Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35225774-1db6-4ac6-ac9f-09ff842be734.roa
File: 35225774-1db6-4ac6-ac9f-09ff842be734.roa (raw, json)
Hash identifier: wgoM/1NkvbeJTmJp3zYEjJkYFSfy3NjoJjCVfoIZaN0=
Subject key identifier: 57:ED:63:9C:C3:A9:CC:E6:20:2A:28:89:91:E0:62:2F:0D:1D:C7:E7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 703CCAD67F20335B491CC3D2A2323298087FB9A7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35225774-1db6-4ac6-ac9f-09ff842be734.roa
Signing time: Fri 22 May 2026 16:04:59 +0000
ROA not before: Fri 22 May 2026 16:04:59 +0000
ROA not after: Thu 20 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d068:e0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:3c:ca:d6:7f:20:33:5b:49:1c:c3:d2:a2:32:32:98:08:7f:b9:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 22 16:04:59 2026 GMT
Not After : Aug 20 23:59:59 2026 GMT
Subject: serialNumber=b43664e52f8e5647f16edd54482e680cd6d80f682687a4e8e1fc9d8cd10c95ec, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:13:ca:84:4a:e3:ff:c2:4e:99:4a:59:2d:16:
9b:e3:21:84:43:66:25:86:d0:b6:75:54:07:1d:58:
05:86:60:33:e3:39:c2:9b:e6:de:c3:f1:aa:1d:36:
fd:39:36:6d:89:2b:82:fe:43:23:f3:a1:4c:e2:f9:
3d:9a:7f:02:48:6c:fc:4c:5e:62:de:d2:b4:f8:b6:
36:84:1e:7a:af:78:14:25:90:b8:05:bf:c7:7f:93:
53:a1:60:f1:0c:21:48:5c:d2:2f:99:11:ab:89:e3:
c1:4b:1a:be:82:19:dc:99:88:cd:9d:10:2d:6f:e6:
16:f6:fc:92:9b:ce:7d:45:68:5c:59:4c:5a:01:e8:
9f:ec:2c:b2:4b:30:0a:4f:af:11:86:28:1b:64:8b:
1f:dc:a8:96:a3:bb:63:ec:e7:58:57:ca:d2:dc:c1:
a7:6b:1e:b7:12:23:a7:57:4f:8d:d1:9d:a1:ac:22:
94:35:f3:97:81:82:8b:46:ab:71:a8:4c:15:e9:4e:
89:4d:56:d1:64:38:39:ce:61:4f:d1:a4:3b:5e:7f:
71:8a:cd:74:1e:9d:41:99:59:3a:8a:f7:9e:ca:5a:
c8:77:50:11:07:7d:d2:3e:f2:7a:4a:fe:e7:e9:25:
05:c8:15:4a:2d:b5:6a:0c:37:b9:9c:08:cd:b9:84:
c1:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:ED:63:9C:C3:A9:CC:E6:20:2A:28:89:91:E0:62:2F:0D:1D:C7:E7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35225774-1db6-4ac6-ac9f-09ff842be734.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d068:e0c0::/48
Signature Algorithm: sha256WithRSAEncryption
22:63:fe:25:48:1e:6d:f1:6b:e9:63:2c:41:d5:fb:26:7b:0b:
d7:d8:a6:88:6a:da:8d:d5:15:63:2d:4e:21:43:a8:9a:80:e7:
25:b8:77:87:a9:c3:82:02:73:c5:70:cb:92:59:f2:c2:45:cb:
fc:87:dc:c5:20:38:e5:b4:09:b6:6d:27:a3:8c:83:37:1d:aa:
5f:83:b4:43:31:21:7e:8b:65:5b:37:f4:f8:60:76:e9:58:80:
f9:d6:e9:2e:17:3a:90:bb:47:15:34:ca:72:ea:cb:95:69:6c:
90:32:f2:a4:1d:6d:85:27:84:38:f7:de:7f:64:7a:fd:29:68:
b8:34:4c:00:8e:05:84:8d:bb:7f:75:5b:9d:84:c9:ab:41:d9:
1a:6d:bd:21:5c:ce:ac:95:d6:af:de:fe:b8:b1:f1:8a:07:67:
89:e4:29:84:ef:aa:2f:a4:9d:62:a6:8e:dd:2e:c3:e7:b1:a5:
64:b2:9c:b4:da:51:de:06:38:7f:17:22:a1:57:d6:22:af:0a:
11:2a:36:22:dd:56:bb:fe:02:ab:66:22:f8:b6:29:1e:3f:bf:
19:32:5a:85:dc:e6:cd:90:40:44:a7:89:2b:55:e7:5e:21:2b:
41:c3:02:de:fe:a3:9b:de:d5:ce:d3:85:04:8b:a7:f3:e9:14:
18:11:d0:a9
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUcDzK1n8gM1tJHMPSojIymAh/uacwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MjIxNjA0NTlaFw0yNjA4MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGI0MzY2NGU1MmY4ZTU2NDdmMTZlZGQ1NDQ4MmU2ODBjZDZkODBmNjgyNjg3
YTRlOGUxZmM5ZDhjZDEwYzk1ZWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKgTyoRK4//CTplKWS0Wm+MhhENmJYbQtnVUBx1YBYZgM+M5wpvm3sPxqh02
/Tk2bYkrgv5DI/OhTOL5PZp/Akhs/ExeYt7StPi2NoQeeq94FCWQuAW/x3+TU6Fg
8QwhSFzSL5kRq4njwUsavoIZ3JmIzZ0QLW/mFvb8kpvOfUVoXFlMWgHon+wssksw
Ck+vEYYoG2SLH9yolqO7Y+znWFfK0tzBp2setxIjp1dPjdGdoawilDXzl4GCi0ar
cahMFelOiU1W0WQ4Oc5hT9GkO15/cYrNdB6dQZlZOor3nspayHdQEQd90j7yekr+
5+klBcgVSi21agw3uZwIzbmEwbMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRX7WOc
w6nM5iAqKImR4GIvDR3H5zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzUyMjU3NzQtMWRiNi00YWM2LWFjOWYtMDlmZjg0MmJlNzM0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0Gjg
wDANBgkqhkiG9w0BAQsFAAOCAQEAImP+JUgebfFr6WMsQdX7JnsL19imiGrajdUV
Yy1OIUOomoDnJbh3h6nDggJzxXDLklnywkXL/IfcxSA45bQJtm0no4yDNx2qX4O0
QzEhfotlWzf0+GB26ViA+dbpLhc6kLtHFTTKcurLlWlskDLypB1thSeEOPfef2R6
/SlouDRMAI4FhI27f3VbnYTJq0HZGm29IVzOrJXWr97+uLHxigdnieQphO+qL6Sd
YqaO3S7D57GlZLKctNpR3gY4fxcioVfWIq8KESo2It1Wu/4Cq2Yi+LYpHj+/GTJa
hdzmzZBARKeJK1XnXiErQcMC3v6jm97VztOFBIun8+kUGBHQqQ==
-----END CERTIFICATE-----
Generated at Sat Jun 13 11:28:18 2026 by rpki-client