Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/441c3de8-fce0-49bd-8d5c-f962ecd6d36c.roa
File: 441c3de8-fce0-49bd-8d5c-f962ecd6d36c.roa (raw, json)
Hash identifier: W8nKQbzArWN8fLVRiJ2hEVZJN4yK2zi+fHDerP6d22k=
Subject key identifier: BD:B4:C0:D0:EE:48:9C:E3:4D:13:ED:7C:69:6B:E0:17:CB:98:FD:11
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 726593D2F8D2965B1FAE3BF08FFA79DAFD2357FA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/441c3de8-fce0-49bd-8d5c-f962ecd6d36c.roa
Signing time: Fri 22 May 2026 16:03:27 +0000
ROA not before: Fri 22 May 2026 16:03:27 +0000
ROA not after: Thu 20 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d068:2080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:65:93:d2:f8:d2:96:5b:1f:ae:3b:f0:8f:fa:79:da:fd:23:57:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 22 16:03:27 2026 GMT
Not After : Aug 20 23:59:59 2026 GMT
Subject: serialNumber=6b37eb1c133a28598e897da5f4f9d66a2a8b0642bfbd0e55d5835c2208f0eb66, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:50:3e:1f:a6:68:59:ff:37:c7:65:ec:83:39:
d0:9f:5b:72:7a:c0:41:68:3e:29:68:bd:31:57:a5:
ce:48:aa:f0:a9:5e:0a:66:59:9d:10:90:0e:89:93:
b1:bf:9e:ca:b9:aa:78:16:5e:04:1a:0a:76:6b:0b:
72:a7:cc:23:3d:6e:0f:52:7a:51:a9:c2:cc:1e:fe:
65:04:7c:01:71:6e:bd:f0:ab:b9:5e:2e:01:25:46:
7b:bb:95:ab:80:f7:aa:83:68:9d:c8:98:e2:50:71:
bc:8a:4a:1f:5c:d7:45:7e:9e:af:a3:bf:c2:4b:df:
e3:29:a3:5a:39:16:d2:50:be:13:99:e1:26:9d:73:
17:73:10:71:5f:b2:03:52:cd:94:e6:fb:84:b2:97:
f1:f5:b1:e2:df:f0:a7:72:ed:f0:4c:f8:0b:6a:0f:
cc:4d:ae:e8:5e:7c:de:36:b2:2d:91:c6:ea:5f:b0:
87:5e:45:01:03:5e:ef:1d:46:72:67:50:28:05:7f:
d5:41:87:01:cc:92:79:1e:ca:f0:2f:1c:4e:00:87:
ac:6c:94:a3:e9:3e:6a:83:fd:a5:82:e5:1d:5f:ea:
12:ef:cc:2f:02:ab:19:f5:74:d6:c8:c1:ff:9d:f2:
b6:6d:52:bb:da:22:6c:c6:00:09:5e:59:af:92:9c:
8d:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:B4:C0:D0:EE:48:9C:E3:4D:13:ED:7C:69:6B:E0:17:CB:98:FD:11
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/441c3de8-fce0-49bd-8d5c-f962ecd6d36c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d068:2080::/48
Signature Algorithm: sha256WithRSAEncryption
39:bf:ff:8f:38:0f:85:0f:74:5b:8b:46:17:93:1c:3a:e5:e5:
7c:2d:02:df:31:24:f1:3c:1e:44:7b:1f:34:d7:92:63:80:d3:
c4:83:b2:89:ab:23:cb:95:89:10:ae:24:c5:4a:9d:cc:e4:12:
34:57:8a:84:09:3e:bc:c0:13:29:36:7b:4d:48:23:fd:96:bc:
7e:78:5e:23:01:b2:2c:58:9e:fe:35:fd:80:63:f6:21:6a:46:
0e:43:ed:ee:18:33:0e:3f:72:47:3f:57:93:5f:02:77:48:ef:
73:56:a2:52:d0:d5:9b:bb:41:20:e6:13:14:15:25:33:ef:64:
55:e3:b8:1f:7d:ec:7d:c6:00:2d:1d:ee:69:41:07:9c:67:ec:
f3:5a:93:82:67:57:5d:55:5a:85:39:0c:34:6a:9f:32:4f:57:
a0:73:a4:c3:4e:4e:47:dd:f8:91:b3:29:58:2a:75:c8:a1:34:
19:4f:15:b9:ab:12:d5:84:f7:45:f3:db:bb:9e:5c:b4:33:41:
0d:95:67:7e:02:b3:f9:ee:31:9e:53:fd:24:27:a3:6d:d1:08:
f5:4a:d8:8d:60:f7:04:c3:0f:62:eb:8e:9c:40:75:9d:0e:7c:
f7:2d:cb:0f:d8:5d:13:7e:95:bf:f2:e5:30:30:d3:bb:3e:e3:
fe:2b:08:01
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUcmWT0vjSllsfrjvwj/p52v0jV/owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MjIxNjAzMjdaFw0yNjA4MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDZiMzdlYjFjMTMzYTI4NTk4ZTg5N2RhNWY0ZjlkNjZhMmE4YjA2NDJiZmJk
MGU1NWQ1ODM1YzIyMDhmMGViNjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMdQPh+maFn/N8dl7IM50J9bcnrAQWg+KWi9MVelzkiq8KleCmZZnRCQDomT
sb+eyrmqeBZeBBoKdmsLcqfMIz1uD1J6UanCzB7+ZQR8AXFuvfCruV4uASVGe7uV
q4D3qoNonciY4lBxvIpKH1zXRX6er6O/wkvf4ymjWjkW0lC+E5nhJp1zF3MQcV+y
A1LNlOb7hLKX8fWx4t/wp3Lt8Ez4C2oPzE2u6F583jayLZHG6l+wh15FAQNe7x1G
cmdQKAV/1UGHAcySeR7K8C8cTgCHrGyUo+k+aoP9pYLlHV/qEu/MLwKrGfV01sjB
/53ytm1Su9oibMYACV5Zr5KcjekCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBS9tMDQ
7kic400T7Xxpa+AXy5j9ETAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDQxYzNkZTgtZmNlMC00OWJkLThkNWMtZjk2MmVjZDZkMzZjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0Ggg
gDANBgkqhkiG9w0BAQsFAAOCAQEAOb//jzgPhQ90W4tGF5McOuXlfC0C3zEk8Twe
RHsfNNeSY4DTxIOyiasjy5WJEK4kxUqdzOQSNFeKhAk+vMATKTZ7TUgj/Za8fnhe
IwGyLFie/jX9gGP2IWpGDkPt7hgzDj9yRz9Xk18Cd0jvc1aiUtDVm7tBIOYTFBUl
M+9kVeO4H33sfcYALR3uaUEHnGfs81qTgmdXXVVahTkMNGqfMk9XoHOkw05OR934
kbMpWCp1yKE0GU8VuasS1YT3RfPbu55ctDNBDZVnfgKz+e4xnlP9JCejbdEI9UrY
jWD3BMMPYuuOnEB1nQ589y3LD9hdE36Vv/LlMDDTuz7j/isIAQ==
-----END CERTIFICATE-----
Generated at Sat Jun 13 11:28:23 2026 by rpki-client