Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/02e4a1ed-1aff-44e0-aaf4-87e200d8fc1f.roa
File: 02e4a1ed-1aff-44e0-aaf4-87e200d8fc1f.roa (raw, json)
Hash identifier: AJnz7z/0mCLnr42wP6iIvLq+vpJjl5DvbK2BFoHP9Z8=
Subject key identifier: 74:AD:30:5A:65:83:10:CB:42:4A:AB:C2:E4:63:C8:0D:71:87:14:29
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 787567F36091D9B1BB01656E7C33295BAC288582
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/02e4a1ed-1aff-44e0-aaf4-87e200d8fc1f.roa
Signing time: Fri 22 May 2026 16:03:26 +0000
ROA not before: Fri 22 May 2026 16:03:26 +0000
ROA not after: Thu 20 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d068:10c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:75:67:f3:60:91:d9:b1:bb:01:65:6e:7c:33:29:5b:ac:28:85:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 22 16:03:26 2026 GMT
Not After : Aug 20 23:59:59 2026 GMT
Subject: serialNumber=0cfea15dea56a10f1c878cb9ca3d3295437bd2a150c1a30d7b7710eddb29f888, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:df:dc:76:a2:08:f4:42:2e:68:0e:e1:7d:18:
77:ec:a5:c7:11:de:78:a9:86:46:e1:28:87:3f:de:
95:b7:a5:8e:f5:65:d6:f4:54:ec:8e:38:1a:60:9f:
57:a3:10:d1:e5:29:a9:16:2d:d5:11:f0:c4:e7:07:
db:85:36:b1:8f:1e:db:f9:0e:9d:69:14:c7:de:0e:
93:d5:f0:2a:6c:eb:fb:3f:85:9e:6d:09:18:19:47:
6c:07:1a:b2:fc:8c:7b:f8:02:7e:9d:fa:3b:72:d4:
fc:51:16:1b:05:96:95:1b:ec:d5:be:5b:9f:4f:93:
a9:d9:d4:d3:76:2c:2c:8a:6c:76:d6:ce:a6:0b:17:
c5:f8:5e:3e:7a:bc:82:75:44:ea:92:c7:95:99:f6:
a9:af:ff:97:c1:39:a2:94:ad:19:2b:5b:e6:74:9f:
74:d7:67:0c:1e:a4:2b:1c:c9:30:86:3e:58:3a:92:
2b:0a:c0:c0:4c:14:e1:a0:ec:59:c8:93:82:b1:d3:
87:6c:cf:84:22:f0:c7:46:7d:aa:c4:40:87:63:30:
54:55:ab:f6:dd:3d:de:20:b4:42:45:e9:88:e1:04:
43:b2:61:f3:4d:98:30:fd:70:9b:47:b1:1f:c4:c2:
03:6b:4f:61:df:24:e7:3d:ab:02:63:d2:fc:0d:b2:
b3:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:AD:30:5A:65:83:10:CB:42:4A:AB:C2:E4:63:C8:0D:71:87:14:29
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/02e4a1ed-1aff-44e0-aaf4-87e200d8fc1f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d068:10c0::/48
Signature Algorithm: sha256WithRSAEncryption
63:f1:42:ba:92:b9:eb:38:ab:0f:ff:8c:df:0c:ee:62:15:9e:
76:c3:03:fb:a3:ca:02:b3:70:77:80:74:bc:fe:98:71:f0:73:
bf:4e:69:f2:26:2d:bd:2c:a9:59:5a:5f:2d:37:a3:d0:e8:b4:
2b:25:21:67:01:ba:60:e7:41:ef:92:17:4e:ef:41:d7:f1:75:
72:8a:c9:de:8a:a7:70:41:6f:59:15:eb:91:42:c9:0d:f5:37:
de:08:3c:b3:61:67:b1:98:12:af:b8:6e:76:35:be:18:06:d3:
90:fa:ac:db:b8:24:4b:32:3c:b6:56:43:47:e7:91:e2:c2:4c:
bc:e0:df:1f:de:44:43:2b:26:ea:26:57:ab:a8:a9:6d:75:53:
0c:8b:88:11:1f:df:db:13:b1:f5:ad:3c:29:d1:a6:30:58:44:
c5:d7:91:92:a3:7e:83:c4:28:6f:d5:35:62:f3:98:8a:e0:7d:
43:c8:e6:4f:1f:bb:46:16:bf:f1:17:89:5f:f3:7a:82:a2:67:
36:97:26:41:75:25:28:01:b8:da:ef:59:7f:50:47:11:1b:d1:
78:10:be:6c:b3:09:46:55:1e:ac:28:4e:d5:4d:d7:10:91:4d:
64:1b:65:8d:90:30:a6:bf:ba:da:58:24:84:ba:66:82:c0:e2:
05:ae:99:10
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUeHVn82CR2bG7AWVufDMpW6wohYIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MjIxNjAzMjZaFw0yNjA4MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDBjZmVhMTVkZWE1NmExMGYxYzg3OGNiOWNhM2QzMjk1NDM3YmQyYTE1MGMx
YTMwZDdiNzcxMGVkZGIyOWY4ODgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJbf3HaiCPRCLmgO4X0Yd+ylxxHeeKmGRuEohz/elbeljvVl1vRU7I44GmCf
V6MQ0eUpqRYt1RHwxOcH24U2sY8e2/kOnWkUx94Ok9XwKmzr+z+Fnm0JGBlHbAca
svyMe/gCfp36O3LU/FEWGwWWlRvs1b5bn0+TqdnU03YsLIpsdtbOpgsXxfhePnq8
gnVE6pLHlZn2qa//l8E5opStGStb5nSfdNdnDB6kKxzJMIY+WDqSKwrAwEwU4aDs
WciTgrHTh2zPhCLwx0Z9qsRAh2MwVFWr9t093iC0QkXpiOEEQ7Jh802YMP1wm0ex
H8TCA2tPYd8k5z2rAmPS/A2ys68CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBR0rTBa
ZYMQy0JKq8LkY8gNcYcUKTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDJlNGExZWQtMWFmZi00NGUwLWFhZjQtODdlMjAwZDhmYzFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0GgQ
wDANBgkqhkiG9w0BAQsFAAOCAQEAY/FCupK56zirD/+M3wzuYhWedsMD+6PKArNw
d4B0vP6YcfBzv05p8iYtvSypWVpfLTej0Oi0KyUhZwG6YOdB75IXTu9B1/F1corJ
3oqncEFvWRXrkULJDfU33gg8s2FnsZgSr7hudjW+GAbTkPqs27gkSzI8tlZDR+eR
4sJMvODfH95EQysm6iZXq6ipbXVTDIuIER/f2xOx9a08KdGmMFhExdeRkqN+g8Qo
b9U1YvOYiuB9Q8jmTx+7Rha/8ReJX/N6gqJnNpcmQXUlKAG42u9Zf1BHERvReBC+
bLMJRlUerChO1U3XEJFNZBtljZAwpr+62lgkhLpmgsDiBa6ZEA==
-----END CERTIFICATE-----
Generated at Sat Jun 13 12:40:59 2026 by rpki-client