Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5a023ba7-6dbe-46ac-bc6f-621ed6946b6e.roa
File: 5a023ba7-6dbe-46ac-bc6f-621ed6946b6e.roa (raw, json)
Hash identifier: rUowu6V/rbsA26fI/RoAxvIgUEd8oKMWiMEJ1uMt75A=
Subject key identifier: A3:D6:AE:81:E6:FF:93:4D:CA:18:34:67:C1:55:E8:FA:0C:D2:24:21
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 77856405C040D951A7CEAFE0B42AB0D08EB75F31
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5a023ba7-6dbe-46ac-bc6f-621ed6946b6e.roa
Signing time: Sun 17 May 2026 02:00:05 +0000
ROA not before: Sun 17 May 2026 02:00:05 +0000
ROA not after: Sat 15 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:8c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:85:64:05:c0:40:d9:51:a7:ce:af:e0:b4:2a:b0:d0:8e:b7:5f:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 17 02:00:05 2026 GMT
Not After : Aug 15 23:59:59 2026 GMT
Subject: serialNumber=725e0ea7c2e6acdb310d2b7dc72d63ea122bc264cda696b6b86672bf86278d22, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:c4:08:ac:11:ce:a6:11:81:a4:be:9b:61:80:
f1:10:42:dd:46:a9:3d:41:ac:29:68:02:c4:58:35:
03:fe:49:9c:ed:37:ce:36:10:ab:15:f1:04:34:16:
0c:52:cd:02:4b:ef:3d:0a:6b:7b:2e:1b:95:73:a4:
ee:e9:49:ef:5a:6b:86:da:e5:21:b7:ce:f9:40:8b:
40:e0:61:16:05:bd:59:58:18:f8:ff:10:a5:94:47:
1a:0a:4c:67:08:13:64:9c:0b:c1:4b:46:66:6c:2c:
70:5d:1c:ae:2d:98:94:76:69:8a:38:04:44:70:3a:
6b:86:33:27:d7:e6:7c:e7:25:d3:c3:0e:92:ac:38:
77:88:33:a9:eb:4c:9e:e3:be:fd:eb:ac:18:cb:19:
48:ef:9f:47:8a:58:87:9c:f6:bc:33:78:1f:54:1c:
81:1b:45:77:4e:14:67:35:f5:74:e0:e4:be:ae:91:
2c:36:70:45:79:53:e1:9c:ad:10:85:fc:9f:d2:88:
9e:1a:d9:99:ad:47:86:40:4c:65:c8:cd:a8:ee:10:
3b:7f:d6:7f:32:1c:5e:3a:ce:c1:e2:79:67:76:b3:
50:0f:ef:28:e6:d2:94:07:90:65:38:d3:52:19:2c:
41:df:08:5d:9c:bc:9d:33:57:08:28:6f:33:47:82:
0e:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:D6:AE:81:E6:FF:93:4D:CA:18:34:67:C1:55:E8:FA:0C:D2:24:21
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5a023ba7-6dbe-46ac-bc6f-621ed6946b6e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:8c0::/48
Signature Algorithm: sha256WithRSAEncryption
03:97:c4:b7:17:0a:82:c3:5f:ff:93:ba:4f:66:b3:84:58:d0:
39:c3:b2:23:3f:cb:e8:45:be:19:ef:98:84:b5:c4:69:6b:e8:
6e:d8:56:3c:9d:fc:89:d3:21:b0:b4:01:bc:ec:3b:a3:11:a4:
2c:f5:e7:ee:92:34:21:7f:0d:a0:e7:bf:f2:2d:4e:99:f8:a4:
df:90:31:fa:6e:7e:71:7d:17:9c:e4:74:aa:c4:d2:fb:f4:f8:
d2:8a:43:44:a1:d7:23:a5:33:8f:b9:4a:b1:15:42:af:ac:76:
a6:44:cd:fd:a3:6f:a6:01:c9:4d:02:fc:79:32:d9:e6:9a:ea:
5f:57:94:68:ee:9d:f2:dc:b7:d5:50:2b:fe:d3:e6:6d:c3:95:
75:c2:d9:a9:28:b8:82:5a:68:5a:df:1d:f1:b2:45:b3:02:03:
6b:e6:b6:3a:97:3a:e9:8b:8c:74:91:e8:d8:e6:50:ff:d9:07:
e1:85:ba:3b:db:e3:63:87:26:86:9d:e8:a1:ea:c6:09:ab:b6:
7d:78:fc:ab:c1:aa:43:0b:c9:c2:23:94:e6:1b:c8:87:82:26:
83:f1:fb:c7:10:0c:0c:30:fb:e2:05:1d:90:85:f1:11:80:99:
31:41:86:a7:ba:49:8c:6a:e1:db:b8:06:55:5b:c2:ac:7c:10:
2d:bb:50:f4
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUd4VkBcBA2VGnzq/gtCqw0I63XzEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTcwMjAwMDVaFw0yNjA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDcyNWUwZWE3YzJlNmFjZGIzMTBkMmI3ZGM3MmQ2M2VhMTIyYmMyNjRjZGE2
OTZiNmI4NjY3MmJmODYyNzhkMjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJjECKwRzqYRgaS+m2GA8RBC3UapPUGsKWgCxFg1A/5JnO03zjYQqxXxBDQW
DFLNAkvvPQprey4blXOk7ulJ71prhtrlIbfO+UCLQOBhFgW9WVgY+P8QpZRHGgpM
ZwgTZJwLwUtGZmwscF0cri2YlHZpijgERHA6a4YzJ9fmfOcl08MOkqw4d4gzqetM
nuO+/eusGMsZSO+fR4pYh5z2vDN4H1QcgRtFd04UZzX1dODkvq6RLDZwRXlT4Zyt
EIX8n9KInhrZma1HhkBMZcjNqO4QO3/WfzIcXjrOweJ5Z3azUA/vKObSlAeQZTjT
UhksQd8IXZy8nTNXCChvM0eCDvsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSj1q6B
5v+TTcoYNGfBVej6DNIkITAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWEwMjNiYTctNmRiZS00NmFjLWJjNmYtNjIxZWQ2OTQ2YjZlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H8I
wDANBgkqhkiG9w0BAQsFAAOCAQEAA5fEtxcKgsNf/5O6T2azhFjQOcOyIz/L6EW+
Ge+YhLXEaWvobthWPJ38idMhsLQBvOw7oxGkLPXn7pI0IX8NoOe/8i1Omfik35Ax
+m5+cX0XnOR0qsTS+/T40opDRKHXI6Uzj7lKsRVCr6x2pkTN/aNvpgHJTQL8eTLZ
5prqX1eUaO6d8ty31VAr/tPmbcOVdcLZqSi4glpoWt8d8bJFswIDa+a2Opc66YuM
dJHo2OZQ/9kH4YW6O9vjY4cmhp3ooerGCau2fXj8q8GqQwvJwiOU5hvIh4Img/H7
xxAMDDD74gUdkIXxEYCZMUGGp7pJjGrh27gGVVvCrHwQLbtQ9A==
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:45:54 2026 by rpki-client