Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/09f64eda-2b9c-4c89-8eb4-7cfb08b2ba08.roa
File: 09f64eda-2b9c-4c89-8eb4-7cfb08b2ba08.roa (raw, json)
Hash identifier: 0CHRuPg7j90DeNMj2Pdw9lSEQi13RTL9btA4kkNmig8=
Subject key identifier: 19:9C:20:17:69:0B:8C:DA:B2:66:69:56:8E:6E:D4:94:0D:E6:2C:FB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5ABF0E9E374A54653837DC7D74D6926F94AB7FC1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/09f64eda-2b9c-4c89-8eb4-7cfb08b2ba08.roa
Signing time: Tue 19 May 2026 05:10:38 +0000
ROA not before: Tue 19 May 2026 05:10:38 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:8020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:bf:0e:9e:37:4a:54:65:38:37:dc:7d:74:d6:92:6f:94:ab:7f:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:10:38 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=28334e717596c8e7fbf4809730ce1cd5dea8a1bf6c73a6f7a07a509275987500, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:74:1e:3a:d4:92:04:fb:23:f8:dd:45:81:32:
86:d5:bc:7c:06:4d:af:86:e6:7b:19:01:1d:94:0c:
3c:f4:b5:f4:05:1f:6b:7b:5a:d6:8f:31:d6:ee:1b:
60:35:5b:f2:ec:41:3f:5e:3e:3a:ba:85:8c:82:29:
69:c0:49:d1:59:71:92:d8:19:5d:05:3b:99:72:f1:
2d:00:7f:c6:61:21:12:c5:12:82:f5:8e:40:b9:88:
6c:05:e3:76:c4:3a:af:41:7d:68:15:40:23:50:6b:
ce:bb:cb:1f:92:90:a0:9f:00:cf:15:dd:43:11:0b:
cc:fe:97:2f:3f:75:78:72:3d:21:6f:1c:c5:30:0e:
10:e6:59:28:66:13:3a:af:80:16:2a:87:9f:de:a7:
39:2b:77:10:e1:d1:ee:5d:05:7a:e0:6e:b9:9f:3a:
1a:c4:6f:27:f8:a7:bf:30:22:6c:23:67:78:94:3b:
a8:c0:75:a1:3e:47:17:05:1e:cf:da:5e:e8:dd:17:
ef:0e:d9:4b:88:f3:3a:c8:97:a7:b3:5b:38:31:40:
62:55:92:74:2d:66:e8:14:6a:07:e8:67:30:af:ce:
3d:24:67:d0:00:4c:56:60:e9:12:78:4c:e6:7a:da:
11:d7:f4:b8:ec:11:69:44:41:ee:82:c0:3d:78:a5:
9d:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:9C:20:17:69:0B:8C:DA:B2:66:69:56:8E:6E:D4:94:0D:E6:2C:FB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/09f64eda-2b9c-4c89-8eb4-7cfb08b2ba08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:8020::/48
Signature Algorithm: sha256WithRSAEncryption
69:30:41:58:1d:5a:1e:fb:55:d4:b6:1e:16:01:b2:4d:d4:fd:
8c:b3:6d:e3:85:3f:08:24:4f:6f:64:17:7c:36:ae:2b:a8:0b:
21:fd:4a:25:d9:59:b0:6e:99:e9:f5:30:d0:f2:91:96:f2:e4:
d9:85:50:e2:46:58:48:aa:58:65:95:ed:ca:8f:d7:a8:29:fe:
14:82:64:d5:7b:c7:db:ec:d6:9b:29:e4:e6:de:13:ae:ac:8d:
07:f0:cb:ca:a4:37:10:44:78:fc:9f:bb:ad:0a:64:6f:54:cf:
e7:63:79:3d:0c:8a:a9:53:52:06:d0:83:ee:54:cf:81:69:28:
1a:d8:95:e2:44:4d:00:5c:db:36:98:0e:f1:f3:3f:84:54:53:
ef:5f:d0:91:01:80:64:d3:a6:66:21:06:f2:d2:d3:82:c2:7b:
24:0f:e9:18:03:3d:89:16:82:96:79:61:48:df:02:8c:80:3e:
c0:38:77:fe:89:42:fa:26:fe:d1:91:27:62:25:c7:66:d8:4b:
8d:a4:db:dd:fa:36:19:f2:7c:7b:ad:0e:4f:f1:f4:f8:e1:f2:
b5:f9:62:34:b4:7e:28:cc:8c:9e:43:c8:dd:90:33:fc:20:4e:
86:df:b5:28:15:82:2f:57:e2:55:34:18:cf:47:33:74:13:31:
0c:88:4b:fb
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUWr8OnjdKVGU4N9x9dNaSb5Srf8EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTEwMzhaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDI4MzM0ZTcxNzU5NmM4ZTdmYmY0ODA5NzMwY2UxY2Q1ZGVhOGExYmY2Yzcz
YTZmN2EwN2E1MDkyNzU5ODc1MDAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANJ0HjrUkgT7I/jdRYEyhtW8fAZNr4bmexkBHZQMPPS19AUfa3ta1o8x1u4b
YDVb8uxBP14+OrqFjIIpacBJ0VlxktgZXQU7mXLxLQB/xmEhEsUSgvWOQLmIbAXj
dsQ6r0F9aBVAI1BrzrvLH5KQoJ8AzxXdQxELzP6XLz91eHI9IW8cxTAOEOZZKGYT
Oq+AFiqHn96nOSt3EOHR7l0FeuBuuZ86GsRvJ/invzAibCNneJQ7qMB1oT5HFwUe
z9pe6N0X7w7ZS4jzOsiXp7NbODFAYlWSdC1m6BRqB+hnMK/OPSRn0ABMVmDpEnhM
5nraEdf0uOwRaURB7oLAPXilnYECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQZnCAX
aQuM2rJmaVaObtSUDeYs+zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDlmNjRlZGEtMmI5Yy00Yzg5LThlYjQtN2NmYjA4YjJiYTA4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0DiA
IDANBgkqhkiG9w0BAQsFAAOCAQEAaTBBWB1aHvtV1LYeFgGyTdT9jLNt44U/CCRP
b2QXfDauK6gLIf1KJdlZsG6Z6fUw0PKRlvLk2YVQ4kZYSKpYZZXtyo/XqCn+FIJk
1XvH2+zWmynk5t4TrqyNB/DLyqQ3EER4/J+7rQpkb1TP52N5PQyKqVNSBtCD7lTP
gWkoGtiV4kRNAFzbNpgO8fM/hFRT71/QkQGAZNOmZiEG8tLTgsJ7JA/pGAM9iRaC
lnlhSN8CjIA+wDh3/olC+ib+0ZEnYiXHZthLjaTb3fo2GfJ8e60OT/H0+OHytfli
NLR+KMyMnkPI3ZAz/CBOht+1KBWCL1fiVTQYz0czdBMxDIhL+w==
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:44:57 2026 by rpki-client