Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2e06948e-f4b6-4f9d-9a99-0c35650b49fe.roa
File: 2e06948e-f4b6-4f9d-9a99-0c35650b49fe.roa (raw, json)
Hash identifier: 0bNwfrEGPpaMgrsAJI+uGQKrCz1s29d/Cf5wtK7EekM=
Subject key identifier: 55:A2:37:83:A3:81:25:D9:5A:26:56:3A:51:8F:60:33:85:DD:0E:E2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0D2CDB07B4A093022B26D7D6C8CFED26F7EA541F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2e06948e-f4b6-4f9d-9a99-0c35650b49fe.roa
Signing time: Sun 31 May 2026 01:00:35 +0000
ROA not before: Sun 31 May 2026 01:00:35 +0000
ROA not after: Sat 29 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07d:e0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:2c:db:07:b4:a0:93:02:2b:26:d7:d6:c8:cf:ed:26:f7:ea:54:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 31 01:00:35 2026 GMT
Not After : Aug 29 23:59:59 2026 GMT
Subject: serialNumber=ed480f4827b36258cc882d05896f27682103b89049a49f812537a03d9be8566f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:27:85:5b:21:12:7e:fa:9d:f4:c9:fb:72:50:
ed:96:c5:6f:a8:92:e8:b2:1a:c4:9b:88:0d:9f:75:
e8:e2:50:f6:96:a4:fc:fd:66:55:c9:d3:e7:b7:06:
52:88:c6:a0:de:37:5f:90:03:7c:bf:fb:34:05:a1:
16:44:96:8a:36:57:24:e4:14:a2:02:e0:3e:60:08:
8f:6d:f5:e3:0a:54:f3:e5:24:0e:4d:7f:e3:01:a9:
b9:d9:8a:2e:4b:64:1d:2e:47:7c:6f:83:38:6e:88:
a9:0a:59:e1:17:85:fc:19:dc:da:e8:54:e5:74:3f:
90:92:f0:ca:b4:63:31:73:dc:af:e8:14:8e:50:26:
a6:5b:f6:53:bb:74:0a:60:d9:18:5a:6b:30:09:64:
4a:6a:b3:06:fc:db:18:6e:62:84:36:8e:77:c6:a7:
63:40:a5:0c:2a:a5:93:bb:a1:95:3e:1b:e7:8f:fb:
05:94:16:c7:a1:cd:58:a0:1e:ed:5a:85:53:d2:9a:
83:a5:8c:f8:0e:81:6a:b0:51:a1:72:9e:b5:3a:da:
75:4c:e1:3d:c2:0b:f2:9d:fc:d7:9c:71:ec:9d:1b:
fe:18:e5:2f:f7:d4:99:ce:75:00:44:1a:35:3d:53:
82:ee:36:45:0b:63:12:9a:de:9a:14:46:2f:db:73:
fe:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:A2:37:83:A3:81:25:D9:5A:26:56:3A:51:8F:60:33:85:DD:0E:E2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2e06948e-f4b6-4f9d-9a99-0c35650b49fe.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07d:e0c0::/48
Signature Algorithm: sha256WithRSAEncryption
b5:b8:a8:5e:a2:04:ff:ba:ee:1a:70:3c:fb:51:1e:61:21:90:
9a:c2:dc:cb:c4:fc:68:82:2c:82:4e:fe:9a:c1:ce:8d:c3:45:
7d:69:f6:89:dd:48:cc:a3:0f:56:f6:f2:3d:76:2a:e5:28:ac:
d7:c9:8a:f8:46:4a:2e:85:70:36:ac:31:87:e9:12:85:28:f0:
04:1b:fc:c8:e2:0d:62:24:c5:11:87:44:91:44:99:b5:6d:f7:
97:e2:5b:35:3e:42:e1:4d:48:10:39:8c:3e:d6:82:45:60:9d:
2b:a1:dd:ae:55:87:a3:ad:c4:b4:10:a7:d6:b1:43:a8:95:e6:
1f:95:7e:56:cc:07:18:83:ff:fe:fd:53:c4:12:ca:91:58:79:
33:7e:f6:3e:e0:63:f2:77:b7:bb:9d:4e:f8:52:bd:b8:5f:b5:
3c:5b:8e:64:62:a9:b2:66:d9:fe:c0:0f:fa:fc:7a:d8:31:4f:
eb:aa:27:f4:43:96:1b:3c:f0:d2:ca:a2:70:09:d2:3e:ba:37:
b3:ff:2b:61:b7:ef:8e:45:fe:dd:1f:6a:29:83:d7:d7:2a:00:
7f:c4:5a:0e:ea:3e:0c:ec:1a:95:f9:93:d1:45:fe:78:05:cc:
b6:d4:55:fa:92:31:c8:e4:90:57:59:47:de:3b:26:10:c5:79:
d6:d4:36:4f
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUDSzbB7SgkwIrJtfWyM/tJvfqVB8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MzEwMTAwMzVaFw0yNjA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGVkNDgwZjQ4MjdiMzYyNThjYzg4MmQwNTg5NmYyNzY4MjEwM2I4OTA0OWE0
OWY4MTI1MzdhMDNkOWJlODU2NmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOEnhVshEn76nfTJ+3JQ7ZbFb6iS6LIaxJuIDZ916OJQ9pak/P1mVcnT57cG
UojGoN43X5ADfL/7NAWhFkSWijZXJOQUogLgPmAIj2314wpU8+UkDk1/4wGpudmK
LktkHS5HfG+DOG6IqQpZ4ReF/Bnc2uhU5XQ/kJLwyrRjMXPcr+gUjlAmplv2U7t0
CmDZGFprMAlkSmqzBvzbGG5ihDaOd8anY0ClDCqlk7uhlT4b54/7BZQWx6HNWKAe
7VqFU9Kag6WM+A6BarBRoXKetTradUzhPcIL8p3815xx7J0b/hjlL/fUmc51AEQa
NT1Tgu42RQtjEpremhRGL9tz/tMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRVojeD
o4El2VomVjpRj2Azhd0O4jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmUwNjk0OGUtZjRiNi00ZjlkLTlhOTktMGMzNTY1MGI0OWZlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H3g
wDANBgkqhkiG9w0BAQsFAAOCAQEAtbioXqIE/7ruGnA8+1EeYSGQmsLcy8T8aIIs
gk7+msHOjcNFfWn2id1IzKMPVvbyPXYq5Sis18mK+EZKLoVwNqwxh+kShSjwBBv8
yOINYiTFEYdEkUSZtW33l+JbNT5C4U1IEDmMPtaCRWCdK6HdrlWHo63EtBCn1rFD
qJXmH5V+VswHGIP//v1TxBLKkVh5M372PuBj8ne3u51O+FK9uF+1PFuOZGKpsmbZ
/sAP+vx62DFP66on9EOWGzzw0sqicAnSPro3s/8rYbfvjkX+3R9qKYPX1yoAf8Ra
Duo+DOwalfmT0UX+eAXMttRV+pIxyOSQV1lH3jsmEMV51tQ2Tw==
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:02:05 2026 by rpki-client