Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04a64076-9adb-4301-817c-2be1c1e1d57e.roa
File: 04a64076-9adb-4301-817c-2be1c1e1d57e.roa (raw, json)
Hash identifier: igUi4/+QTWpVMlKI4Deg6IW2Afj9bZNmoYZpyCIYE48=
Subject key identifier: EB:75:CA:81:3E:42:DF:34:96:5F:49:E4:60:9C:E5:7A:BE:A6:3E:71
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7CA09EAC896399577768BEC314FDB8FBC8AE0CE4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04a64076-9adb-4301-817c-2be1c1e1d57e.roa
Signing time: Sun 17 May 2026 02:00:07 +0000
ROA not before: Sun 17 May 2026 02:00:07 +0000
ROA not after: Sat 15 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:a0:9e:ac:89:63:99:57:77:68:be:c3:14:fd:b8:fb:c8:ae:0c:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 17 02:00:07 2026 GMT
Not After : Aug 15 23:59:59 2026 GMT
Subject: serialNumber=af1cec806187f97d7e09820198040182f05a9428054e8a79b4397a784794dd9c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:b5:54:08:7b:2d:e0:2f:2b:37:d0:cd:99:f6:
10:e2:99:76:36:55:40:9a:c0:f7:b3:98:8e:48:7c:
ee:ad:d3:35:54:6e:7d:d9:8e:41:32:6f:5f:c2:4d:
3e:63:5c:2e:9a:90:61:80:52:4d:39:ed:82:23:31:
ad:88:ae:d9:3b:a9:64:dc:3f:a6:21:1e:54:f1:5d:
4a:c2:9e:50:1d:74:ec:b8:00:2e:bb:56:44:7d:21:
2e:1a:d3:4e:89:0e:d3:a3:db:fb:79:6c:fd:43:f8:
53:63:cc:eb:c0:ff:88:83:d6:46:09:e4:6c:05:40:
bf:12:1d:3c:b9:c9:6b:c4:bb:b9:f5:e5:e9:e8:95:
10:87:b7:c4:d6:25:e5:c8:2d:c6:91:f7:4e:a3:72:
4f:93:73:5e:38:8d:fc:1a:86:55:77:74:9e:ff:e8:
81:e5:56:f6:c2:20:39:92:00:62:f6:3d:f8:c5:9e:
02:7c:62:de:42:e6:ad:ab:24:c5:d9:61:a1:3a:6e:
ae:2e:24:3c:1c:60:37:27:d1:60:98:64:eb:86:42:
6e:f4:da:09:f5:0e:4f:32:b9:bd:f8:bf:7b:58:07:
33:49:25:34:ff:d1:e5:7b:3e:50:6c:ef:3f:24:d0:
41:64:7f:53:f7:a3:94:9c:16:29:2c:8c:35:b7:4e:
ec:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:75:CA:81:3E:42:DF:34:96:5F:49:E4:60:9C:E5:7A:BE:A6:3E:71
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/04a64076-9adb-4301-817c-2be1c1e1d57e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:800::/40
Signature Algorithm: sha256WithRSAEncryption
9c:41:c1:10:aa:10:d1:c6:4c:02:0f:98:7e:59:b3:c2:91:41:
12:9a:4c:c1:6b:ed:fe:be:40:bb:03:75:d4:43:a4:ed:c7:d0:
64:98:6b:a8:07:7a:e0:ce:53:87:a9:f7:a3:cf:b4:d5:af:fb:
a6:de:a8:90:5f:65:68:41:61:0a:a0:40:fd:42:91:a0:ee:d7:
47:e8:b2:c7:93:02:22:11:99:6f:1e:37:39:67:52:ce:1a:20:
08:8f:e6:1e:52:ad:8d:76:f5:e6:a2:16:d8:73:03:42:a2:93:
05:96:72:7a:cd:9e:cc:75:21:f0:75:14:00:f0:c0:b1:c6:5e:
f0:07:39:c4:30:90:ec:c9:e6:9b:e6:fa:89:df:2b:b7:80:17:
2e:d5:2e:c5:2e:7b:63:fa:84:76:20:01:e8:29:28:3d:01:dc:
41:02:ad:73:2d:31:80:27:29:fe:2e:e2:a1:c9:bf:11:95:a9:
cc:a8:29:21:c2:ac:b9:fb:2c:9c:c9:14:03:cd:ca:95:b2:e2:
15:b6:80:96:5d:85:5d:b9:62:79:a3:11:85:d5:7e:f7:1b:6b:
e6:f0:93:9c:4f:00:69:65:db:2d:c9:a2:91:4b:f6:aa:d3:b6:
a9:d1:ce:ec:ed:08:b3:89:45:d7:cb:8b:da:75:ef:19:1e:d3:
95:6b:b1:45
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfKCerIljmVd3aL7DFP24+8iuDOQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTcwMjAwMDdaFw0yNjA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGFmMWNlYzgwNjE4N2Y5N2Q3ZTA5ODIwMTk4MDQwMTgyZjA1YTk0MjgwNTRl
OGE3OWI0Mzk3YTc4NDc5NGRkOWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALG1VAh7LeAvKzfQzZn2EOKZdjZVQJrA97OYjkh87q3TNVRufdmOQTJvX8JN
PmNcLpqQYYBSTTntgiMxrYiu2TupZNw/piEeVPFdSsKeUB107LgALrtWRH0hLhrT
TokO06Pb+3ls/UP4U2PM68D/iIPWRgnkbAVAvxIdPLnJa8S7ufXl6eiVEIe3xNYl
5cgtxpH3TqNyT5NzXjiN/BqGVXd0nv/ogeVW9sIgOZIAYvY9+MWeAnxi3kLmrask
xdlhoTpuri4kPBxgNyfRYJhk64ZCbvTaCfUOTzK5vfi/e1gHM0klNP/R5Xs+UGzv
PyTQQWR/U/ejlJwWKSyMNbdO7OsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTrdcqB
PkLfNJZfSeRgnOV6vqY+cTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDRhNjQwNzYtOWFkYi00MzAxLTgxN2MtMmJlMWMxZTFkNTdlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HEI
MA0GCSqGSIb3DQEBCwUAA4IBAQCcQcEQqhDRxkwCD5h+WbPCkUESmkzBa+3+vkC7
A3XUQ6Ttx9BkmGuoB3rgzlOHqfejz7TVr/um3qiQX2VoQWEKoED9QpGg7tdH6LLH
kwIiEZlvHjc5Z1LOGiAIj+YeUq2NdvXmohbYcwNCopMFlnJ6zZ7MdSHwdRQA8MCx
xl7wBznEMJDsyeab5vqJ3yu3gBcu1S7FLntj+oR2IAHoKSg9AdxBAq1zLTGAJyn+
LuKhyb8RlanMqCkhwqy5+yycyRQDzcqVsuIVtoCWXYVduWJ5oxGF1X73G2vm8JOc
TwBpZdstyaKRS/aq07ap0c7s7QiziUXXy4vade8ZHtOVa7FF
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:00:59 2026 by rpki-client