Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99ffa238-9133-4fa5-ad84-49e67d34854a.roa
File: 99ffa238-9133-4fa5-ad84-49e67d34854a.roa (raw, json)
Hash identifier: QdHDGvsKV2G4TuJTuVxg2amnvL7SPe7w8eqaLI28hHY=
Subject key identifier: 19:23:B9:2D:31:7A:C3:0E:B9:B6:D9:53:7C:D9:E0:A4:BF:4E:BA:CA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 407070701C70B07B621013098DF2C488949B0D8D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99ffa238-9133-4fa5-ad84-49e67d34854a.roa
Signing time: Tue 19 May 2026 04:30:13 +0000
ROA not before: Tue 19 May 2026 04:30:13 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d02a::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 01 Jun 2026 04:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:70:70:70:1c:70:b0:7b:62:10:13:09:8d:f2:c4:88:94:9b:0d:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:30:13 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=752699a3fd743b6154e4603f35f5c052ca4dc6cb8e867afad3729d8ecaef384e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:64:ed:c1:7d:02:cb:08:bc:a8:3b:6a:85:7a:
19:1a:34:03:5c:d5:76:8b:9e:c4:8f:39:85:76:6f:
da:7d:c0:fd:e0:e8:a6:46:92:42:9f:b5:63:e3:f0:
fe:aa:50:b8:0f:16:fd:16:60:6a:c9:e0:71:95:77:
6f:a3:6b:e8:bf:92:f2:1e:a7:af:a0:62:e9:4c:db:
c8:7e:a9:fa:4e:33:85:4c:3d:15:f6:67:b3:f6:1e:
27:e6:9c:4f:17:5b:3d:c2:58:6f:f8:67:27:8a:5b:
f1:8d:d0:36:e7:1d:53:37:02:96:cc:68:49:9e:74:
dd:b3:f6:60:50:37:1b:ef:e9:63:b4:a7:0c:e4:69:
0f:60:8b:3c:aa:e2:bd:c3:da:d7:b3:eb:97:76:d5:
94:c6:74:1b:79:54:c8:f3:cd:4e:60:8d:4d:07:91:
d1:f8:5b:f5:f5:fd:6c:af:24:77:55:4c:c9:4c:fb:
b4:df:0b:33:ff:81:92:4a:35:02:bf:16:cc:ae:8b:
f7:36:f9:3a:59:2f:a0:41:3e:c9:6f:36:24:56:94:
68:b6:0b:e4:8e:84:33:92:02:2b:d0:ae:e7:19:57:
ba:60:4f:c4:c2:5a:81:42:f7:e2:5e:01:a2:9c:58:
96:d8:8c:15:66:7c:cd:4a:38:41:c0:bb:3a:ed:e5:
57:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:23:B9:2D:31:7A:C3:0E:B9:B6:D9:53:7C:D9:E0:A4:BF:4E:BA:CA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/99ffa238-9133-4fa5-ad84-49e67d34854a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d02a::/36
Signature Algorithm: sha256WithRSAEncryption
9a:0a:88:66:da:bf:5d:93:69:54:85:fa:05:ef:58:2d:28:e4:
76:0a:6a:8f:6c:1b:72:c5:50:fc:01:2b:ae:9f:1b:16:68:5d:
53:74:97:b1:ce:30:0d:4f:56:04:9f:8c:46:c6:d4:b8:7e:46:
b3:ef:f8:ab:c3:26:7e:2a:6d:5c:42:bb:79:4b:fc:c2:2c:5e:
bb:f4:6c:09:be:7f:e3:7a:eb:90:3b:ff:fb:ea:9a:25:82:c1:
b1:fc:80:b2:e4:ad:de:24:b0:21:5b:be:68:31:9b:93:93:86:
9d:a1:a5:dd:11:69:e7:04:f7:53:c8:01:90:18:d5:33:b2:59:
22:32:38:eb:6a:14:75:03:c1:5b:a0:e4:4e:f2:c6:54:51:37:
09:df:eb:bf:a4:72:81:69:fb:d9:3e:a4:5c:ff:b7:51:94:23:
ad:f8:9f:c0:98:5c:16:24:fb:d7:e3:d5:66:e4:09:e4:66:5f:
34:a2:6f:5d:af:b4:a5:e0:4f:1d:bc:80:d0:f2:50:e4:10:4e:
8f:f4:7b:2d:08:64:3f:84:d8:fa:ae:ad:23:47:b0:cb:4a:01:
f5:e9:34:63:5e:76:e1:53:03:84:38:89:60:2f:e9:2e:29:c2:
bd:cd:10:fe:27:da:ee:3f:22:e7:e1:92:ab:be:b3:7f:29:55:
33:97:4f:b8
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQHBwcBxwsHtiEBMJjfLEiJSbDY0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDMwMTNaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDc1MjY5OWEzZmQ3NDNiNjE1NGU0NjAzZjM1ZjVjMDUyY2E0ZGM2Y2I4ZTg2
N2FmYWQzNzI5ZDhlY2FlZjM4NGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM5k7cF9AssIvKg7aoV6GRo0A1zVdouexI85hXZv2n3A/eDopkaSQp+1Y+Pw
/qpQuA8W/RZgasngcZV3b6Nr6L+S8h6nr6Bi6UzbyH6p+k4zhUw9FfZns/YeJ+ac
TxdbPcJYb/hnJ4pb8Y3QNucdUzcClsxoSZ503bP2YFA3G+/pY7SnDORpD2CLPKri
vcPa17Prl3bVlMZ0G3lUyPPNTmCNTQeR0fhb9fX9bK8kd1VMyUz7tN8LM/+Bkko1
Ar8WzK6L9zb5OlkvoEE+yW82JFaUaLYL5I6EM5ICK9Cu5xlXumBPxMJagUL34l4B
opxYltiMFWZ8zUo4QcC7Ou3lV/MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQZI7kt
MXrDDrm22VN82eCkv066yjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTlmZmEyMzgtOTEzMy00ZmE1LWFkODQtNDllNjdkMzQ4NTRhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CoA
MA0GCSqGSIb3DQEBCwUAA4IBAQCaCohm2r9dk2lUhfoF71gtKOR2CmqPbBtyxVD8
ASuunxsWaF1TdJexzjANT1YEn4xGxtS4fkaz7/irwyZ+Km1cQrt5S/zCLF679GwJ
vn/jeuuQO//76polgsGx/ICy5K3eJLAhW75oMZuTk4adoaXdEWnnBPdTyAGQGNUz
slkiMjjrahR1A8FboORO8sZUUTcJ3+u/pHKBafvZPqRc/7dRlCOt+J/AmFwWJPvX
49Vm5AnkZl80om9dr7Sl4E8dvIDQ8lDkEE6P9HstCGQ/hNj6rq0jR7DLSgH16TRj
XnbhUwOEOIlgL+kuKcK9zRD+J9ruPyLn4ZKrvrN/KVUzl0+4
-----END CERTIFICATE-----
Generated at Sun May 31 11:14:10 2026 by rpki-client