d9:b6:56:38:fe:ea:2f:49:11:0b:a6:
46:4f:43:c3:27:d6:70:d8:7c:c4:81:9f:60:8e:d1:
3d:34:b9:f9:98:88:f1:1e:db:b8:d4:1d:d1:de:c5:
55:82:83:ef:88:c8:a6:17:b2:c0:bb:9b:48:d9:1f:
e8:9d:50:14:9d:ce:47:c1:da:3f:22:bc:99:32:6f:
76:7e:29:bf:6c:03:61:5b:0c:51:6c:7d:24:15:1a:
db:83:bb:dd:3e:16:bc:87:74:c6:5a:68:74:77:c8:
64:11:d4:90:9e:ed:9c:36:33:5d:90:f0:05:96:ce:
c1:ad:28:75:5c:e2:f5:00:c0:21:2c:ff:e0:94:66:
09:9e:15:b3:b4:88:88:62:52:5b:86:d5:dc:3e:c1:
79:f3:bd:d3:44:a0:50:3c:38:8f:42:46:00:71:22:
a7:98:7a:75:2a:55:27:4c:f6:77:ab:f7:3b:ca:46:
cc:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:90:31:2D:B7:86:04:AE:D1:D9:B3:F6:FC:39:ED:53:54:0D:94:CC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1b11a093-87c1-4dc3-b6a7-b701618ae3ce.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d034:60c0::/46
Signature Algorithm: sha256WithRSAEncryption
1d:fb:6a:03:64:5e:a6:83:e4:9a:78:d6:ef:eb:22:2b:72:d3:
53:76:c8:bb:89:5a:c0:6c:33:96:c2:b2:08:f1:7a:b5:0c:91:
bc:03:43:ab:a8:cc:e9:81:22:be:ef:11:b0:d9:dd:3b:71:ac:
2b:0b:6f:f6:df:7f:63:1b:5f:eb:8c:72:17:0c:8f:d0:b6:ad:
78:ee:6e:f5:e7:9b:e1:b5:23:68:de:b7:42:2f:4a:aa:87:82:
84:53:23:72:67:fe:60:cb:93:c8:dd:c8:06:ec:8d:c1:96:2b:
61:ce:35:24:78:91:e9:26:94:e1:2a:c2:d3:ff:aa:3c:97:f8:
1f:ad:fe:83:3d:8d:f9:b5:2b:fd:3b:64:f5:9e:15:5e:f3:68:
93:96:a8:8c:1c:e7:31:f6:6c:5f:c5:b8:ff:d5:13:53:cb:e9:
8c:48:9f:7a:fe:d6:a4:8a:ef:b5:41:c9:49:6e:30:7f:09:d4:
2c:d3:9a:0f:b0:c9:56:b2:37:ac:eb:9c:87:aa:b5:57:2e:91:
c4:0c:a8:7b:bd:bf:8c:c2:1e:54:d0:68:f1:76:df:b3:c0:21:
b7:3f:98:e8:24:76:0e:a4:32:39:ac:e1:25:0c:68:3b:19:cd:
b6:67:17:34:5b:2d:9d:d2:bd:3e:84:03:76:d5:37:12:31:b5:
08:1f:86:4f
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIURxkra73n3NKuWB5neFmlmQM+CdwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA0MjcwMDMwMDlaFw0yNjA3MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDE2MzQwODliMTY1ZTNjNGVkOTk0NWFlM2RjMzJlNDE0YWM1Njk2NGZhNThi
NTA4ZDBhZjQ1OTZjYTk3YzljMGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM7MQ5kTpoVYkZEKG6kL1Fco3WHLTeF3Bo4LZ/I9A6NpMxfoZ3kc1yunWyVX
lDnpQ8BJa2wwlbvX7LedJyhPCLri3KWqudDssJAuIS+di9m2Vjj+6i9JEQumRk9D
wyfWcNh8xIGfYI7RPTS5+ZiI8R7buNQd0d7FVYKD74jIpheywLubSNkf6J1QFJ3O
R8HaPyK8mTJvdn4pv2wDYVsMUWx9JBUa24O73T4WvId0xlpodHfIZBHUkJ7tnDYz
XZDwBZbOwa0odVzi9QDAISz/4JRmCZ4Vs7SIiGJSW4bV3D7BefO900SgUDw4j0JG
AHEip5h6dSpVJ0z2d6v3O8pGzIMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQQkDEt
t4YErtHZs/b8Oe1TVA2UzDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWIxMWEwOTMtODdjMS00ZGMzLWI2YTctYjcwMTYxOGFlM2NlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DRg
wDANBgkqhkiG9w0BAQsFAAOCAQEAHftqA2RepoPkmnjW7+siK3LTU3bIu4lawGwz
lsKyCPF6tQyRvANDq6jM6YEivu8RsNndO3GsKwtv9t9/Yxtf64xyFwyP0LateO5u
9eeb4bUjaN63Qi9KqoeChFMjcmf+YMuTyN3IBuyNwZYrYc41JHiR6SaU4SrC0/+q
PJf4H63+gz2N+bUr/Ttk9Z4VXvNok5aojBznMfZsX8W4/9UTU8vpjEifev7WpIrv
tUHJSW4wfwnULNOaD7DJVrI3rOuch6q1Vy6RxAyoe72/jMIeVNBo8Xbfs8Ahtz+Y
6CR2DqQyOazhJQxoOxnNtmcXNFstndK9PoQDdtU3EjG1CB+GTw==
-----END CERTIFICATE-----
Generated at Tue Apr 28 19:33:41 2026 by rpki-client