Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1c81ae85-a97a-41c4-97f7-3327ccf0dc21.roa
File: 1c81ae85-a97a-41c4-97f7-3327ccf0dc21.roa (raw, json)
Hash identifier: JvEOoszD317jYz5sqrrVYCLxlK78QUm0Qw6mX8+fmlc=
Subject key identifier: FB:A3:4C:3D:04:38:03:DE:BD:97:D1:90:5F:C4:69:8B:5A:7C:33:A7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6189B5EC30FCF711736AA3E0793C830D5A7EB01F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1c81ae85-a97a-41c4-97f7-3327ccf0dc21.roa
Signing time: Tue 19 May 2026 05:20:36 +0000
ROA not before: Tue 19 May 2026 05:20:36 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:a040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:89:b5:ec:30:fc:f7:11:73:6a:a3:e0:79:3c:83:0d:5a:7e:b0:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:20:36 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=d7363bb9ea392b6742a155e2bc2cf5e5a0ad555dbb8900629a13c583e5196671, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:fc:fb:66:47:d9:3c:70:7b:97:d3:c3:88:f0:
7d:e3:2f:88:ba:80:e9:ae:ef:9c:80:06:4e:5e:f5:
4f:a7:27:83:03:b8:c3:49:ca:5e:3e:f1:be:1d:b4:
8d:14:63:ec:70:cc:b8:1a:ad:04:9c:80:48:6c:f4:
72:86:62:a0:3e:aa:77:18:6a:db:18:e0:d1:ef:3d:
9f:df:89:a6:75:cc:6d:67:e2:24:5b:b3:03:7f:d7:
89:f5:24:20:ca:f1:c5:f2:b0:a6:1d:9c:18:32:af:
97:d6:f3:fc:b9:e3:87:b4:87:b6:a0:4a:73:f6:56:
e2:d3:9d:91:13:a2:d3:24:21:19:d6:d5:f9:72:85:
a9:bc:41:d3:08:0d:46:33:32:6b:f3:6c:f4:aa:5a:
b3:1b:ea:7c:88:40:08:7f:3d:16:af:6b:dd:ac:b9:
c3:bd:e0:4a:c8:66:9b:53:03:78:74:73:d5:11:f0:
3a:49:ea:e6:2e:02:cb:80:46:42:6e:bf:05:a7:b4:
f0:b8:43:59:91:e2:41:dc:5a:fe:15:fb:eb:c3:12:
d1:97:55:66:04:a2:50:ce:ae:ca:c9:e2:48:c1:13:
d7:f4:77:11:d8:7d:68:b1:43:5e:4b:53:c9:08:5b:
19:08:ee:96:73:b5:09:0a:3f:8c:23:97:c9:2a:5a:
4a:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:A3:4C:3D:04:38:03:DE:BD:97:D1:90:5F:C4:69:8B:5A:7C:33:A7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1c81ae85-a97a-41c4-97f7-3327ccf0dc21.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:a040::/48
Signature Algorithm: sha256WithRSAEncryption
95:45:01:59:fe:b0:1a:ec:a6:32:4e:81:ab:aa:6a:c0:8a:0d:
96:d5:26:e6:d7:53:7c:57:97:bd:61:69:21:96:94:95:52:b1:
02:35:ef:8b:b5:af:4f:1f:07:c0:0b:92:bb:80:26:64:26:c2:
81:f2:78:8d:86:da:0a:b2:e0:d5:13:32:82:5d:8b:8c:e3:62:
24:34:d9:4e:54:ad:33:b7:d2:6e:b3:65:7b:07:14:fb:33:36:
4b:48:a1:ab:73:43:20:c5:61:96:58:f7:d8:c4:1c:13:59:f6:
60:01:b2:4c:22:6b:10:8a:2b:da:47:75:c5:d7:78:48:13:f6:
b7:d5:d9:2e:81:fa:64:fb:2f:47:04:e0:6d:6f:c1:6d:1e:d8:
e1:d7:af:5e:9a:d9:3b:28:e4:b4:ee:ce:f9:4b:ae:3c:58:44:
71:1f:d3:de:45:85:ab:29:76:a8:07:22:a1:49:95:6d:e0:ac:
0b:ba:5a:35:ab:0e:c9:98:63:e6:ff:89:c5:68:95:da:60:78:
1f:f1:8c:a6:83:14:34:2f:6d:28:b3:24:8b:a0:fc:94:b6:b2:
4f:4f:bb:cc:66:c5:84:3c:ab:b6:b9:c9:7f:cf:6e:bb:25:41:
5c:52:ab:5b:ea:0b:14:8d:ab:85:a8:9c:19:a2:13:09:0b:45:
7d:3f:9d:d7
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUYYm17DD89xFzaqPgeTyDDVp+sB8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTIwMzZaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ3MzYzYmI5ZWEzOTJiNjc0MmExNTVlMmJjMmNmNWU1YTBhZDU1NWRiYjg5
MDA2MjlhMTNjNTgzZTUxOTY2NzExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ78+2ZH2Txwe5fTw4jwfeMviLqA6a7vnIAGTl71T6cngwO4w0nKXj7xvh20
jRRj7HDMuBqtBJyASGz0coZioD6qdxhq2xjg0e89n9+JpnXMbWfiJFuzA3/XifUk
IMrxxfKwph2cGDKvl9bz/Lnjh7SHtqBKc/ZW4tOdkROi0yQhGdbV+XKFqbxB0wgN
RjMya/Ns9KpasxvqfIhACH89Fq9r3ay5w73gSshmm1MDeHRz1RHwOknq5i4Cy4BG
Qm6/Bae08LhDWZHiQdxa/hX768MS0ZdVZgSiUM6uysniSMET1/R3Edh9aLFDXktT
yQhbGQjulnO1CQo/jCOXySpaSh8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT7o0w9
BDgD3r2X0ZBfxGmLWnwzpzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWM4MWFlODUtYTk3YS00MWM0LTk3ZjctMzMyN2NjZjBkYzIxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACg
QDANBgkqhkiG9w0BAQsFAAOCAQEAlUUBWf6wGuymMk6Bq6pqwIoNltUm5tdTfFeX
vWFpIZaUlVKxAjXvi7WvTx8HwAuSu4AmZCbCgfJ4jYbaCrLg1RMygl2LjONiJDTZ
TlStM7fSbrNlewcU+zM2S0ihq3NDIMVhllj32MQcE1n2YAGyTCJrEIor2kd1xdd4
SBP2t9XZLoH6ZPsvRwTgbW/BbR7Y4devXprZOyjktO7O+UuuPFhEcR/T3kWFqyl2
qAcioUmVbeCsC7paNasOyZhj5v+JxWiV2mB4H/GMpoMUNC9tKLMki6D8lLayT0+7
zGbFhDyrtrnJf89uuyVBXFKrW+oLFI2rhaicGaITCQtFfT+d1w==
-----END CERTIFICATE-----
Generated at Sat Jun 13 11:35:35 2026 by rpki-client