Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/02637666-ed34-43aa-b7a8-bb29f34fad13.roa
File: 02637666-ed34-43aa-b7a8-bb29f34fad13.roa (raw, json)
Hash identifier: b8V8FGeMgQDkMgGM/Rhch2odb1qNnNeLfPncSV+ykic=
Subject key identifier: 6B:8B:FB:86:89:43:69:CD:97:11:46:6B:33:F8:2A:E8:03:C8:E9:91
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 46DA4DABC0A311890291F88E4831035B7213ECD3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/02637666-ed34-43aa-b7a8-bb29f34fad13.roa
Signing time: Sat 16 May 2026 00:40:09 +0000
ROA not before: Sat 16 May 2026 00:40:09 +0000
ROA not after: Fri 14 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:b000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:da:4d:ab:c0:a3:11:89:02:91:f8:8e:48:31:03:5b:72:13:ec:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 16 00:40:09 2026 GMT
Not After : Aug 14 23:59:59 2026 GMT
Subject: serialNumber=df54cbd31e8b2f75a9a2cb935956c4f20ec35590b23cfa38073b9c5ee5235738, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:d7:41:91:a1:5e:05:7c:2d:c2:a9:9b:ed:61:
ea:84:e6:3e:c5:0e:dd:15:ac:4a:89:59:54:c3:4c:
db:b4:bd:13:e8:ef:d7:5e:4c:df:5b:93:5e:e1:c4:
bd:9b:31:5f:d1:e7:ee:fa:ec:a9:6b:e1:06:0e:32:
de:4f:8c:75:ee:14:36:c5:54:6a:33:30:d7:6e:2e:
2c:d5:18:b1:8a:88:fb:85:cb:df:90:60:54:6e:c1:
c7:30:bb:96:96:95:29:37:79:72:6e:1d:68:f1:13:
b3:53:2b:d6:65:45:b0:50:3e:43:4c:9c:71:64:e3:
3c:f0:e5:65:c2:e7:86:11:1c:2d:e4:36:4e:48:e7:
7a:d3:5c:01:51:a6:51:e4:a9:6c:79:4e:f3:b3:eb:
61:e5:1c:1a:07:99:66:af:d3:22:c9:5a:82:f1:f9:
42:16:f2:31:52:57:98:56:7d:7e:61:86:5b:48:05:
4f:9c:cd:48:c8:7d:36:50:21:bd:8a:eb:11:2a:1a:
95:22:07:0c:c5:99:da:2a:6e:94:09:13:ed:f9:d8:
ed:9d:c0:1d:72:5c:ff:ad:6c:9a:83:da:7f:63:a2:
50:4a:c9:18:71:ff:e4:84:d1:60:fa:1c:08:8d:91:
b3:99:07:63:22:6b:47:bd:a6:08:b5:01:69:50:24:
35:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:8B:FB:86:89:43:69:CD:97:11:46:6B:33:F8:2A:E8:03:C8:E9:91
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/02637666-ed34-43aa-b7a8-bb29f34fad13.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:b000::/40
Signature Algorithm: sha256WithRSAEncryption
b8:01:1f:9c:f5:2c:a4:7b:01:ff:2b:e4:3b:13:77:01:76:b4:
d2:8b:3d:ac:06:43:5f:bb:fb:58:44:6f:9a:a0:e9:30:86:d0:
6e:85:1d:55:b1:d3:75:4f:c7:f6:2a:70:a2:58:33:9a:5e:86:
c6:be:dd:19:dd:ca:7b:09:43:99:9c:8f:d0:aa:c7:e0:35:24:
c7:08:25:2b:49:a9:8e:b1:ef:ce:7f:59:26:7a:43:ef:47:8d:
b9:ad:2f:23:50:c1:1a:71:eb:ee:e0:d3:fe:b5:d2:88:8e:24:
24:42:51:48:01:d9:bb:5b:5b:38:13:91:05:0f:95:b7:5c:68:
42:83:f2:ac:42:7b:8e:e5:7b:85:2e:db:1f:50:52:7d:3a:60:
63:ec:02:01:c0:07:e9:cc:fe:47:b3:58:48:4d:ca:48:16:31:
36:92:d3:fd:50:a4:a9:2d:23:24:58:90:93:8b:44:1e:98:5b:
58:08:a5:02:02:a3:d0:54:f5:93:ed:2b:3e:3d:b4:51:5c:ac:
67:4d:7c:7f:bf:16:b9:02:62:f5:4a:a1:41:0b:71:d8:24:66:
98:7f:d8:e0:31:80:a4:d4:6d:8b:78:f7:7a:84:29:bd:2f:31:
da:5f:dd:a9:ac:f8:73:6e:ab:89:3b:84:4e:5d:84:ec:38:7c:
90:26:b7:35
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURtpNq8CjEYkCkfiOSDEDW3IT7NMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTYwMDQwMDlaFw0yNjA4MTQyMzU5NTlaMHoxSTBHBgNV
BAUTQGRmNTRjYmQzMWU4YjJmNzVhOWEyY2I5MzU5NTZjNGYyMGVjMzU1OTBiMjNj
ZmEzODA3M2I5YzVlZTUyMzU3MzgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOrXQZGhXgV8LcKpm+1h6oTmPsUO3RWsSolZVMNM27S9E+jv115M31uTXuHE
vZsxX9Hn7vrsqWvhBg4y3k+Mde4UNsVUajMw124uLNUYsYqI+4XL35BgVG7BxzC7
lpaVKTd5cm4daPETs1Mr1mVFsFA+Q0yccWTjPPDlZcLnhhEcLeQ2TkjnetNcAVGm
UeSpbHlO87PrYeUcGgeZZq/TIslagvH5QhbyMVJXmFZ9fmGGW0gFT5zNSMh9NlAh
vYrrESoalSIHDMWZ2ipulAkT7fnY7Z3AHXJc/61smoPaf2OiUErJGHH/5ITRYPoc
CI2Rs5kHYyJrR72mCLUBaVAkNSkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRri/uG
iUNpzZcRRmsz+CroA8jpkTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDI2Mzc2NjYtZWQzNC00M2FhLWI3YTgtYmIyOWYzNGZhZDEzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Huw
MA0GCSqGSIb3DQEBCwUAA4IBAQC4AR+c9SykewH/K+Q7E3cBdrTSiz2sBkNfu/tY
RG+aoOkwhtBuhR1VsdN1T8f2KnCiWDOaXobGvt0Z3cp7CUOZnI/QqsfgNSTHCCUr
SamOse/Of1kmekPvR425rS8jUMEacevu4NP+tdKIjiQkQlFIAdm7W1s4E5EFD5W3
XGhCg/KsQnuO5XuFLtsfUFJ9OmBj7AIBwAfpzP5Hs1hITcpIFjE2ktP9UKSpLSMk
WJCTi0QemFtYCKUCAqPQVPWT7Ss+PbRRXKxnTXx/vxa5AmL1SqFBC3HYJGaYf9jg
MYCk1G2LePd6hCm9LzHaX92prPhzbquJO4ROXYTsOHyQJrc1
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:12:42 2026 by rpki-client