Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2dc7b564-c3e1-49ef-a78c-f36f4139b43f.roa
File: 2dc7b564-c3e1-49ef-a78c-f36f4139b43f.roa (raw, json)
Hash identifier: lul995dMZs3DUoK/WUe1Xe8yqZ2xFJKMMfwHB6t6AoE=
Subject key identifier: A7:8E:44:71:04:D1:6B:69:44:33:46:96:E5:EC:8B:26:B3:6F:1E:3F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 32B064F228144AAD19756121FB79827C5B958278
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2dc7b564-c3e1-49ef-a78c-f36f4139b43f.roa
Signing time: Tue 19 May 2026 04:50:23 +0000
ROA not before: Tue 19 May 2026 04:50:23 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:a000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:b0:64:f2:28:14:4a:ad:19:75:61:21:fb:79:82:7c:5b:95:82:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:50:23 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=e5620046414192d78b8d87bc5e8c4318bbe8d4dd6b9019ea1f1b5e5173f005b0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:c7:53:52:75:20:a9:30:2d:08:c0:9b:76:3d:
a3:f8:50:55:27:f0:34:29:7d:5c:aa:01:99:08:d9:
e1:e4:e5:e9:be:f7:06:dc:e9:e1:7b:3c:cc:b7:77:
4c:8d:c1:9c:87:1b:09:87:7d:d0:e0:e1:bf:c0:9f:
43:42:c1:dd:fe:a6:8c:d8:f9:25:6d:25:5c:fa:85:
0e:2a:9c:e9:05:d0:e9:03:70:e2:a6:9c:6a:ca:6b:
86:ba:20:ca:37:03:6e:20:4b:08:60:75:d8:ee:6d:
98:5d:53:db:dd:e2:d5:91:5d:d5:7e:a3:5b:c1:ca:
9d:91:68:d4:64:2d:6e:7d:46:f4:5e:dc:37:0e:e8:
39:d0:36:f2:10:48:5c:b8:9e:ef:0c:6d:7c:33:92:
9a:0c:e7:b2:b6:6f:b9:14:2b:73:4e:61:bd:ca:46:
f1:80:6b:16:55:8f:a8:24:82:ac:89:a9:4f:7c:15:
12:1a:a2:34:1b:97:98:c3:45:77:8f:29:9a:4a:13:
f4:c0:59:d1:53:bb:8d:e7:4d:a2:62:5e:9e:3d:66:
82:07:49:0a:ba:51:a2:81:df:fe:13:ae:5e:cd:fa:
25:aa:9b:f9:6f:5b:f3:b3:11:05:18:7f:eb:93:ad:
6b:92:9e:55:ab:89:1e:b2:bf:0f:08:4e:58:d2:08:
a9:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:8E:44:71:04:D1:6B:69:44:33:46:96:E5:EC:8B:26:B3:6F:1E:3F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2dc7b564-c3e1-49ef-a78c-f36f4139b43f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:a000::/40
Signature Algorithm: sha256WithRSAEncryption
7e:72:f5:b7:29:81:f9:f9:ea:d0:12:34:a5:af:82:d8:5a:94:
2c:93:72:27:d2:3c:ad:3f:99:43:7d:7d:62:62:c1:eb:3d:c0:
53:85:f8:d4:86:f6:d5:e4:be:92:2d:5c:35:22:ec:8f:a8:df:
3e:73:ca:94:8a:72:dd:81:f6:0f:80:a1:3e:d5:80:42:eb:42:
5e:42:d2:8f:64:d2:f9:cf:21:3e:a0:36:e9:0f:ae:9e:7a:a4:
75:80:48:64:74:d9:5a:93:24:f6:99:f0:ba:fe:4a:34:ab:1e:
9f:36:ba:e4:f4:d3:cc:04:04:66:bc:84:71:86:6b:47:4a:6a:
d5:d5:99:cd:65:9c:86:d7:78:51:98:90:8b:1a:d8:56:44:d5:
46:fb:61:42:40:06:92:44:d8:9f:57:30:4e:5a:bb:a2:d0:55:
08:b4:c1:01:33:73:a1:5c:34:80:24:9f:d7:25:79:46:77:b9:
aa:f9:32:c7:21:c0:62:86:20:72:bc:7d:50:71:f5:9d:4a:8d:
24:d5:3b:22:93:84:97:9a:a3:37:8e:51:d6:cd:87:b1:6a:cc:
75:b8:fb:77:7a:82:34:9b:36:be:d2:0a:4c:f3:0a:3e:43:6d:
7a:7c:ce:e5:de:bf:da:91:4a:36:0a:0e:c3:2f:94:7e:b4:3d:
20:bf:c5:f0
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMrBk8igUSq0ZdWEh+3mCfFuVgngwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDUwMjNaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGU1NjIwMDQ2NDE0MTkyZDc4YjhkODdiYzVlOGM0MzE4YmJlOGQ0ZGQ2Yjkw
MTllYTFmMWI1ZTUxNzNmMDA1YjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANLHU1J1IKkwLQjAm3Y9o/hQVSfwNCl9XKoBmQjZ4eTl6b73Btzp4Xs8zLd3
TI3BnIcbCYd90ODhv8CfQ0LB3f6mjNj5JW0lXPqFDiqc6QXQ6QNw4qacasprhrog
yjcDbiBLCGB12O5tmF1T293i1ZFd1X6jW8HKnZFo1GQtbn1G9F7cNw7oOdA28hBI
XLie7wxtfDOSmgznsrZvuRQrc05hvcpG8YBrFlWPqCSCrImpT3wVEhqiNBuXmMNF
d48pmkoT9MBZ0VO7jedNomJenj1mggdJCrpRooHf/hOuXs36Jaqb+W9b87MRBRh/
65Ota5KeVauJHrK/DwhOWNIIqbkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSnjkRx
BNFraUQzRpbl7Isms28ePzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmRjN2I1NjQtYzNlMS00OWVmLWE3OGMtZjM2ZjQxMzliNDNmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hig
MA0GCSqGSIb3DQEBCwUAA4IBAQB+cvW3KYH5+erQEjSlr4LYWpQsk3In0jytP5lD
fX1iYsHrPcBThfjUhvbV5L6SLVw1IuyPqN8+c8qUinLdgfYPgKE+1YBC60JeQtKP
ZNL5zyE+oDbpD66eeqR1gEhkdNlakyT2mfC6/ko0qx6fNrrk9NPMBARmvIRxhmtH
SmrV1ZnNZZyG13hRmJCLGthWRNVG+2FCQAaSRNifVzBOWrui0FUItMEBM3OhXDSA
JJ/XJXlGd7mq+TLHIcBihiByvH1QcfWdSo0k1Tsik4SXmqM3jlHWzYexasx1uPt3
eoI0mza+0gpM8wo+Q216fM7l3r/akUo2Cg7DL5R+tD0gv8Xw
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:02:00 2026 by rpki-client