Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/655038e8-ae62-4d89-86ef-c5f745dc0c17.roa
File: 655038e8-ae62-4d89-86ef-c5f745dc0c17.roa (raw, json)
Hash identifier: i+5iVRssESwAPXz1HORwH//y4elgWxhQ5FnsD6zP5oc=
Subject key identifier: D8:D9:F0:C4:22:8B:D2:23:E7:59:11:20:F3:AF:A3:39:F9:4C:B7:72
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6CEAA2DDD34DA3A479FF49C7CB281BDA87C5934E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/655038e8-ae62-4d89-86ef-c5f745dc0c17.roa
Signing time: Sun 17 May 2026 02:10:07 +0000
ROA not before: Sun 17 May 2026 02:10:07 +0000
ROA not after: Sat 15 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:840::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:ea:a2:dd:d3:4d:a3:a4:79:ff:49:c7:cb:28:1b:da:87:c5:93:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 17 02:10:07 2026 GMT
Not After : Aug 15 23:59:59 2026 GMT
Subject: serialNumber=1da9419144506b06d9b3df5d2b0b2389df3425097dcfecdee683638b69cf4069, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:be:34:ec:ef:de:7e:4d:06:6b:9d:9d:6e:55:
48:ae:a7:08:1f:0d:f2:c4:c1:75:1e:29:c3:6f:3f:
d2:93:eb:46:7c:b7:07:59:b4:7d:4a:8e:db:09:6b:
44:9d:c6:ea:f7:fd:f4:4e:e5:d9:80:fe:ef:41:ed:
fd:de:16:62:26:d5:a8:cf:37:0c:fa:dc:88:83:80:
a3:27:ca:ac:cb:5d:05:ed:1d:e6:57:c8:1d:87:db:
60:07:9f:e0:5d:c5:87:60:91:bc:61:18:d1:11:bf:
81:2d:57:9d:f8:4f:c8:87:e4:18:13:39:c0:3d:0b:
c6:11:6e:a9:36:ee:42:0a:9f:ad:71:c9:4b:bb:d8:
7b:f1:ab:e0:9d:e5:88:f9:fc:93:7b:3a:e2:3e:c2:
e6:df:d1:38:fa:b4:2c:10:8f:5a:d3:5c:17:84:91:
d4:9d:85:5e:a8:ea:80:d5:ce:f9:c5:96:b8:5e:4d:
cf:1e:00:f0:7b:2c:18:f9:ba:40:f6:11:a0:f8:df:
f3:7b:de:8b:54:34:43:63:fb:a3:39:9f:dd:77:27:
4c:f9:55:88:bd:3c:6d:96:04:10:16:5c:6c:80:8d:
d5:64:99:d4:44:c1:16:85:86:cf:84:c6:92:f9:4a:
3e:ba:13:a2:a3:82:d9:93:d5:02:0a:24:c6:1e:07:
9b:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:D9:F0:C4:22:8B:D2:23:E7:59:11:20:F3:AF:A3:39:F9:4C:B7:72
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/655038e8-ae62-4d89-86ef-c5f745dc0c17.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:840::/48
Signature Algorithm: sha256WithRSAEncryption
3b:60:71:5f:73:a7:3a:f2:5d:cb:78:b7:0f:82:34:7d:95:b0:
5c:bb:d1:d8:52:7d:cb:c5:ea:34:26:39:03:59:2c:97:d1:2a:
34:d5:8b:ed:30:21:9e:85:cf:18:25:76:10:40:3c:68:e7:f4:
ab:eb:c3:3b:6c:77:02:b6:1a:9e:b4:de:62:c7:8b:7a:e7:89:
6e:4a:d7:6b:df:6c:35:fb:e8:38:78:ff:38:7c:35:28:7d:b6:
db:6a:b9:3f:00:88:64:35:43:df:77:cb:59:c2:7f:e0:0d:6f:
bc:2f:4b:a7:86:fc:d6:eb:fb:e4:35:a7:bc:e8:7a:85:50:dc:
db:ee:d7:24:8b:92:99:e5:d2:b9:81:04:4b:27:a0:6f:7d:f2:
cb:57:2a:3f:70:9f:a4:75:a1:de:00:a1:94:9c:98:7b:32:57:
74:f8:51:f9:ad:a4:5f:6e:bb:bb:5a:7e:c8:fd:d0:e7:ec:65:
0b:62:aa:ef:34:4c:11:82:8e:01:00:a3:58:f9:a0:3f:2f:a6:
ad:33:73:8c:03:79:94:e1:2c:42:ef:3f:e0:47:8e:91:96:61:
aa:fa:60:e2:95:93:39:2b:10:63:a7:58:9d:32:aa:a1:c6:56:
24:58:d5:18:8e:1b:83:f3:a9:8a:68:4c:9d:cb:23:8c:b7:79:
e7:3a:53:19
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUbOqi3dNNo6R5/0nHyygb2ofFk04wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTcwMjEwMDdaFw0yNjA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDFkYTk0MTkxNDQ1MDZiMDZkOWIzZGY1ZDJiMGIyMzg5ZGYzNDI1MDk3ZGNm
ZWNkZWU2ODM2MzhiNjljZjQwNjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANm+NOzv3n5NBmudnW5VSK6nCB8N8sTBdR4pw28/0pPrRny3B1m0fUqO2wlr
RJ3G6vf99E7l2YD+70Ht/d4WYibVqM83DPrciIOAoyfKrMtdBe0d5lfIHYfbYAef
4F3Fh2CRvGEY0RG/gS1XnfhPyIfkGBM5wD0LxhFuqTbuQgqfrXHJS7vYe/Gr4J3l
iPn8k3s64j7C5t/ROPq0LBCPWtNcF4SR1J2FXqjqgNXO+cWWuF5Nzx4A8HssGPm6
QPYRoPjf83vei1Q0Q2P7ozmf3XcnTPlViL08bZYEEBZcbICN1WSZ1ETBFoWGz4TG
kvlKProToqOC2ZPVAgokxh4Hm18CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTY2fDE
IovSI+dZESDzr6M5+Uy3cjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjU1MDM4ZTgtYWU2Mi00ZDg5LTg2ZWYtYzVmNzQ1ZGMwYzE3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H8I
QDANBgkqhkiG9w0BAQsFAAOCAQEAO2BxX3OnOvJdy3i3D4I0fZWwXLvR2FJ9y8Xq
NCY5A1ksl9EqNNWL7TAhnoXPGCV2EEA8aOf0q+vDO2x3ArYanrTeYseLeueJbkrX
a99sNfvoOHj/OHw1KH2222q5PwCIZDVD33fLWcJ/4A1vvC9Lp4b81uv75DWnvOh6
hVDc2+7XJIuSmeXSuYEESyegb33yy1cqP3CfpHWh3gChlJyYezJXdPhR+a2kX267
u1p+yP3Q5+xlC2Kq7zRMEYKOAQCjWPmgPy+mrTNzjAN5lOEsQu8/4EeOkZZhqvpg
4pWTOSsQY6dYnTKqocZWJFjVGI4bg/OpimhMncsjjLd55zpTGQ==
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:13:19 2026 by rpki-client