Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ccfa364-07ab-4a5e-81a9-99f9d6b3a067.roa
File: 1ccfa364-07ab-4a5e-81a9-99f9d6b3a067.roa (raw, json)
Hash identifier: c0c6OlLbdja6amPpNlTbGfU7jWe5aDml7H1qw8hs2+8=
Subject key identifier: A0:CB:B7:35:A0:47:3D:82:2D:5B:4B:45:48:FD:E4:3E:31:49:16:0A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 76EAF905647496319D79092C7BB4ED409CB870C8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ccfa364-07ab-4a5e-81a9-99f9d6b3a067.roa
Signing time: Tue 19 May 2026 04:30:12 +0000
ROA not before: Tue 19 May 2026 04:30:12 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06f:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:ea:f9:05:64:74:96:31:9d:79:09:2c:7b:b4:ed:40:9c:b8:70:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:30:12 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=96edafdcc85ceadad9feeffe8f0c6183c3d8dad9a1d55b4361b8e59bc65b8f8d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:28:05:c6:fd:a5:c1:41:c5:61:e8:87:85:2c:
43:73:af:42:f2:ff:69:d8:24:ac:e3:fb:83:a1:e6:
45:ba:93:32:4c:4d:7f:67:bb:71:f6:26:a2:4f:b7:
9f:4f:f8:e0:58:c7:8a:e5:e7:32:30:39:14:ef:c0:
b5:db:79:14:42:f1:21:71:eb:f6:bc:bc:a5:4a:b7:
dc:ad:a0:da:25:3f:00:70:60:42:ed:61:13:87:ad:
22:09:75:b3:31:e8:38:f8:02:24:a1:56:84:11:a1:
72:70:65:d4:31:64:28:a5:3a:12:4f:24:17:6e:7d:
90:f1:73:7a:ad:c6:8d:70:c7:a1:6d:10:f5:94:d2:
3d:29:b7:95:3b:19:ed:11:c0:96:d6:eb:3b:93:5c:
9c:b8:bb:c9:c8:c1:76:d4:6e:c8:3d:50:0e:54:19:
c1:5a:73:7c:89:a6:da:ae:82:4e:70:4b:a2:3d:76:
b9:08:6c:92:d6:3f:c2:f1:12:2e:37:c0:9d:47:29:
98:ed:08:a4:1f:c6:6a:2d:e9:8b:3e:57:ea:ef:bb:
b7:6d:47:f2:a7:07:d2:5e:e6:15:60:a0:58:85:40:
59:72:3a:84:b7:66:ee:30:8c:ad:fb:3c:7a:68:3a:
5f:c2:e7:d6:72:bb:68:77:22:c3:f8:36:51:06:9d:
50:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:CB:B7:35:A0:47:3D:82:2D:5B:4B:45:48:FD:E4:3E:31:49:16:0A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ccfa364-07ab-4a5e-81a9-99f9d6b3a067.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:e000::/40
Signature Algorithm: sha256WithRSAEncryption
18:c5:44:de:dc:26:f8:31:d8:01:21:cc:4c:27:05:a4:4b:aa:
a5:cf:53:7a:fd:65:d4:f4:b7:64:e4:17:bb:62:14:a6:65:38:
5f:44:02:d3:a5:6a:15:0a:d7:95:b9:ac:a4:aa:de:c5:99:96:
a3:ec:25:a6:47:40:24:89:fe:05:67:81:bb:a5:7a:ff:63:99:
1f:56:45:2b:a2:ac:07:53:25:74:3b:3c:e8:4f:39:c3:c6:01:
cc:27:72:5d:47:b1:1e:76:e7:69:b6:b4:60:ee:eb:55:35:06:
a7:20:ef:b1:82:49:66:3e:8b:88:2d:2c:12:71:bf:5d:f3:37:
66:48:43:db:66:c2:13:da:d7:d8:a6:91:4c:9c:ca:35:4d:c4:
4f:2c:1a:ae:1d:be:a4:e8:29:70:2c:cc:22:5b:84:33:3b:6d:
05:7f:5b:56:98:d8:b3:d4:69:3e:04:68:4c:1d:8a:0f:80:81:
67:c4:10:f6:59:ad:0c:b8:e5:b6:46:4b:b3:d0:0e:87:f3:1a:
b9:23:d7:7b:f0:b9:83:c7:2f:3e:73:3d:1e:47:cd:e4:30:55:
e7:2f:97:85:a4:4b:b3:53:b6:9d:90:81:98:ec:d2:80:14:b3:
ce:eb:a9:04:78:77:f3:bb:4e:ec:8c:17:40:7f:a4:d8:97:4c:
a5:b0:c1:9e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdur5BWR0ljGdeQkse7TtQJy4cMgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDMwMTJaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDk2ZWRhZmRjYzg1Y2VhZGFkOWZlZWZmZThmMGM2MTgzYzNkOGRhZDlhMWQ1
NWI0MzYxYjhlNTliYzY1YjhmOGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO4oBcb9pcFBxWHoh4UsQ3OvQvL/adgkrOP7g6HmRbqTMkxNf2e7cfYmok+3
n0/44FjHiuXnMjA5FO/Atdt5FELxIXHr9ry8pUq33K2g2iU/AHBgQu1hE4etIgl1
szHoOPgCJKFWhBGhcnBl1DFkKKU6Ek8kF259kPFzeq3GjXDHoW0Q9ZTSPSm3lTsZ
7RHAltbrO5NcnLi7ycjBdtRuyD1QDlQZwVpzfImm2q6CTnBLoj12uQhsktY/wvES
LjfAnUcpmO0IpB/Gai3piz5X6u+7t21H8qcH0l7mFWCgWIVAWXI6hLdm7jCMrfs8
emg6X8Ln1nK7aHciw/g2UQadUNMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSgy7c1
oEc9gi1bS0VI/eQ+MUkWCjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWNjZmEzNjQtMDdhYi00YTVlLTgxYTktOTlmOWQ2YjNhMDY3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G/g
MA0GCSqGSIb3DQEBCwUAA4IBAQAYxUTe3Cb4MdgBIcxMJwWkS6qlz1N6/WXU9Ldk
5Be7YhSmZThfRALTpWoVCteVuaykqt7FmZaj7CWmR0Akif4FZ4G7pXr/Y5kfVkUr
oqwHUyV0OzzoTznDxgHMJ3JdR7EedudptrRg7utVNQanIO+xgklmPouILSwScb9d
8zdmSEPbZsIT2tfYppFMnMo1TcRPLBquHb6k6ClwLMwiW4QzO20Ff1tWmNiz1Gk+
BGhMHYoPgIFnxBD2Wa0MuOW2Rkuz0A6H8xq5I9d78LmDxy8+cz0eR83kMFXnL5eF
pEuzU7adkIGY7NKAFLPO66kEeHfzu07sjBdAf6TYl0ylsMGe
-----END CERTIFICATE-----
Generated at Sat Jun 13 11:35:48 2026 by rpki-client