Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3c7c4703-2876-4e04-b857-8c0298bd0897.roa
File: 3c7c4703-2876-4e04-b857-8c0298bd0897.roa (raw, json)
Hash identifier: eTqWGkDyiN6roGTWQ25XfpZezP4HuEUQGUPYLu7QQLo=
Subject key identifier: B3:DD:8E:B6:A4:45:45:45:C3:18:99:86:D0:3E:6F:C4:A1:CC:AB:EB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3DCE94F25AF494DCD2357689C4F9234F38CF55D3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3c7c4703-2876-4e04-b857-8c0298bd0897.roa
Signing time: Tue 19 May 2026 04:40:07 +0000
ROA not before: Tue 19 May 2026 04:40:07 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:b000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:ce:94:f2:5a:f4:94:dc:d2:35:76:89:c4:f9:23:4f:38:cf:55:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:40:07 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=0601d2ab2275ac2ff8c0ff0736814cc8e21ba62c7b8c8e9e39a33d21baa69f62, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:12:9e:40:70:86:16:bd:cb:4e:73:55:89:bd:
af:5c:36:a7:1c:62:f7:65:a8:77:49:e2:d3:19:7f:
c3:ca:d5:84:5b:85:ad:51:f3:39:32:17:74:20:30:
e4:c3:c8:7c:1d:a8:30:09:e2:72:61:bd:18:02:47:
db:d9:1d:6c:2e:a2:0f:2f:da:a4:26:b7:b9:99:cc:
4e:e8:cb:33:62:7c:a8:75:18:91:cb:ff:de:a0:26:
36:c4:37:64:96:87:34:7e:76:7e:47:fe:00:97:c1:
4b:8c:d9:5d:e4:4f:cc:76:0a:3b:15:fb:bd:52:da:
bb:f9:bb:4b:16:45:90:bc:d4:76:b3:c4:c9:4d:d8:
50:80:65:f3:21:5e:eb:aa:65:15:90:3e:90:7d:40:
52:a3:c2:3b:89:c9:47:cb:0e:e4:5b:18:9e:bb:2c:
c0:d2:63:d1:46:6a:1c:a1:ec:1c:0a:d4:d4:88:5d:
3c:e5:72:f9:52:e8:17:81:92:98:8f:fa:30:93:64:
b6:34:9f:a5:e1:89:91:97:d7:2d:8f:bd:3e:00:0a:
53:f4:05:47:5b:43:92:88:f3:5c:ed:a7:44:5a:66:
c5:3f:31:02:cf:39:e7:53:6d:8f:7e:2f:3d:7d:eb:
df:56:03:3c:ec:2c:59:de:34:bd:70:14:ab:c2:b2:
70:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:DD:8E:B6:A4:45:45:45:C3:18:99:86:D0:3E:6F:C4:A1:CC:AB:EB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3c7c4703-2876-4e04-b857-8c0298bd0897.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:b000::/40
Signature Algorithm: sha256WithRSAEncryption
ab:c0:62:84:4e:b0:c4:f8:c9:c6:b8:a6:04:28:4d:3f:2e:c1:
80:5b:54:7e:68:ab:7f:d4:6d:bf:7d:19:d7:83:02:34:57:15:
31:83:55:eb:88:55:dc:45:db:3b:bf:76:6d:43:c4:46:34:e7:
4b:49:b6:a0:01:db:31:37:40:3e:31:38:e7:9d:51:f1:4e:97:
09:2e:c8:0f:f2:18:8c:3f:d1:46:4a:79:58:c7:a8:20:76:a6:
a0:e4:db:ed:20:61:96:66:66:6b:c3:30:c9:53:18:67:5d:d3:
af:98:e6:c6:05:64:1b:59:1b:5c:44:1d:d2:53:01:c8:76:91:
b7:72:39:0a:b6:43:66:2e:c3:d0:06:43:a2:14:fe:9c:53:c4:
bc:42:de:bb:a0:bb:49:34:e4:c5:c4:18:16:fb:42:25:36:76:
9f:fa:70:e6:d8:f5:00:8f:52:a4:a2:a3:40:10:07:20:af:85:
0d:36:99:a9:4e:6b:69:7d:41:87:2a:6b:98:47:a6:1e:a2:72:
9d:cb:48:ab:f9:91:dd:df:13:27:e7:30:ea:e4:0b:dc:66:e1:
7c:10:09:8d:20:af:e5:10:ca:f1:13:7e:5d:d8:3e:84:b0:56:
eb:29:d6:6e:00:1a:90:c4:85:12:d4:f6:3a:15:5b:d4:74:ae:
65:0c:5d:ac
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUPc6U8lr0lNzSNXaJxPkjTzjPVdMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDQwMDdaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDA2MDFkMmFiMjI3NWFjMmZmOGMwZmYwNzM2ODE0Y2M4ZTIxYmE2MmM3Yjhj
OGU5ZTM5YTMzZDIxYmFhNjlmNjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMESnkBwhha9y05zVYm9r1w2pxxi92Wod0ni0xl/w8rVhFuFrVHzOTIXdCAw
5MPIfB2oMAnicmG9GAJH29kdbC6iDy/apCa3uZnMTujLM2J8qHUYkcv/3qAmNsQ3
ZJaHNH52fkf+AJfBS4zZXeRPzHYKOxX7vVLau/m7SxZFkLzUdrPEyU3YUIBl8yFe
66plFZA+kH1AUqPCO4nJR8sO5FsYnrsswNJj0UZqHKHsHArU1IhdPOVy+VLoF4GS
mI/6MJNktjSfpeGJkZfXLY+9PgAKU/QFR1tDkojzXO2nRFpmxT8xAs8551Ntj34v
PX3r31YDPOwsWd40vXAUq8KycL0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSz3Y62
pEVFRcMYmYbQPm/Eocyr6zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2M3YzQ3MDMtMjg3Ni00ZTA0LWI4NTctOGMwMjk4YmQwODk3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H+w
MA0GCSqGSIb3DQEBCwUAA4IBAQCrwGKETrDE+MnGuKYEKE0/LsGAW1R+aKt/1G2/
fRnXgwI0VxUxg1XriFXcRds7v3ZtQ8RGNOdLSbagAdsxN0A+MTjnnVHxTpcJLsgP
8hiMP9FGSnlYx6ggdqag5NvtIGGWZmZrwzDJUxhnXdOvmObGBWQbWRtcRB3SUwHI
dpG3cjkKtkNmLsPQBkOiFP6cU8S8Qt67oLtJNOTFxBgW+0IlNnaf+nDm2PUAj1Kk
oqNAEAcgr4UNNpmpTmtpfUGHKmuYR6YeonKdy0ir+ZHd3xMn5zDq5AvcZuF8EAmN
IK/lEMrxE35d2D6EsFbrKdZuABqQxIUS1PY6FVvUdK5lDF2s
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:24:22 2026 by rpki-client