Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/12099bf5-f9c1-463e-9fc9-eaf791e339e4.roa
File: 12099bf5-f9c1-463e-9fc9-eaf791e339e4.roa (raw, json)
Hash identifier: Fvm5LtsGd/tec0bvyGsB+6QgxwzFQYsMk4Yi/9jqsVM=
Subject key identifier: 27:69:33:67:6C:FC:BC:64:D9:4A:63:2A:78:18:9E:A7:CB:0E:2C:3B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 36858F7282A7D204E7929422406E5604BBEAC97A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/12099bf5-f9c1-463e-9fc9-eaf791e339e4.roa
Signing time: Tue 19 May 2026 05:10:56 +0000
ROA not before: Tue 19 May 2026 05:10:56 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d011::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:85:8f:72:82:a7:d2:04:e7:92:94:22:40:6e:56:04:bb:ea:c9:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:10:56 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=98beca57a82ce51fbaf74fba0d2da22030633206eeda9b5acd18a34fa5cd41c9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:44:04:6d:1b:cd:e6:10:cd:2f:a9:a4:40:ff:
9a:5b:9a:1c:ba:5d:4f:f4:fd:d2:62:75:08:3f:c7:
63:00:c0:a2:87:67:7d:72:ce:34:63:b7:d2:8b:19:
57:8b:96:b7:5c:b2:fb:60:91:33:d8:71:3c:8d:ba:
27:b7:42:82:84:20:59:c0:1a:97:e7:28:76:7b:f1:
58:0f:74:02:b6:fd:cb:9d:5d:f0:73:7b:05:fa:ec:
34:a9:75:a9:ae:30:88:3e:f5:8e:f8:2b:b8:48:3c:
0c:b7:4d:0b:39:0f:30:47:b6:db:79:55:eb:1f:63:
76:fb:4e:0b:e6:92:cb:c1:c5:24:35:7d:1c:aa:ae:
a0:d6:22:a0:45:64:b9:d4:5d:09:e5:23:26:3a:7c:
52:b8:36:cf:8e:f5:8a:77:b8:3b:97:56:ca:f4:0f:
29:e8:53:18:95:96:be:06:11:d4:c7:8f:d5:26:99:
56:9c:bd:09:56:e4:d2:1a:4b:98:47:dd:0f:71:7c:
4c:15:02:ab:27:0f:13:62:6a:d9:83:6c:c1:df:c2:
1a:78:10:a4:45:a6:9e:7a:19:2b:85:62:28:7d:d5:
49:63:a5:5e:1c:60:13:e1:52:21:4b:9b:e3:37:95:
94:05:30:28:4c:de:a8:2f:07:7b:b2:39:a9:f9:88:
4d:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:69:33:67:6C:FC:BC:64:D9:4A:63:2A:78:18:9E:A7:CB:0E:2C:3B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/12099bf5-f9c1-463e-9fc9-eaf791e339e4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d011::/38
Signature Algorithm: sha256WithRSAEncryption
75:ad:41:96:2a:06:fe:97:f4:a2:7f:c8:26:49:02:8a:05:e4:
d4:4f:88:fa:7d:86:9d:c6:8f:97:10:03:ae:28:85:5a:f1:4c:
a1:2c:aa:69:34:31:79:18:d3:95:16:7b:e6:2a:9b:4d:38:9b:
9e:f3:a8:46:69:56:de:8e:15:97:c8:bf:76:88:c4:5d:4f:ef:
be:1a:f1:33:4e:8a:24:ca:cf:9e:d0:db:3f:84:12:de:b6:35:
46:20:63:dd:ba:f8:cd:6c:11:6a:32:7e:1d:bc:4f:e3:0e:58:
d3:8b:4c:07:5e:55:f2:d0:f0:07:fc:4e:16:5a:11:5e:1b:f8:
3c:33:bf:e2:a0:f3:e4:48:0f:97:2f:88:57:36:d8:d3:e6:3d:
95:3a:43:1f:70:3c:2b:ac:7e:6b:96:e7:28:46:8d:7e:f5:4b:
f4:9b:1e:84:f8:7f:d4:2a:e7:4b:62:ab:5c:68:ac:5b:0c:08:
13:ae:b9:4b:15:c0:cb:c5:38:51:54:06:ce:13:71:15:b0:60:
c0:be:b8:4e:32:d3:eb:8b:24:64:ee:a6:3f:9d:96:5c:ab:0b:
20:c7:37:a4:87:a6:19:a6:ff:01:2f:81:7c:56:ee:30:72:94:
9f:e3:f1:bc:d0:f1:97:b7:7a:44:7a:6c:fb:1f:f4:5f:62:ab:
de:cc:70:5b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNoWPcoKn0gTnkpQiQG5WBLvqyXowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTEwNTZaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDk4YmVjYTU3YTgyY2U1MWZiYWY3NGZiYTBkMmRhMjIwMzA2MzMyMDZlZWRh
OWI1YWNkMThhMzRmYTVjZDQxYzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK5EBG0bzeYQzS+ppED/mluaHLpdT/T90mJ1CD/HYwDAoodnfXLONGO30osZ
V4uWt1yy+2CRM9hxPI26J7dCgoQgWcAal+codnvxWA90Arb9y51d8HN7BfrsNKl1
qa4wiD71jvgruEg8DLdNCzkPMEe223lV6x9jdvtOC+aSy8HFJDV9HKquoNYioEVk
udRdCeUjJjp8Urg2z471ine4O5dWyvQPKehTGJWWvgYR1MeP1SaZVpy9CVbk0hpL
mEfdD3F8TBUCqycPE2Jq2YNswd/CGngQpEWmnnoZK4ViKH3VSWOlXhxgE+FSIUub
4zeVlAUwKEzeqC8He7I5qfmITQ0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQnaTNn
bPy8ZNlKYyp4GJ6nyw4sOzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTIwOTliZjUtZjljMS00NjNlLTlmYzktZWFmNzkxZTMzOWU0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BEA
MA0GCSqGSIb3DQEBCwUAA4IBAQB1rUGWKgb+l/Sif8gmSQKKBeTUT4j6fYadxo+X
EAOuKIVa8UyhLKppNDF5GNOVFnvmKptNOJue86hGaVbejhWXyL92iMRdT+++GvEz
Tookys+e0Ns/hBLetjVGIGPduvjNbBFqMn4dvE/jDljTi0wHXlXy0PAH/E4WWhFe
G/g8M7/ioPPkSA+XL4hXNtjT5j2VOkMfcDwrrH5rlucoRo1+9Uv0mx6E+H/UKudL
YqtcaKxbDAgTrrlLFcDLxThRVAbOE3EVsGDAvrhOMtPriyRk7qY/nZZcqwsgxzek
h6YZpv8BL4F8Vu4wcpSf4/G80PGXt3pEemz7H/RfYqvezHBb
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:00:49 2026 by rpki-client