Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6236cad2-ab49-4574-b740-7b70c27fae87.roa
File: 6236cad2-ab49-4574-b740-7b70c27fae87.roa (raw, json)
Hash identifier: I5s51h/rUjqExo9h1IAvZ+AFZqRRaaWJ9WWoZ9Ohl8c=
Subject key identifier: 0D:F5:39:AA:E5:CE:C7:CC:5F:99:85:97:FD:AA:A5:48:CC:76:12:E9
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7CBEADEF4A27093E496D5B15865110CAC301165F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6236cad2-ab49-4574-b740-7b70c27fae87.roa
Signing time: Tue 19 May 2026 05:00:04 +0000
ROA not before: Tue 19 May 2026 05:00:04 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d010:8400::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:be:ad:ef:4a:27:09:3e:49:6d:5b:15:86:51:10:ca:c3:01:16:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:00:04 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=75c5576b968a508c20f3558ec2d4c28d68800e0b47f50a47a7d4ba4e7f357be7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:c1:2c:61:17:ef:a8:94:42:e9:c3:bb:eb:27:
f1:bd:8f:a1:06:ee:98:46:ac:55:a2:03:27:11:7e:
ae:f7:0f:34:46:18:1a:40:18:0f:3c:eb:a1:55:f6:
0d:fb:23:83:f3:39:29:7d:7c:da:e0:5a:fc:6f:24:
9c:c8:26:1d:c6:34:c4:fb:58:d5:5c:f6:42:26:61:
e0:b2:25:2a:33:62:58:e8:bf:1d:bf:f3:27:95:42:
98:7e:f2:b7:36:dd:b8:33:e9:53:18:d0:e3:51:33:
c5:2f:a2:62:3b:af:4c:7c:00:d8:cf:12:2e:5f:4b:
98:87:7b:42:d3:01:f3:94:16:48:f2:2f:54:bb:61:
67:88:14:5c:f5:c3:14:d2:e2:5e:bd:b3:5b:68:4f:
5b:52:08:8e:39:f9:b7:98:d8:34:1f:23:bf:12:85:
19:a1:85:6c:dc:0a:26:8b:71:e4:94:1b:77:24:91:
ba:44:21:10:ed:7c:86:a8:a4:ef:6a:10:ca:c1:d5:
62:da:68:fc:bb:1d:16:70:98:0b:98:f7:cd:2a:65:
a0:ac:34:bc:c6:ee:a3:a8:13:18:3c:b1:b8:b7:3c:
b9:8e:a1:c6:d5:cd:48:b1:95:70:b3:56:3d:09:6e:
ba:ab:4d:e3:2f:e8:16:fb:4c:82:bd:a8:74:d3:01:
03:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:F5:39:AA:E5:CE:C7:CC:5F:99:85:97:FD:AA:A5:48:CC:76:12:E9
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6236cad2-ab49-4574-b740-7b70c27fae87.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d010:8400::/38
Signature Algorithm: sha256WithRSAEncryption
32:f9:74:2f:f1:14:f5:a9:44:19:fd:ca:33:1f:6c:f6:b7:f2:
fd:21:93:78:c4:5b:79:2e:93:a5:e0:69:7b:92:b5:53:03:77:
6c:48:57:48:6f:80:fc:45:59:ea:d4:48:84:bf:d9:cb:e9:b4:
eb:f0:3e:dd:e8:a5:e6:26:da:9c:56:1a:63:c0:76:85:35:15:
7b:a9:e4:68:70:14:4b:b8:78:59:19:1a:09:cf:3e:dc:2e:b8:
8b:88:a3:9d:5f:19:24:b7:7d:73:3a:4e:4b:03:5d:aa:37:2b:
eb:23:89:47:11:b6:b4:ce:05:03:52:f3:88:c5:4f:0d:e5:2d:
2e:34:2c:f6:05:68:77:a8:39:9f:2a:b7:cf:9b:a9:b1:f5:b8:
1b:34:7d:33:e5:e3:5e:50:df:08:de:12:62:0b:9f:58:5d:d3:
3f:f5:1e:06:d3:eb:0f:6e:0c:01:ef:7d:81:03:f2:96:8b:83:
63:fe:03:d2:33:99:26:0b:a4:fe:8e:90:bc:bb:5d:d1:ee:e3:
35:97:e1:1e:05:8a:4a:ea:9e:7f:5b:96:60:f2:f6:4b:de:0b:
34:c5:52:03:93:c9:b5:a5:93:03:23:ad:d5:a7:b8:b5:ca:c5:
33:6c:f2:43:e5:95:f4:50:b4:a3:22:c8:70:d2:db:fa:4d:74:
0e:79:d0:e6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfL6t70onCT5JbVsVhlEQysMBFl8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTAwMDRaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDc1YzU1NzZiOTY4YTUwOGMyMGYzNTU4ZWMyZDRjMjhkNjg4MDBlMGI0N2Y1
MGE0N2E3ZDRiYTRlN2YzNTdiZTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALDBLGEX76iUQunDu+sn8b2PoQbumEasVaIDJxF+rvcPNEYYGkAYDzzroVX2
Dfsjg/M5KX182uBa/G8knMgmHcY0xPtY1Vz2QiZh4LIlKjNiWOi/Hb/zJ5VCmH7y
tzbduDPpUxjQ41EzxS+iYjuvTHwA2M8SLl9LmId7QtMB85QWSPIvVLthZ4gUXPXD
FNLiXr2zW2hPW1IIjjn5t5jYNB8jvxKFGaGFbNwKJotx5JQbdySRukQhEO18hqik
72oQysHVYtpo/LsdFnCYC5j3zSploKw0vMbuo6gTGDyxuLc8uY6hxtXNSLGVcLNW
PQluuqtN4y/oFvtMgr2odNMBA/0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQN9Tmq
5c7HzF+ZhZf9qqVIzHYS6TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjIzNmNhZDItYWI0OS00NTc0LWI3NDAtN2I3MGMyN2ZhZTg3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BCE
MA0GCSqGSIb3DQEBCwUAA4IBAQAy+XQv8RT1qUQZ/cozH2z2t/L9IZN4xFt5LpOl
4Gl7krVTA3dsSFdIb4D8RVnq1EiEv9nL6bTr8D7d6KXmJtqcVhpjwHaFNRV7qeRo
cBRLuHhZGRoJzz7cLriLiKOdXxkkt31zOk5LA12qNyvrI4lHEba0zgUDUvOIxU8N
5S0uNCz2BWh3qDmfKrfPm6mx9bgbNH0z5eNeUN8I3hJiC59YXdM/9R4G0+sPbgwB
732BA/KWi4Nj/gPSM5kmC6T+jpC8u13R7uM1l+EeBYpK6p5/W5Zg8vZL3gs0xVID
k8m1pZMDI63Vp7i1ysUzbPJD5ZX0ULSjIshw0tv6TXQOedDm
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:02:59 2026 by rpki-client