Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/66a9dd44-c480-43a5-b35d-b4772a0b43d5.roa
File: 66a9dd44-c480-43a5-b35d-b4772a0b43d5.roa (raw, json)
Hash identifier: ezrD7Oq+b7r9V5HzTRMtzcmOzQpFgUaTwlF1miOa4tc=
Subject key identifier: 0D:9F:D0:8C:A5:9F:40:96:52:48:2D:BC:19:E3:E6:7C:5F:24:A4:7A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 11F6DB2B880FF27112EA5ACE7F5DBF14CF70E3C1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/66a9dd44-c480-43a5-b35d-b4772a0b43d5.roa
Signing time: Sun 31 May 2026 01:10:48 +0000
ROA not before: Sun 31 May 2026 01:10:48 +0000
ROA not after: Sat 29 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d05a:4000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:f6:db:2b:88:0f:f2:71:12:ea:5a:ce:7f:5d:bf:14:cf:70:e3:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 31 01:10:48 2026 GMT
Not After : Aug 29 23:59:59 2026 GMT
Subject: serialNumber=339b173f923a018992b806589074e3ec3b7e2fe9243926e9b17e2e96e6ee7640, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:6a:ab:18:74:53:71:bd:83:ae:f7:32:f5:05:
10:4a:0d:12:cc:ce:26:62:56:51:b4:41:0f:e4:01:
fe:e4:c1:6a:af:d7:fe:2c:3c:e6:a0:19:e5:9f:37:
19:8f:91:5f:7b:1d:b1:ba:1d:63:f0:32:e8:be:83:
02:7f:8c:79:49:9e:f7:39:32:a1:18:b9:12:10:9c:
b8:d5:15:a6:fb:5e:71:2a:dc:c2:57:35:ca:20:98:
40:1c:04:3f:15:9f:c9:30:a8:3c:d7:79:04:c6:11:
b2:aa:2a:ae:a9:4e:d1:4d:c5:c3:f5:67:be:3c:39:
0b:68:13:34:33:fd:2b:98:21:ee:2a:0f:32:78:d8:
41:a6:35:f3:3b:28:43:8d:a8:8c:83:50:b0:95:fb:
fe:05:0d:1a:45:c5:18:ec:11:62:4d:50:ab:fb:98:
dd:92:b8:b8:44:7b:f3:c5:b1:92:a7:c4:b7:75:7f:
32:65:b0:e7:ba:41:99:0a:0f:03:55:70:a7:22:67:
e1:10:10:7a:37:d9:fd:cd:1d:81:d4:93:7b:8f:f1:
7d:24:17:02:b7:a1:ff:1e:08:bf:1c:04:79:1d:3f:
62:20:9b:f5:6a:7f:0c:2d:1b:2f:88:85:ee:67:94:
2e:4d:60:73:0a:b0:aa:21:5e:a6:31:8c:1d:a9:02:
b5:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:9F:D0:8C:A5:9F:40:96:52:48:2D:BC:19:E3:E6:7C:5F:24:A4:7A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/66a9dd44-c480-43a5-b35d-b4772a0b43d5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d05a:4000::/40
Signature Algorithm: sha256WithRSAEncryption
66:d7:03:43:73:f1:62:d3:66:8f:2d:3a:19:01:38:a0:d5:f7:
dc:5c:7d:fe:43:56:f1:69:56:c6:72:73:b2:68:4b:33:13:f0:
8a:5a:0c:ea:35:dd:d1:8b:16:0e:48:4a:6d:a7:78:17:43:86:
38:34:ac:96:38:81:ce:2b:f4:de:ed:e4:68:5f:86:e2:a0:76:
3b:f4:4d:f0:a0:ae:05:8d:5d:d6:56:ab:9a:62:22:91:37:84:
82:0f:70:73:77:6f:a8:ce:b9:61:91:19:27:bb:0b:a1:d2:e1:
7c:5f:31:3d:a9:b3:3d:4b:65:52:13:68:47:98:e5:ab:07:7e:
7c:0f:e4:98:e7:56:0e:4b:b3:6c:12:2c:54:7b:05:67:e9:93:
63:cc:ff:e8:99:7d:a2:92:8f:7b:10:31:bc:0a:c3:66:58:10:
67:31:30:9d:53:66:67:d6:59:24:88:52:6c:d9:64:c4:e5:7f:
89:bf:78:0d:20:06:9b:4e:31:f5:cb:d3:3a:49:cb:7f:ce:17:
fb:25:97:b3:d3:04:c3:59:2a:de:bd:97:3f:53:d4:e6:34:2d:
f6:5c:d4:de:92:6c:06:9e:32:0b:2c:01:a6:c1:56:84:8d:73:
2e:48:c0:df:e3:00:66:eb:a6:df:9f:98:85:a6:5f:a4:a4:43:
ca:0f:87:f1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEfbbK4gP8nES6lrOf12/FM9w48EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MzEwMTEwNDhaFw0yNjA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDMzOWIxNzNmOTIzYTAxODk5MmI4MDY1ODkwNzRlM2VjM2I3ZTJmZTkyNDM5
MjZlOWIxN2UyZTk2ZTZlZTc2NDAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKNqqxh0U3G9g673MvUFEEoNEszOJmJWUbRBD+QB/uTBaq/X/iw85qAZ5Z83
GY+RX3sdsbodY/Ay6L6DAn+MeUme9zkyoRi5EhCcuNUVpvtecSrcwlc1yiCYQBwE
PxWfyTCoPNd5BMYRsqoqrqlO0U3Fw/Vnvjw5C2gTNDP9K5gh7ioPMnjYQaY18zso
Q42ojINQsJX7/gUNGkXFGOwRYk1Qq/uY3ZK4uER788WxkqfEt3V/MmWw57pBmQoP
A1VwpyJn4RAQejfZ/c0dgdSTe4/xfSQXAreh/x4IvxwEeR0/YiCb9Wp/DC0bL4iF
7meULk1gcwqwqiFepjGMHakCtf0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQNn9CM
pZ9AllJILbwZ4+Z8XySkejAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjZhOWRkNDQtYzQ4MC00M2E1LWIzNWQtYjQ3NzJhMGI0M2Q1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FpA
MA0GCSqGSIb3DQEBCwUAA4IBAQBm1wNDc/Fi02aPLToZATig1ffcXH3+Q1bxaVbG
cnOyaEszE/CKWgzqNd3RixYOSEptp3gXQ4Y4NKyWOIHOK/Te7eRoX4bioHY79E3w
oK4FjV3WVquaYiKRN4SCD3Bzd2+ozrlhkRknuwuh0uF8XzE9qbM9S2VSE2hHmOWr
B358D+SY51YOS7NsEixUewVn6ZNjzP/omX2iko97EDG8CsNmWBBnMTCdU2Zn1lkk
iFJs2WTE5X+Jv3gNIAabTjH1y9M6Sct/zhf7JZez0wTDWSrevZc/U9TmNC32XNTe
kmwGnjILLAGmwVaEjXMuSMDf4wBm66bfn5iFpl+kpEPKD4fx
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:24:34 2026 by rpki-client