Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/334df9a4-0b88-422c-a92f-54650ca8ce00.roa
File: 334df9a4-0b88-422c-a92f-54650ca8ce00.roa (raw, json)
Hash identifier: jqCVFiaMDXmwEg5ma73piqdXHMCzucwnN8O7IU646Ww=
Subject key identifier: 0B:A1:10:CF:86:0E:42:77:5F:E0:6B:A7:76:E7:54:C1:0B:27:43:E1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 79DC4A52DBB8E9D9AD2B4BF47ED35C5092C5A861
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/334df9a4-0b88-422c-a92f-54650ca8ce00.roa
Signing time: Sun 31 May 2026 01:00:29 +0000
ROA not before: Sun 31 May 2026 01:00:29 +0000
ROA not after: Sat 29 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d05a:90c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:dc:4a:52:db:b8:e9:d9:ad:2b:4b:f4:7e:d3:5c:50:92:c5:a8:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 31 01:00:29 2026 GMT
Not After : Aug 29 23:59:59 2026 GMT
Subject: serialNumber=d8ca42293370275434559fb4efb795fae97e7b209673957b6484b438592ee287, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:19:01:9e:df:29:42:35:7f:be:ba:84:e8:1d:
8b:ff:5f:05:cc:cb:07:a6:bf:58:3d:9f:01:bf:e9:
1f:59:24:e7:01:1f:44:b2:6c:a8:65:f3:c4:d5:7e:
6d:8b:cd:28:df:30:3c:f2:6c:9a:70:cf:bd:4a:60:
8e:c2:aa:6a:47:f6:f7:87:2f:84:ee:1d:62:49:d8:
ef:02:47:2e:8b:f6:41:05:63:f9:91:de:2c:b7:f8:
8a:2f:ed:81:7a:38:a0:33:10:92:4b:b6:90:68:4e:
6a:79:5a:e6:14:24:9c:64:62:01:63:2a:a6:9c:77:
39:44:4b:33:9c:2e:f7:5e:4f:54:e5:bd:b6:06:e8:
53:65:80:48:6b:14:7c:b9:83:36:1b:b4:2e:57:26:
b4:3b:fe:c7:31:26:9c:ae:ca:09:25:8d:b7:66:37:
d8:49:77:d1:1b:6c:fc:b3:0c:3b:cd:c1:5f:95:fa:
9b:60:09:df:22:69:c8:7c:b7:8b:86:61:6b:49:b9:
e0:eb:60:bf:83:69:f5:8f:55:4b:a8:79:fd:fa:e3:
17:41:50:cb:ce:20:98:ae:1d:a8:a6:d2:a4:4b:ad:
0f:9c:95:e9:4e:55:2a:e7:b3:76:07:d3:33:fb:47:
eb:1c:f4:60:4f:2f:08:e1:6b:07:04:f4:e4:cb:f4:
44:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:A1:10:CF:86:0E:42:77:5F:E0:6B:A7:76:E7:54:C1:0B:27:43:E1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/334df9a4-0b88-422c-a92f-54650ca8ce00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d05a:90c0::/48
Signature Algorithm: sha256WithRSAEncryption
3a:a2:30:dd:75:47:a8:b6:5c:e8:56:1d:e0:a0:1d:99:71:07:
5d:ff:6d:d8:e1:b5:be:bc:3c:b5:65:79:e9:0e:e2:06:dd:3b:
56:6a:f6:09:22:4e:b1:ac:dd:ed:90:f8:cf:26:d1:4d:22:f3:
47:1c:f6:40:2a:0c:1a:39:d0:04:2d:53:e6:91:43:fd:64:07:
0f:3e:16:25:9a:6f:fc:26:65:0c:af:bc:d2:d3:e4:02:2e:5e:
a7:f5:60:a5:e6:48:2a:e6:33:8a:1c:21:02:0f:a8:43:68:df:
48:79:32:65:c9:6a:71:ca:5b:e9:da:27:4c:8a:53:61:35:67:
d5:71:e7:54:3a:1e:e1:cc:2d:f5:84:77:d8:5f:df:38:a4:3f:
e4:ca:18:29:92:95:0f:7e:9e:6c:9e:87:41:ef:31:a6:2d:01:
d3:bb:6c:82:d1:bc:02:1e:18:c5:40:dd:20:d2:99:b9:18:73:
36:5e:c9:6a:06:17:1e:cf:54:23:e5:a1:64:60:d5:9a:2f:65:
28:0c:e3:c8:58:8c:8d:3f:8c:b3:1c:6b:3a:42:40:7f:34:49:
2a:fb:d5:47:d5:c9:a0:a5:18:cd:98:e9:7c:8a:35:71:01:f6:
bf:ea:df:72:d9:7c:68:ef:59:85:72:65:0c:7d:6f:77:d2:ab:
74:ea:c8:16
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUedxKUtu46dmtK0v0ftNcUJLFqGEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MzEwMTAwMjlaFw0yNjA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ4Y2E0MjI5MzM3MDI3NTQzNDU1OWZiNGVmYjc5NWZhZTk3ZTdiMjA5Njcz
OTU3YjY0ODRiNDM4NTkyZWUyODcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANoZAZ7fKUI1f766hOgdi/9fBczLB6a/WD2fAb/pH1kk5wEfRLJsqGXzxNV+
bYvNKN8wPPJsmnDPvUpgjsKqakf294cvhO4dYknY7wJHLov2QQVj+ZHeLLf4ii/t
gXo4oDMQkku2kGhOanla5hQknGRiAWMqppx3OURLM5wu915PVOW9tgboU2WASGsU
fLmDNhu0LlcmtDv+xzEmnK7KCSWNt2Y32El30Rts/LMMO83BX5X6m2AJ3yJpyHy3
i4Zha0m54Otgv4Np9Y9VS6h5/frjF0FQy84gmK4dqKbSpEutD5yV6U5VKuezdgfT
M/tH6xz0YE8vCOFrBwT05Mv0RGsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQLoRDP
hg5Cd1/ga6d251TBCydD4TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzM0ZGY5YTQtMGI4OC00MjJjLWE5MmYtNTQ2NTBjYThjZTAwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0FqQ
wDANBgkqhkiG9w0BAQsFAAOCAQEAOqIw3XVHqLZc6FYd4KAdmXEHXf9t2OG1vrw8
tWV56Q7iBt07Vmr2CSJOsazd7ZD4zybRTSLzRxz2QCoMGjnQBC1T5pFD/WQHDz4W
JZpv/CZlDK+80tPkAi5ep/VgpeZIKuYzihwhAg+oQ2jfSHkyZclqccpb6donTIpT
YTVn1XHnVDoe4cwt9YR32F/fOKQ/5MoYKZKVD36ebJ6HQe8xpi0B07tsgtG8Ah4Y
xUDdINKZuRhzNl7JagYXHs9UI+WhZGDVmi9lKAzjyFiMjT+MsxxrOkJAfzRJKvvV
R9XJoKUYzZjpfIo1cQH2v+rfctl8aO9ZhXJlDH1vd9KrdOrIFg==
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:02:16 2026 by rpki-client