Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f1d8b868-c959-421c-83d1-d5235f6ed47e.roa
File: f1d8b868-c959-421c-83d1-d5235f6ed47e.roa (raw, json)
Hash identifier: JPVctjZNca9cff45ETwYjb3QMX+2mWbO8WPXZj1IKU8=
Subject key identifier: 5E:00:EA:BB:9D:7C:D9:C5:39:6B:6D:7E:DA:C8:38:74:F9:30:BA:69
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 625AF8DBB174200BEE622AF102AA0A4A9F38B93E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f1d8b868-c959-421c-83d1-d5235f6ed47e.roa
Signing time: Mon 27 Apr 2026 00:40:07 +0000
ROA not before: Mon 27 Apr 2026 00:40:07 +0000
ROA not after: Sun 26 Jul 2026 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d06d:60c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Apr 2026 14:21:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:5a:f8:db:b1:74:20:0b:ee:62:2a:f1:02:aa:0a:4a:9f:38:b9:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 27 00:40:07 2026 GMT
Not After : Jul 26 23:59:59 2026 GMT
Subject: serialNumber=2e8a3b400bc3273885d5791f3ed611f89e846b78b83b0917cffd5e153e334a84, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:38:ca:10:97:d8:ae:22:ce:a2:43:ec:1d:4b:
d4:45:b2:55:c3:95:7b:0d:3d:ae:3b:84:95:6a:7e:
27:a1:62:d9:54:0a:35:66:16:cb:79:22:09:6e:9b:
75:c0:2f:6a:d6:ab:c8:1c:08:99:bc:fc:bd:c3:21:
c9:09:b7:aa:dd:01:2d:9d:a7:74:ed:f1:8d:f7:7f:
9d:08:5d:32:21:5d:c5:db:73:d7:85:32:b8:d0:16:
3b:eb:4d:ab:f4:1d:66:7f:3f:45:e9:cc:96:34:fd:
cf:ea:e9:f5:7c:a9:0e:9d:dd:69:63:50:19:47:2c:
1d:26:60:04:81:82:1a:9f:41:b8:8d:d8:ad:88:56:
02:00:6f:58:04:8c:75:55:ff:e2:56:d2:3f:ac:ab:
3e:e2:64:ff:11:e4:a9:d7:e1:0c:f6:e0:bf:a5:3c:
08:01:34:6e:20:d8:73:6e:f3:82:6e:39:49:15:6f:
84:f9:e9:31:58:c8:9b:e5:32:5b:0e:5a:8c:3c:b5:
d9:eb:f7:15:3a:d5:81:82:59:da:00:59:c1:68:c1:
7c:4d:fa:5e:14:dd:39:bd:b3:18:1a:d6:f4:90:15:
df:c9:c2:7c:d3:7f:d0:d4:a6:f5:45:e7:2c:86:2d:
23:67:15:79:21:4a:53:3d:61:97:10:e0:52:26:b0:
ca:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:00:EA:BB:9D:7C:D9:C5:39:6B:6D:7E:DA:C8:38:74:F9:30:BA:69
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f1d8b868-c959-421c-83d1-d5235f6ed47e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:60c0::/48
Signature Algorithm: sha256WithRSAEncryption
c6:f9:71:a0:3b:18:74:b2:6d:ff:15:b0:44:c9:cc:90:13:d1:
00:32:36:12:a9:bc:4c:6b:a0:99:cf:7d:ce:61:fe:9f:2f:f9:
79:d9:1f:b5:be:80:92:7d:9a:64:79:f6:0f:36:56:b2:a2:1f:
12:b3:16:1a:ec:18:73:a4:d8:fd:0c:f6:9e:ba:ed:be:0d:5d:
ee:5d:47:fa:83:1b:50:77:d6:07:56:97:02:98:6b:da:03:d1:
af:11:16:4a:4d:39:7e:84:9d:8c:7b:ca:53:66:8f:f0:65:53:
c5:b1:ce:b9:09:af:93:58:2b:48:13:40:aa:31:f8:30:34:7c:
f8:f5:f0:86:cf:02:10:4c:44:e6:d8:f9:cd:49:4a:d2:d4:d5:
28:bb:20:18:1b:e8:52:32:23:4d:6c:26:ab:51:f1:7b:c9:1e:
44:81:bd:c6:6c:3c:af:3c:00:85:9f:6b:da:76:23:d7:f9:b8:
c4:30:6f:9a:3a:6b:f2:57:3e:0d:af:67:0b:e9:23:54:c5:49:
95:e9:38:18:fa:c7:80:d2:ef:36:7d:5e:14:aa:f0:5f:29:c4:
12:e7:15:22:6e:e2:21:dc:94:99:f4:72:df:f8:69:8e:b9:fe:
e0:39:d5:2d:7e:3f:03:ce:14:44:42:6e:0d:e8:f7:80:0d:87:
5c:ba:02:59
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUYlr427F0IAvuYirxAqoKSp84uT4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA0MjcwMDQwMDdaFw0yNjA3MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDJlOGEzYjQwMGJjMzI3Mzg4NWQ1NzkxZjNlZDYxMWY4OWU4NDZiNzhiODNi
MDkxN2NmZmQ1ZTE1M2UzMzRhODQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKU4yhCX2K4izqJD7B1L1EWyVcOVew09rjuElWp+J6Fi2VQKNWYWy3kiCW6b
dcAvataryBwImbz8vcMhyQm3qt0BLZ2ndO3xjfd/nQhdMiFdxdtz14UyuNAWO+tN
q/QdZn8/RenMljT9z+rp9XypDp3daWNQGUcsHSZgBIGCGp9BuI3YrYhWAgBvWASM
dVX/4lbSP6yrPuJk/xHkqdfhDPbgv6U8CAE0biDYc27zgm45SRVvhPnpMVjIm+Uy
Ww5ajDy12ev3FTrVgYJZ2gBZwWjBfE36XhTdOb2zGBrW9JAV38nCfNN/0NSm9UXn
LIYtI2cVeSFKUz1hlxDgUiawyqkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBReAOq7
nXzZxTlrbX7ayDh0+TC6aTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjFkOGI4NjgtYzk1OS00MjFjLTgzZDEtZDUyMzVmNmVkNDdlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0G1g
wDANBgkqhkiG9w0BAQsFAAOCAQEAxvlxoDsYdLJt/xWwRMnMkBPRADI2Eqm8TGug
mc99zmH+ny/5edkftb6Akn2aZHn2DzZWsqIfErMWGuwYc6TY/Qz2nrrtvg1d7l1H
+oMbUHfWB1aXAphr2gPRrxEWSk05foSdjHvKU2aP8GVTxbHOuQmvk1grSBNAqjH4
MDR8+PXwhs8CEExE5tj5zUlK0tTVKLsgGBvoUjIjTWwmq1Hxe8keRIG9xmw8rzwA
hZ9r2nYj1/m4xDBvmjpr8lc+Da9nC+kjVMVJlek4GPrHgNLvNn1eFKrwXynEEucV
Im7iIdyUmfRy3/hpjrn+4DnVLX4/A84UREJuDej3gA2HXLoCWQ==
-----END CERTIFICATE-----
Generated at Tue Apr 28 19:33:49 2026 by rpki-client