Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2e49a1a2-dc4c-40c4-9c7e-f41c937ffb61.roa
File: 2e49a1a2-dc4c-40c4-9c7e-f41c937ffb61.roa (raw, json)
Hash identifier: P+ZAgtlG5cbJn0TUH2YfHj5Z0v3yC0hT2PmjwsFwX58=
Subject key identifier: 49:33:94:0A:09:BF:98:09:B4:25:F7:8E:72:B6:8E:07:48:6D:CC:78
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0EAC0FDFC6D56DE01E97206BAD4B47BC51562F48
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2e49a1a2-dc4c-40c4-9c7e-f41c937ffb61.roa
Signing time: Mon 27 Apr 2026 00:30:11 +0000
ROA not before: Mon 27 Apr 2026 00:30:11 +0000
ROA not after: Sun 26 Jul 2026 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d06d:6040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Apr 2026 14:21:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:ac:0f:df:c6:d5:6d:e0:1e:97:20:6b:ad:4b:47:bc:51:56:2f:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 27 00:30:11 2026 GMT
Not After : Jul 26 23:59:59 2026 GMT
Subject: serialNumber=8c544ccac0577f102f089e34278c8f45c2fb5e99a6407d3fa9396851f89d990a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:3e:f2:93:24:b5:a2:11:e0:12:a5:98:2b:f5:
8a:3b:5d:1c:33:17:99:6c:8e:68:bf:9b:69:c6:4e:
c2:d0:93:99:fb:72:24:2d:95:d7:45:a6:e4:0d:27:
45:c6:b5:81:db:3e:f2:69:be:be:99:ba:d7:8e:86:
6a:3c:8c:56:4a:d7:7c:39:02:4f:f9:46:e5:cf:3f:
b3:a0:24:f5:1a:60:8f:01:94:77:32:7c:71:39:b6:
14:1f:d8:06:b1:b6:e6:9a:1f:e8:01:3b:4c:89:ea:
c6:8a:83:d2:97:81:c0:59:f0:d1:5e:96:49:5a:b2:
ba:0e:58:4c:fe:24:d1:20:ff:da:58:9b:1b:77:92:
d1:80:0f:b9:db:73:8a:43:f1:6b:c6:a1:6a:59:4c:
21:fd:fd:e1:37:47:17:5c:58:34:9b:07:af:d8:0b:
16:fd:ee:64:d7:b7:08:de:0b:f1:44:5c:32:ab:82:
e3:47:af:84:93:65:db:ce:32:ed:d6:63:58:50:90:
24:24:de:dd:15:0d:48:a7:5a:6a:68:0b:f9:c7:0f:
41:3a:c0:a0:17:84:12:9b:7d:de:e4:7e:66:2a:84:
a7:9c:16:aa:4d:7d:09:97:e7:b2:3d:27:38:18:5a:
b2:c8:e8:4c:f8:5f:e7:b7:22:a5:ed:00:cc:cf:e3:
70:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:33:94:0A:09:BF:98:09:B4:25:F7:8E:72:B6:8E:07:48:6D:CC:78
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2e49a1a2-dc4c-40c4-9c7e-f41c937ffb61.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:6040::/48
Signature Algorithm: sha256WithRSAEncryption
78:97:56:27:78:cf:4f:43:bc:bd:58:4b:45:a8:02:65:e6:12:
a6:1d:2d:84:47:d0:b4:b6:77:74:18:e7:d2:55:af:27:d5:f4:
0b:2e:05:7e:45:26:36:70:6c:b0:73:36:56:42:ee:15:6e:04:
2a:b6:94:e9:49:18:3a:53:ba:fb:0a:40:48:71:45:91:a9:49:
b4:a3:5c:b1:ba:91:36:6d:f2:48:fb:65:f5:ef:98:24:45:7c:
4f:97:32:e8:86:50:f3:ff:9a:d4:88:9c:55:21:a7:3e:11:fb:
80:b9:09:b4:3e:ac:b7:b1:97:11:43:f9:78:55:86:4d:d8:12:
f9:ca:56:47:64:1b:26:31:7b:7b:33:2e:a8:3c:39:4c:a3:a7:
54:c0:83:dd:18:97:32:e4:1a:ff:c2:33:7a:5c:ab:c5:c7:26:
91:30:7b:b1:8a:23:43:b2:af:1e:1f:6f:43:81:44:58:5a:f5:
7e:6c:9a:dd:5c:be:4f:bb:22:c7:54:ac:97:df:ca:45:15:43:
aa:42:3e:f3:ed:86:4a:db:a1:28:ed:c8:46:7f:96:e0:92:ee:
10:a8:06:e4:9a:ac:58:ee:a3:d9:ef:84:6e:5e:f4:43:6a:86:
70:9b:d7:cc:f0:14:00:56:f7:3f:69:55:0d:48:1b:26:da:3a:
37:44:6a:3f
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUDqwP38bVbeAelyBrrUtHvFFWL0gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA0MjcwMDMwMTFaFw0yNjA3MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDhjNTQ0Y2NhYzA1NzdmMTAyZjA4OWUzNDI3OGM4ZjQ1YzJmYjVlOTlhNjQw
N2QzZmE5Mzk2ODUxZjg5ZDk5MGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAME+8pMktaIR4BKlmCv1ijtdHDMXmWyOaL+bacZOwtCTmftyJC2V10Wm5A0n
Rca1gds+8mm+vpm6146GajyMVkrXfDkCT/lG5c8/s6Ak9RpgjwGUdzJ8cTm2FB/Y
BrG25pof6AE7TInqxoqD0peBwFnw0V6WSVqyug5YTP4k0SD/2libG3eS0YAPudtz
ikPxa8ahallMIf394TdHF1xYNJsHr9gLFv3uZNe3CN4L8URcMquC40evhJNl284y
7dZjWFCQJCTe3RUNSKdaamgL+ccPQTrAoBeEEpt93uR+ZiqEp5wWqk19CZfnsj0n
OBhassjoTPhf57cipe0AzM/jcNUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRJM5QK
Cb+YCbQl945yto4HSG3MeDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmU0OWExYTItZGM0Yy00MGM0LTljN2UtZjQxYzkzN2ZmYjYxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0G1g
QDANBgkqhkiG9w0BAQsFAAOCAQEAeJdWJ3jPT0O8vVhLRagCZeYSph0thEfQtLZ3
dBjn0lWvJ9X0Cy4FfkUmNnBssHM2VkLuFW4EKraU6UkYOlO6+wpASHFFkalJtKNc
sbqRNm3ySPtl9e+YJEV8T5cy6IZQ8/+a1IicVSGnPhH7gLkJtD6st7GXEUP5eFWG
TdgS+cpWR2QbJjF7ezMuqDw5TKOnVMCD3RiXMuQa/8IzelyrxccmkTB7sYojQ7Kv
Hh9vQ4FEWFr1fmya3Vy+T7six1Ssl9/KRRVDqkI+8+2GStuhKO3IRn+W4JLuEKgG
5JqsWO6j2e+Ebl70Q2qGcJvXzPAUAFb3P2lVDUgbJto6N0RqPw==
-----END CERTIFICATE-----
Generated at Tue Apr 28 19:34:01 2026 by rpki-client