Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0bf6cef8-8c60-4a0e-8932-cfda648d2772.roa
File: 0bf6cef8-8c60-4a0e-8932-cfda648d2772.roa (raw, json)
Hash identifier: fQspZvhWhnICbDnnYd6nBojVz466TB3G+dQ1qHWfeKk=
Subject key identifier: 98:05:32:6E:DD:21:BD:12:AE:E9:C2:57:67:D9:09:76:C7:57:1C:CA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 29BBAB2B62CCF4C4BACBE0093CA0659D02498D5E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0bf6cef8-8c60-4a0e-8932-cfda648d2772.roa
Signing time: Tue 19 May 2026 05:10:37 +0000
ROA not before: Tue 19 May 2026 05:10:37 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d018:1000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:bb:ab:2b:62:cc:f4:c4:ba:cb:e0:09:3c:a0:65:9d:02:49:8d:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:10:37 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=16bd4141a61a6c07c80499cd7834bec73da37e8df964bb92e4f42636fc16e90f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:80:e3:15:0c:25:20:36:f4:89:58:64:6c:93:
d7:6b:ca:84:8e:f4:81:6d:84:e6:b7:9f:e4:24:fb:
91:c0:45:0f:ae:9c:f3:4b:c6:74:44:52:2f:0b:13:
bc:e5:e7:41:76:85:26:cb:53:5a:9e:ca:da:8a:50:
84:5e:f8:a8:59:51:09:74:00:da:81:f9:4f:31:aa:
85:32:50:c4:29:24:a6:11:e0:05:d7:4f:61:f5:71:
4c:78:cf:30:11:58:ba:14:d7:1e:6d:0f:43:5a:45:
03:9d:55:32:66:cf:37:9f:d1:5f:87:c7:91:43:b7:
8b:41:30:de:17:63:ae:eb:12:86:19:57:97:6a:c4:
a1:49:cd:d7:74:ed:d5:27:bb:71:13:99:47:5a:64:
40:e2:15:a1:ff:71:8c:43:18:0e:04:9d:26:51:2c:
dd:dc:78:0c:eb:a5:df:f0:4c:33:e2:f2:15:eb:79:
36:dd:30:98:2a:39:06:7a:2c:b3:98:97:2f:9c:29:
04:23:b0:6c:72:12:1b:21:6b:7f:48:c6:20:c0:a0:
cf:3f:a2:47:d4:51:c2:4c:6e:47:eb:12:4b:1a:ac:
0b:3a:5e:1f:d1:1b:83:06:3c:11:71:40:d7:1e:9c:
30:74:11:cf:2b:b6:44:60:74:f1:5e:7c:db:1c:95:
3c:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:05:32:6E:DD:21:BD:12:AE:E9:C2:57:67:D9:09:76:C7:57:1C:CA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0bf6cef8-8c60-4a0e-8932-cfda648d2772.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d018:1000::/36
Signature Algorithm: sha256WithRSAEncryption
29:20:34:50:46:b2:a0:40:e9:70:42:cf:47:ed:26:10:d8:0c:
4e:8f:03:35:ca:c7:1a:db:86:27:a1:d8:f8:2e:d6:da:61:03:
dd:22:aa:b8:b6:bc:c3:9f:d8:93:a4:68:18:aa:0c:8f:c3:9b:
9b:80:ed:f9:04:f4:04:c7:26:96:18:e6:f7:c4:b8:17:29:72:
16:2e:46:37:f3:e9:fb:d3:a1:63:de:d7:11:3f:ab:8f:4d:9d:
d3:2b:1f:26:58:a1:a1:36:16:ac:5f:96:f9:56:fd:64:29:3f:
1d:34:e3:3b:46:ac:0c:57:34:f5:0a:74:c5:24:bd:dc:e5:32:
67:7f:7e:0f:91:70:16:73:c6:c9:79:b5:10:ef:49:82:8c:56:
cc:d1:ca:81:73:75:94:53:17:31:90:42:06:bb:2f:ed:a2:43:
63:03:14:6a:f3:61:ad:eb:89:c4:7a:85:01:ea:f3:7c:ef:00:
89:d1:55:54:00:c0:35:01:67:35:50:a1:64:e9:8d:eb:a7:47:
5b:c7:86:3e:e2:22:1e:9f:93:ba:c3:14:38:02:79:d5:f6:a0:
cd:a8:0d:99:91:49:f7:dc:68:60:41:83:7e:bc:10:83:b8:c5:
2f:82:69:63:f0:0c:63:00:f8:94:a5:b0:95:1d:07:55:e3:8e:
4a:e6:30:ad
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKburK2LM9MS6y+AJPKBlnQJJjV4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTEwMzdaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDE2YmQ0MTQxYTYxYTZjMDdjODA0OTljZDc4MzRiZWM3M2RhMzdlOGRmOTY0
YmI5MmU0ZjQyNjM2ZmMxNmU5MGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIyA4xUMJSA29IlYZGyT12vKhI70gW2E5ref5CT7kcBFD66c80vGdERSLwsT
vOXnQXaFJstTWp7K2opQhF74qFlRCXQA2oH5TzGqhTJQxCkkphHgBddPYfVxTHjP
MBFYuhTXHm0PQ1pFA51VMmbPN5/RX4fHkUO3i0Ew3hdjrusShhlXl2rEoUnN13Tt
1Se7cROZR1pkQOIVof9xjEMYDgSdJlEs3dx4DOul3/BMM+LyFet5Nt0wmCo5Bnos
s5iXL5wpBCOwbHISGyFrf0jGIMCgzz+iR9RRwkxuR+sSSxqsCzpeH9EbgwY8EXFA
1x6cMHQRzyu2RGB08V582xyVPAsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSYBTJu
3SG9Eq7pwldn2Ql2x1ccyjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGJmNmNlZjgtOGM2MC00YTBlLTg5MzItY2ZkYTY0OGQyNzcyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BgQ
MA0GCSqGSIb3DQEBCwUAA4IBAQApIDRQRrKgQOlwQs9H7SYQ2AxOjwM1ysca24Yn
odj4LtbaYQPdIqq4trzDn9iTpGgYqgyPw5ubgO35BPQExyaWGOb3xLgXKXIWLkY3
8+n706Fj3tcRP6uPTZ3TKx8mWKGhNhasX5b5Vv1kKT8dNOM7RqwMVzT1CnTFJL3c
5TJnf34PkXAWc8bJebUQ70mCjFbM0cqBc3WUUxcxkEIGuy/tokNjAxRq82Gt64nE
eoUB6vN87wCJ0VVUAMA1AWc1UKFk6Y3rp0dbx4Y+4iIen5O6wxQ4AnnV9qDNqA2Z
kUn33GhgQYN+vBCDuMUvgmlj8AxjAPiUpbCVHQdV445K5jCt
-----END CERTIFICATE-----
Generated at Sat Jun 13 13:42:49 2026 by rpki-client