Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/36fde4c7-305c-4e9d-8d1f-ba85c3650278.roa
File: 36fde4c7-305c-4e9d-8d1f-ba85c3650278.roa (raw, json)
Hash identifier: oZl+VorI8jIi3kCzocDN7PqaNIKbLDZsvbP5VNKoae0=
Subject key identifier: FC:DD:BA:BD:46:D8:4E:F5:0E:14:FA:28:F1:1A:71:FB:CA:84:D4:7E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 02D36ED31E00194D4C850FBD8DDC4B46C491463A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/36fde4c7-305c-4e9d-8d1f-ba85c3650278.roa
Signing time: Tue 19 May 2026 05:30:12 +0000
ROA not before: Tue 19 May 2026 05:30:12 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:a020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:d3:6e:d3:1e:00:19:4d:4c:85:0f:bd:8d:dc:4b:46:c4:91:46:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:30:12 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=7eb4ac11c092982a0960a97adc9133e08b797c5333d29ec1ddb726cedadaf46f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:32:5f:17:05:91:6b:03:70:32:52:e9:63:e2:
77:9c:55:e5:8a:67:10:2f:98:33:46:87:7d:75:25:
83:a3:37:98:a7:ea:e4:e6:0d:e1:80:63:e1:c8:fc:
65:98:12:b8:43:5d:65:df:21:09:6c:31:91:46:2b:
5d:de:73:a1:5a:f4:1d:28:71:98:3a:8c:10:1e:e4:
98:49:c6:fc:2b:31:64:c6:82:ce:0b:5c:62:57:1b:
81:08:1e:08:ff:af:8a:9d:c3:0c:a3:ff:e9:17:45:
29:25:dc:40:5d:8d:6d:07:0f:41:a6:1b:32:dc:4e:
e7:f9:e1:b9:c8:1b:c9:37:76:54:eb:f1:b9:28:90:
49:06:c9:58:5b:5f:0f:13:3a:0d:83:7c:d0:81:f4:
4c:33:8f:e1:9c:2b:1e:cc:24:41:cb:8b:c4:39:fc:
63:26:7e:64:df:17:35:90:73:22:ca:7c:03:f3:ec:
6f:21:a0:42:09:89:63:b0:22:36:8f:b2:bb:69:01:
dd:82:3e:af:31:80:df:bb:47:34:24:49:3d:61:1b:
2d:6d:d1:d2:a4:c4:0c:a1:a8:fc:72:9b:45:24:b6:
0a:fd:0d:9b:07:cc:8b:ab:a5:fe:46:da:eb:99:82:
6a:ea:f3:d8:d3:81:38:90:0a:71:f7:c3:fa:31:2d:
c4:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:DD:BA:BD:46:D8:4E:F5:0E:14:FA:28:F1:1A:71:FB:CA:84:D4:7E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/36fde4c7-305c-4e9d-8d1f-ba85c3650278.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:a020::/48
Signature Algorithm: sha256WithRSAEncryption
a6:6c:9c:07:bd:27:f9:bf:d5:b6:e6:bc:e5:1e:d4:0c:13:82:
ba:a0:a3:47:3f:63:89:ab:b4:98:27:c0:b5:e5:90:ca:0f:c9:
e6:61:29:bc:6e:e9:d8:2c:8f:6f:fe:54:09:46:59:c4:51:f9:
30:9b:9a:a2:18:2d:ce:12:75:1d:d2:61:29:a3:42:0f:02:7a:
67:a8:93:70:1e:cb:af:36:af:76:5a:cd:78:ed:fe:16:00:fa:
2d:e2:2a:8f:60:f8:65:d0:a4:49:8d:a4:c7:12:6a:85:ae:8d:
37:76:f7:1a:f3:aa:3f:9f:b0:31:23:1d:50:de:4c:a3:f0:c0:
b6:11:51:86:b7:52:d6:39:87:cd:43:9a:ad:4b:08:f5:ed:ed:
fe:85:f3:85:cd:ff:a8:40:48:27:1c:bb:05:67:09:33:fb:04:
90:ef:88:ec:7a:2b:b9:76:e2:6c:67:6c:e0:30:8a:e4:1f:f4:
fe:30:cd:28:66:8f:db:2e:70:da:a7:ac:20:e7:c8:db:ad:92:
24:63:77:01:17:4b:f2:b5:d8:96:ac:e2:4c:cb:54:49:7c:34:
64:90:81:5f:0e:7f:b6:b5:04:f0:7e:8e:8d:8c:93:14:a8:7d:
bb:93:77:cf:63:a8:75:99:4e:ac:fa:d3:a4:32:b2:47:85:99:
c2:aa:0f:dd
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUAtNu0x4AGU1MhQ+9jdxLRsSRRjowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTMwMTJaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDdlYjRhYzExYzA5Mjk4MmEwOTYwYTk3YWRjOTEzM2UwOGI3OTdjNTMzM2Qy
OWVjMWRkYjcyNmNlZGFkYWY0NmYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK4yXxcFkWsDcDJS6WPid5xV5YpnEC+YM0aHfXUlg6M3mKfq5OYN4YBj4cj8
ZZgSuENdZd8hCWwxkUYrXd5zoVr0HShxmDqMEB7kmEnG/CsxZMaCzgtcYlcbgQge
CP+vip3DDKP/6RdFKSXcQF2NbQcPQaYbMtxO5/nhucgbyTd2VOvxuSiQSQbJWFtf
DxM6DYN80IH0TDOP4ZwrHswkQcuLxDn8YyZ+ZN8XNZBzIsp8A/PsbyGgQgmJY7Ai
No+yu2kB3YI+rzGA37tHNCRJPWEbLW3R0qTEDKGo/HKbRSS2Cv0NmwfMi6ul/kba
65mCaurz2NOBOJAKcffD+jEtxNUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT83bq9
RthO9Q4U+ijxGnH7yoTUfjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzZmZGU0YzctMzA1Yy00ZTlkLThkMWYtYmE4NWMzNjUwMjc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACg
IDANBgkqhkiG9w0BAQsFAAOCAQEApmycB70n+b/Vtua85R7UDBOCuqCjRz9jiau0
mCfAteWQyg/J5mEpvG7p2CyPb/5UCUZZxFH5MJuaohgtzhJ1HdJhKaNCDwJ6Z6iT
cB7LrzavdlrNeO3+FgD6LeIqj2D4ZdCkSY2kxxJqha6NN3b3GvOqP5+wMSMdUN5M
o/DAthFRhrdS1jmHzUOarUsI9e3t/oXzhc3/qEBIJxy7BWcJM/sEkO+I7HoruXbi
bGds4DCK5B/0/jDNKGaP2y5w2qesIOfI262SJGN3ARdL8rXYlqziTMtUSXw0ZJCB
Xw5/trUE8H6OjYyTFKh9u5N3z2OodZlOrPrTpDKyR4WZwqoP3Q==
-----END CERTIFICATE-----
Generated at Sat Jun 13 07:59:21 2026 by rpki-client