Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2331f846-3447-4dea-ac7a-63323853ebb9.roa
File: 2331f846-3447-4dea-ac7a-63323853ebb9.roa (raw, json)
Hash identifier: IAeY/4L+3EBNBd9wqWZ2WJAYWBX1sMR9DSvgOExgy8A=
Subject key identifier: 4A:DD:A4:48:20:F4:58:61:CD:99:06:71:29:0E:82:C7:E6:F2:4F:D5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 69190BFD3DEC66F7ECF09EF40C2F5DFEDA753343
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2331f846-3447-4dea-ac7a-63323853ebb9.roa
Signing time: Tue 19 May 2026 05:00:40 +0000
ROA not before: Tue 19 May 2026 05:00:40 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06f:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:19:0b:fd:3d:ec:66:f7:ec:f0:9e:f4:0c:2f:5d:fe:da:75:33:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:00:40 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=43b75f18c89d306d8a0ce274bd26b28feeeff4de175d3eed93a7d823b361be2c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:b2:62:0e:c1:7b:21:4d:98:e0:4d:09:5d:b4:
ca:42:97:5d:da:0b:b3:5d:a7:7a:2e:e6:ca:30:0f:
9b:47:2d:34:35:47:96:c2:d3:61:bf:f7:15:47:0e:
ec:10:2b:58:00:fc:3b:8f:cc:82:dd:74:32:55:b5:
bd:1f:75:5e:74:de:28:13:5e:39:15:a0:52:87:a1:
2b:ef:71:46:6b:b0:fd:8f:b7:9c:05:61:0a:61:39:
b5:e7:5a:3d:0d:2a:a4:34:8b:e4:e2:14:df:4e:f9:
d1:a4:69:66:d3:9b:93:5a:62:7a:f5:14:af:f2:51:
57:a7:1e:fc:3b:f6:36:a6:e2:1b:2e:c2:e3:aa:d5:
17:11:59:89:f0:a8:ba:21:73:e5:22:6b:f0:cc:ff:
ed:bc:de:95:d5:f4:df:20:6d:45:a6:8d:b9:62:68:
fc:04:7c:0d:a5:c7:83:db:41:b4:39:35:30:2b:0b:
66:ec:3c:ac:e8:c3:ff:bb:24:e0:7e:96:86:e5:e2:
51:b3:9d:d1:c4:22:9a:d6:5a:9a:2c:80:ff:76:fc:
cf:cf:90:67:11:e4:a9:5b:b6:12:58:d7:dd:96:17:
3e:a1:35:59:f7:b5:7e:9b:fc:3b:2f:12:ff:16:d6:
f7:ed:ef:ac:e3:80:d4:3c:25:c4:ba:32:e4:be:59:
6f:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:DD:A4:48:20:F4:58:61:CD:99:06:71:29:0E:82:C7:E6:F2:4F:D5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2331f846-3447-4dea-ac7a-63323853ebb9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:2000::/40
Signature Algorithm: sha256WithRSAEncryption
87:d8:5d:f7:00:41:a2:69:f3:81:ea:d1:79:ee:b4:56:2f:b0:
b1:82:42:62:03:f8:9b:67:1c:f9:23:20:93:4d:3e:3c:23:c3:
23:cb:f5:2c:9f:ad:9c:9c:af:51:9f:d3:9f:b0:2f:26:1c:04:
bb:3d:22:76:6e:e2:31:05:b1:f1:0d:3c:e6:a0:06:ac:5e:61:
1d:c7:a9:15:2d:0d:7c:6e:94:fc:ad:32:30:e4:df:0c:1c:74:
ab:cb:46:50:d5:21:5c:d3:3f:4e:21:30:c9:bb:2e:f7:c4:5c:
c6:2c:64:e5:e1:54:4e:c1:34:43:5d:9b:ec:e5:60:d6:b9:b2:
f4:f6:53:ae:7f:7d:45:f6:19:00:33:f2:a0:46:68:22:23:77:
bb:0d:f9:82:c8:45:8c:85:23:c4:3f:45:89:27:ec:9d:9d:43:
3f:76:29:7f:70:f8:a7:0f:4b:80:21:2a:dd:9b:7f:e4:d4:d4:
98:96:4b:87:e3:53:3a:10:0e:e7:58:74:86:c1:18:16:ce:fa:
47:ea:6c:38:69:87:07:e6:be:b3:f3:cd:5a:06:60:9c:93:9b:
3d:ba:40:92:c5:48:e6:9a:6a:3b:a5:5d:47:23:bb:7c:71:45:
98:32:79:2e:af:01:8c:32:f3:11:e4:d1:64:f3:c4:53:ee:c8:
58:2b:7d:0d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUaRkL/T3sZvfs8J70DC9d/tp1M0MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTAwNDBaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDQzYjc1ZjE4Yzg5ZDMwNmQ4YTBjZTI3NGJkMjZiMjhmZWVlZmY0ZGUxNzVk
M2VlZDkzYTdkODIzYjM2MWJlMmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMyyYg7BeyFNmOBNCV20ykKXXdoLs12nei7myjAPm0ctNDVHlsLTYb/3FUcO
7BArWAD8O4/Mgt10MlW1vR91XnTeKBNeORWgUoehK+9xRmuw/Y+3nAVhCmE5teda
PQ0qpDSL5OIU30750aRpZtObk1pievUUr/JRV6ce/Dv2NqbiGy7C46rVFxFZifCo
uiFz5SJr8Mz/7bzeldX03yBtRaaNuWJo/AR8DaXHg9tBtDk1MCsLZuw8rOjD/7sk
4H6WhuXiUbOd0cQimtZamiyA/3b8z8+QZxHkqVu2EljX3ZYXPqE1Wfe1fpv8Oy8S
/xbW9+3vrOOA1DwlxLoy5L5Zb0MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRK3aRI
IPRYYc2ZBnEpDoLH5vJP1TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjMzMWY4NDYtMzQ0Ny00ZGVhLWFjN2EtNjMzMjM4NTNlYmI5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G8g
MA0GCSqGSIb3DQEBCwUAA4IBAQCH2F33AEGiafOB6tF57rRWL7CxgkJiA/ibZxz5
IyCTTT48I8Mjy/Usn62cnK9Rn9OfsC8mHAS7PSJ2buIxBbHxDTzmoAasXmEdx6kV
LQ18bpT8rTIw5N8MHHSry0ZQ1SFc0z9OITDJuy73xFzGLGTl4VROwTRDXZvs5WDW
ubL09lOuf31F9hkAM/KgRmgiI3e7DfmCyEWMhSPEP0WJJ+ydnUM/dil/cPinD0uA
ISrdm3/k1NSYlkuH41M6EA7nWHSGwRgWzvpH6mw4aYcH5r6z881aBmCck5s9ukCS
xUjmmmo7pV1HI7t8cUWYMnkurwGMMvMR5NFk88RT7shYK30N
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:01:11 2026 by rpki-client