Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c8be1b1-5cc9-40dc-a0c1-98920cc293bd.roa
File: 5c8be1b1-5cc9-40dc-a0c1-98920cc293bd.roa (raw, json)
Hash identifier: oPpYMMzr91CnI+auC6BSrxxncqCgZKsF2Ld9ssPQKc0=
Subject key identifier: 9D:26:ED:9D:92:86:27:A9:E8:87:DD:3A:B9:AC:A6:01:B0:41:8C:EC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2FB649920ABB73BB2FE7A01B9D248EE7F244234B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c8be1b1-5cc9-40dc-a0c1-98920cc293bd.roa
Signing time: Sun 17 May 2026 02:00:08 +0000
ROA not before: Sun 17 May 2026 02:00:08 +0000
ROA not after: Sat 15 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:880::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:b6:49:92:0a:bb:73:bb:2f:e7:a0:1b:9d:24:8e:e7:f2:44:23:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 17 02:00:08 2026 GMT
Not After : Aug 15 23:59:59 2026 GMT
Subject: serialNumber=292f2d4fdc0c3b1d840304abd690c3638509494ab017b99789e2bfdc9c401263, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:82:76:93:89:f5:7d:af:94:19:87:b1:f9:56:
e5:85:f2:99:52:2f:ca:9f:fb:a4:f6:2a:2f:0c:70:
7c:3d:d2:b9:9b:76:fc:57:1d:9f:53:0c:99:9f:63:
02:e8:2b:03:7d:eb:27:15:38:f2:b3:fb:bd:a0:cf:
ce:16:06:97:6d:2a:97:80:a8:ec:b7:6a:6b:22:b8:
e4:31:bd:d3:be:f0:3b:17:cf:66:04:d4:80:fa:40:
ea:35:3f:1e:8d:bb:83:2d:6a:f1:ef:f9:7d:ff:fd:
f9:b0:73:3d:fb:71:62:fa:93:48:e2:e8:37:79:4c:
0e:9d:e4:85:11:7d:fe:65:a1:b1:4e:4a:4f:0d:c9:
f4:11:59:6f:ba:cd:25:80:5b:ca:28:02:bd:aa:99:
66:3d:c3:8f:49:4c:25:a5:f3:f8:aa:85:01:30:39:
65:cd:69:ea:73:ba:0d:bc:2a:26:b4:84:b2:24:90:
6e:0e:2f:4d:e2:f6:26:7c:79:97:8a:ac:87:e8:93:
35:8c:b6:4e:4f:aa:d9:bc:bd:41:41:94:db:d8:46:
c9:24:c3:d5:ea:17:a9:2b:a0:18:d6:1c:cd:0e:e9:
50:e3:3f:64:6e:0d:2a:bd:e6:8a:e1:b5:bb:3d:92:
16:13:bc:c6:cf:2e:43:54:9a:98:7a:c8:c3:2d:92:
34:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:26:ED:9D:92:86:27:A9:E8:87:DD:3A:B9:AC:A6:01:B0:41:8C:EC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5c8be1b1-5cc9-40dc-a0c1-98920cc293bd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:880::/48
Signature Algorithm: sha256WithRSAEncryption
7a:fd:c4:5e:fd:05:3a:52:ec:30:b6:e7:10:bb:ab:a7:b2:b9:
74:b0:6d:f7:7f:38:05:c4:50:d6:a5:13:98:96:cf:af:88:7e:
42:89:4c:78:14:41:d7:f2:c8:91:c4:cd:59:3c:4c:53:f3:4d:
94:00:e9:78:3c:86:a5:1a:53:f8:c5:23:e6:be:91:54:47:bb:
c5:56:20:f8:3c:65:f4:c4:40:76:f8:51:75:b2:c8:42:19:5d:
3b:0d:eb:e2:fd:b0:4a:b1:a5:d0:d9:ce:62:bd:d8:c9:91:bb:
1c:36:40:89:19:81:75:28:4d:c1:8b:1c:ec:10:cd:1f:dc:b7:
96:ef:30:48:92:58:01:20:0c:63:33:42:9e:5a:4d:35:37:c5:
92:3f:df:6f:89:b7:69:77:08:54:98:b9:d7:bb:a2:c4:5d:67:
f4:5f:0b:be:50:f1:09:84:fc:95:cf:7e:e0:d0:5f:88:b6:5c:
bc:76:c2:4d:c7:6e:67:a4:23:70:18:d9:aa:5e:d7:09:19:da:
c2:b2:2b:e9:76:eb:ca:8f:be:17:8c:8e:82:4d:f2:b7:c7:38:
bd:56:8f:2b:7a:5e:6a:ca:c2:0a:63:78:bd:2e:84:3d:91:19:
b6:89:ab:36:13:d4:be:68:4a:7c:29:49:8b:a9:b3:3d:17:b0:
06:93:36:4a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUL7ZJkgq7c7sv56AbnSSO5/JEI0swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTcwMjAwMDhaFw0yNjA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDI5MmYyZDRmZGMwYzNiMWQ4NDAzMDRhYmQ2OTBjMzYzODUwOTQ5NGFiMDE3
Yjk5Nzg5ZTJiZmRjOWM0MDEyNjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJKCdpOJ9X2vlBmHsflW5YXymVIvyp/7pPYqLwxwfD3SuZt2/Fcdn1MMmZ9j
AugrA33rJxU48rP7vaDPzhYGl20ql4Co7LdqayK45DG9077wOxfPZgTUgPpA6jU/
Ho27gy1q8e/5ff/9+bBzPftxYvqTSOLoN3lMDp3khRF9/mWhsU5KTw3J9BFZb7rN
JYBbyigCvaqZZj3Dj0lMJaXz+KqFATA5Zc1p6nO6DbwqJrSEsiSQbg4vTeL2Jnx5
l4qsh+iTNYy2Tk+q2by9QUGU29hGySTD1eoXqSugGNYczQ7pUOM/ZG4NKr3miuG1
uz2SFhO8xs8uQ1SamHrIwy2SNFsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSdJu2d
koYnqeiH3Tq5rKYBsEGM7DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWM4YmUxYjEtNWNjOS00MGRjLWEwYzEtOTg5MjBjYzI5M2JkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HII
gDANBgkqhkiG9w0BAQsFAAOCAQEAev3EXv0FOlLsMLbnELurp7K5dLBt9384BcRQ
1qUTmJbPr4h+QolMeBRB1/LIkcTNWTxMU/NNlADpeDyGpRpT+MUj5r6RVEe7xVYg
+Dxl9MRAdvhRdbLIQhldOw3r4v2wSrGl0NnOYr3YyZG7HDZAiRmBdShNwYsc7BDN
H9y3lu8wSJJYASAMYzNCnlpNNTfFkj/fb4m3aXcIVJi517uixF1n9F8LvlDxCYT8
lc9+4NBfiLZcvHbCTcduZ6QjcBjZql7XCRnawrIr6Xbryo++F4yOgk3yt8c4vVaP
K3peasrCCmN4vS6EPZEZtomrNhPUvmhKfClJi6mzPRewBpM2Sg==
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:44:55 2026 by rpki-client