Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2dfb202f-6202-48da-a3b3-94f1ac000bc9.roa
File: 2dfb202f-6202-48da-a3b3-94f1ac000bc9.roa (raw, json)
Hash identifier: 8n8PVxXqhJtQsu0lQFet0olFAP55arhzi4OvRiogzRs=
Subject key identifier: F3:29:5C:1D:93:AC:27:CB:7F:88:FA:FB:B1:67:3A:D9:66:F6:F0:8A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 55CCE7AA15C9C506F337BF1C18EB15A9FBA3AEAF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2dfb202f-6202-48da-a3b3-94f1ac000bc9.roa
Signing time: Tue 19 May 2026 05:40:40 +0000
ROA not before: Tue 19 May 2026 05:40:40 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d050:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:cc:e7:aa:15:c9:c5:06:f3:37:bf:1c:18:eb:15:a9:fb:a3:ae:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:40:40 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=dad30c6661f69efb434c6c8eefe18a05c4f5b492777ef0e80befe22f61716e5f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:6a:fc:7f:f8:ef:de:62:4b:99:40:84:5b:d7:
d3:6c:d0:78:db:d9:1b:a6:a1:6f:08:d7:a8:84:f6:
f7:b0:8b:da:f7:68:83:cb:85:d9:7d:91:a5:16:0a:
dc:eb:9a:ee:91:42:3d:ce:89:1b:0d:9e:3f:c7:35:
21:bd:e6:51:2b:15:46:a8:69:1c:5e:ca:1d:27:0c:
c9:71:dd:f5:cb:b4:64:ae:84:d2:d3:9e:34:9d:ac:
13:cd:86:99:da:e8:f7:86:e4:a8:00:dc:2b:fd:bc:
bb:52:49:42:0a:43:c2:53:8e:f3:a6:90:94:d8:4a:
90:ba:a5:22:0b:51:6c:7a:f8:a0:99:a5:78:fb:f5:
75:41:96:51:94:cb:24:64:49:ac:3e:e4:cc:7a:5c:
9f:76:a0:9f:1e:64:d6:cd:27:84:85:64:01:a7:f9:
11:aa:e3:79:e4:c7:ea:95:ea:db:cf:3a:54:8c:d4:
a2:cf:f3:e2:db:31:d6:6d:0e:26:ec:93:a6:26:17:
39:fc:4a:d1:aa:52:f3:59:97:f2:64:e2:93:76:3f:
25:42:d5:78:aa:03:cb:e4:0e:2b:5f:f4:86:05:bf:
0c:eb:22:62:6d:d9:db:2d:d0:99:22:9e:f4:81:85:
f1:4f:40:66:c4:6a:5f:01:19:83:34:ed:b6:a1:14:
5f:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:29:5C:1D:93:AC:27:CB:7F:88:FA:FB:B1:67:3A:D9:66:F6:F0:8A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2dfb202f-6202-48da-a3b3-94f1ac000bc9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d050:9000::/40
Signature Algorithm: sha256WithRSAEncryption
18:f2:d9:e2:40:ff:f3:1a:b4:40:87:f7:1c:af:24:4c:bb:ad:
a8:04:0e:6d:2d:86:c2:70:da:f6:3a:fb:38:9d:3e:bf:86:69:
97:52:77:7a:f1:22:de:63:63:b8:75:0b:e0:a6:59:37:49:7c:
3f:98:c5:bf:7d:49:4e:b6:29:a1:9e:dc:04:fa:09:41:0c:12:
82:90:62:a0:36:28:e7:ff:b3:a4:cb:41:b7:e8:4a:f4:e5:f1:
03:74:9e:63:61:15:3b:e5:ca:ee:24:cf:a0:30:c8:1b:a6:f9:
aa:e3:21:ad:27:9c:5b:25:8c:3f:c0:29:4f:35:4d:50:fb:4d:
a9:29:d6:eb:82:4e:05:4b:4d:9f:06:52:e7:81:7c:1c:e7:84:
3f:0e:c5:0a:99:26:f0:b1:01:6e:92:c2:10:9d:d0:6f:7a:15:
81:58:2d:9c:97:ab:96:d9:6a:5a:a8:33:0f:5b:de:46:2c:0c:
32:f0:08:46:d8:5b:01:75:85:03:6d:4c:78:6f:c4:ef:7e:f8:
22:ba:19:86:19:ec:a9:1c:40:b8:83:0f:bf:81:04:3b:79:bf:
0a:a7:42:83:e6:35:34:12:29:a0:cf:e9:d3:04:94:a7:e6:e3:
51:1b:d7:a5:d3:99:4c:eb:36:c9:87:f4:f0:a0:1d:bd:2b:9d:
31:8a:85:de
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVcznqhXJxQbzN78cGOsVqfujrq8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTQwNDBaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGRhZDMwYzY2NjFmNjllZmI0MzRjNmM4ZWVmZTE4YTA1YzRmNWI0OTI3Nzdl
ZjBlODBiZWZlMjJmNjE3MTZlNWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOpq/H/4795iS5lAhFvX02zQeNvZG6ahbwjXqIT297CL2vdog8uF2X2RpRYK
3Oua7pFCPc6JGw2eP8c1Ib3mUSsVRqhpHF7KHScMyXHd9cu0ZK6E0tOeNJ2sE82G
mdro94bkqADcK/28u1JJQgpDwlOO86aQlNhKkLqlIgtRbHr4oJmlePv1dUGWUZTL
JGRJrD7kzHpcn3agnx5k1s0nhIVkAaf5EarjeeTH6pXq2886VIzUos/z4tsx1m0O
JuyTpiYXOfxK0apS81mX8mTik3Y/JULVeKoDy+QOK1/0hgW/DOsiYm3Z2y3QmSKe
9IGF8U9AZsRqXwEZgzTttqEUX38CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTzKVwd
k6wny3+I+vuxZzrZZvbwijAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmRmYjIwMmYtNjIwMi00OGRhLWEzYjMtOTRmMWFjMDAwYmM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FCQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAY8tniQP/zGrRAh/ccryRMu62oBA5tLYbCcNr2
Ovs4nT6/hmmXUnd68SLeY2O4dQvgplk3SXw/mMW/fUlOtimhntwE+glBDBKCkGKg
Nijn/7Oky0G36Er05fEDdJ5jYRU75cruJM+gMMgbpvmq4yGtJ5xbJYw/wClPNU1Q
+02pKdbrgk4FS02fBlLngXwc54Q/DsUKmSbwsQFuksIQndBvehWBWC2cl6uW2Wpa
qDMPW95GLAwy8AhG2FsBdYUDbUx4b8TvfvgiuhmGGeypHEC4gw+/gQQ7eb8Kp0KD
5jU0Eimgz+nTBJSn5uNRG9el05lM6zbJh/TwoB29K50xioXe
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:44:45 2026 by rpki-client