Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/abbeedab-21fb-4993-b3ce-b753ba293d00.roa
File: abbeedab-21fb-4993-b3ce-b753ba293d00.roa (raw, json)
Hash identifier: y5HKP4I++hhKQHUzYsP/o3OsF6plTqw2pe5hiSNeZtE=
Subject key identifier: 49:47:FE:15:E2:91:69:0A:D8:83:89:3E:87:04:49:36:E8:3A:F7:F0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 297D82A5FB4AAA53460C72C1B6A9607A996682F5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/abbeedab-21fb-4993-b3ce-b753ba293d00.roa
Signing time: Tue 19 May 2026 04:40:07 +0000
ROA not before: Tue 19 May 2026 04:40:07 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d050:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:7d:82:a5:fb:4a:aa:53:46:0c:72:c1:b6:a9:60:7a:99:66:82:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:40:07 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=8518a1315b38e5cbebc9dcbf8e8a2b1b465f5a6205b0c70f432541ea5faf7d47, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:a8:26:87:38:f5:85:3d:42:01:91:bf:6c:de:
fb:04:a0:d3:3f:50:b2:c5:5c:fc:60:37:20:e4:12:
a7:01:91:16:2d:a1:cc:dc:d4:e4:70:ff:23:34:da:
d9:d0:bc:6e:01:db:80:0a:bb:33:95:e1:25:ee:b0:
a0:4a:5c:20:5c:ed:d3:3c:61:f5:f9:58:02:73:f9:
e1:79:9e:b2:8c:17:16:98:aa:de:42:85:fc:49:16:
20:91:65:f7:76:1a:b0:aa:14:10:2b:5e:63:b6:ff:
49:62:63:f5:6b:69:bd:8a:57:08:27:64:47:96:35:
f2:4d:d0:3f:7e:1a:ed:94:82:80:98:92:ed:39:f3:
66:01:5e:a7:a9:01:b4:7c:2a:67:08:ac:24:b4:25:
79:57:97:b3:33:d7:c2:f1:d2:96:13:3e:00:56:54:
2d:51:fe:30:e0:63:e3:30:69:27:f1:52:a7:d8:40:
9a:eb:5e:ec:8d:35:e7:e8:8c:7c:1e:e6:94:32:67:
2f:53:e6:7c:96:54:74:8f:26:a0:c8:59:9a:28:84:
21:bc:34:9b:5a:09:8d:f3:d2:c9:36:42:b7:bf:36:
2a:81:ff:15:36:6c:28:2f:eb:1b:25:be:3f:0a:82:
13:4b:34:5a:4e:27:39:33:ed:b9:64:ab:56:b4:4d:
b1:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:47:FE:15:E2:91:69:0A:D8:83:89:3E:87:04:49:36:E8:3A:F7:F0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/abbeedab-21fb-4993-b3ce-b753ba293d00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d050:e000::/40
Signature Algorithm: sha256WithRSAEncryption
4e:2c:4b:9f:a4:b2:20:4a:b4:65:14:4d:51:96:2a:30:00:0b:
7f:38:41:7f:03:99:cc:61:b4:1c:cd:6b:c2:d9:48:f5:15:32:
0e:39:db:24:a4:d2:f5:a7:3b:4b:eb:d5:20:be:a1:d3:07:6d:
df:35:2f:4c:f0:68:d8:9f:b3:fd:0b:39:c3:5e:2d:2c:80:8a:
31:d0:b6:38:36:aa:1d:7a:a5:18:94:3b:f2:b9:ff:e0:1b:11:
96:b9:f1:c9:81:e0:a6:a1:9e:f6:e2:d3:e3:70:65:a1:64:7e:
13:f1:9d:7c:4b:fa:24:5d:7a:17:7b:a7:95:b7:8a:b5:ca:cd:
8e:07:61:b8:c6:7e:3b:ea:cc:2c:4e:ea:34:76:76:62:5f:6b:
d6:a1:2a:cb:80:35:24:02:02:15:83:32:bb:35:3b:51:cb:4f:
a1:2c:53:0c:16:b5:ce:ef:9b:f4:9d:ec:05:78:8a:72:4d:fe:
65:25:51:52:25:71:bc:e5:d0:4e:84:1d:0e:63:59:a3:aa:26:
03:f7:49:e9:7a:05:a6:3c:25:4f:62:b5:63:8c:0e:2f:91:41:
58:25:29:73:11:c5:82:9e:e2:ab:63:a9:17:5c:92:1e:fc:75:
ee:b0:9d:f5:84:20:fd:04:8c:9a:e7:d9:bb:d8:22:6b:41:cd:
93:7a:99:48
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKX2CpftKqlNGDHLBtqlgeplmgvUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDQwMDdaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDg1MThhMTMxNWIzOGU1Y2JlYmM5ZGNiZjhlOGEyYjFiNDY1ZjVhNjIwNWIw
YzcwZjQzMjU0MWVhNWZhZjdkNDcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ6oJoc49YU9QgGRv2ze+wSg0z9QssVc/GA3IOQSpwGRFi2hzNzU5HD/IzTa
2dC8bgHbgAq7M5XhJe6woEpcIFzt0zxh9flYAnP54XmesowXFpiq3kKF/EkWIJFl
93YasKoUECteY7b/SWJj9WtpvYpXCCdkR5Y18k3QP34a7ZSCgJiS7TnzZgFep6kB
tHwqZwisJLQleVeXszPXwvHSlhM+AFZULVH+MOBj4zBpJ/FSp9hAmute7I015+iM
fB7mlDJnL1PmfJZUdI8moMhZmiiEIbw0m1oJjfPSyTZCt782KoH/FTZsKC/rGyW+
PwqCE0s0Wk4nOTPtuWSrVrRNsWMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRJR/4V
4pFpCtiDiT6HBEk26Dr38DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWJiZWVkYWItMjFmYi00OTkzLWIzY2UtYjc1M2JhMjkzZDAwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FDg
MA0GCSqGSIb3DQEBCwUAA4IBAQBOLEufpLIgSrRlFE1RliowAAt/OEF/A5nMYbQc
zWvC2Uj1FTIOOdskpNL1pztL69UgvqHTB23fNS9M8GjYn7P9CznDXi0sgIox0LY4
NqodeqUYlDvyuf/gGxGWufHJgeCmoZ724tPjcGWhZH4T8Z18S/okXXoXe6eVt4q1
ys2OB2G4xn476swsTuo0dnZiX2vWoSrLgDUkAgIVgzK7NTtRy0+hLFMMFrXO75v0
newFeIpyTf5lJVFSJXG85dBOhB0OY1mjqiYD90npegWmPCVPYrVjjA4vkUFYJSlz
EcWCnuKrY6kXXJIe/HXusJ31hCD9BIya59m72CJrQc2TeplI
-----END CERTIFICATE-----
Generated at Thu Jun 4 02:27:46 2026 by rpki-client