Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/70a2bc6f-ae0f-4f13-9499-78c505a5f7c9.roa
File: 70a2bc6f-ae0f-4f13-9499-78c505a5f7c9.roa (raw, json)
Hash identifier: VvvJEdsJY4UYEa2mG5Rf9lKKu8WkNUoDfNPkL+9QELA=
Subject key identifier: F4:35:21:A3:EA:B5:15:23:7F:BC:9D:30:F9:31:F6:16:C1:F5:77:8F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 01FDD1960B0E1E3BA160A249CECF95BD8A85D9A3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/70a2bc6f-ae0f-4f13-9499-78c505a5f7c9.roa
Signing time: Tue 19 May 2026 05:20:36 +0000
ROA not before: Tue 19 May 2026 05:20:36 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:fd:d1:96:0b:0e:1e:3b:a1:60:a2:49:ce:cf:95:bd:8a:85:d9:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:20:36 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=330653974d24074c118da2d3fb54f045eff4a821edb489ea3d00c497db8ad119, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:1b:2f:92:bd:5c:39:2c:20:b6:b4:88:9b:31:
ab:60:ca:ef:9c:3f:b0:fe:f6:0a:ee:09:73:36:46:
d0:3b:2a:cb:af:d0:cc:77:36:d9:9f:f5:8e:58:65:
23:54:8e:79:63:4b:e2:8f:ad:3d:85:74:09:1d:4b:
ed:12:af:d2:45:f1:87:65:8c:af:f1:07:78:94:e7:
79:28:7e:4c:bb:38:1b:a7:16:89:05:24:74:9b:56:
03:00:91:c4:7c:86:a6:33:d8:53:31:35:87:ad:13:
30:d8:66:69:4f:e0:18:a4:a3:66:9a:77:ad:8c:1b:
f8:5b:4d:1e:67:76:2e:85:a5:74:ba:94:37:4e:c2:
f7:f4:78:01:58:4e:b5:be:5b:f3:35:03:1a:61:09:
64:9d:31:47:e2:60:3a:22:db:14:c7:45:2d:3a:05:
9a:92:25:01:f5:60:82:90:17:e1:24:bc:6c:91:51:
63:fe:60:fb:ba:2c:bf:05:b3:56:ca:7b:c7:55:23:
55:85:0e:fa:1f:5b:19:06:fc:fa:fc:73:af:62:cf:
43:01:6f:15:53:77:cf:52:ea:d6:cc:26:e2:2f:08:
c9:e3:81:2e:95:6e:b1:62:44:8a:a2:6e:c5:bd:fb:
63:42:aa:1f:52:3a:db:fe:25:ee:75:38:c0:f5:af:
de:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:35:21:A3:EA:B5:15:23:7F:BC:9D:30:F9:31:F6:16:C1:F5:77:8F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/70a2bc6f-ae0f-4f13-9499-78c505a5f7c9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:e000::/40
Signature Algorithm: sha256WithRSAEncryption
30:ee:8a:6f:78:a4:4e:5a:85:c9:db:ed:c8:cd:93:37:80:9c:
6a:89:b3:bd:13:f0:9a:89:99:96:3b:ad:a4:64:fe:a7:99:62:
0f:f3:14:9c:86:c4:37:1e:6d:13:3f:3d:79:df:6d:e4:dc:ea:
b3:6c:b8:10:0d:2e:ab:a3:42:c4:d3:70:c0:ab:ea:bb:bb:75:
4f:19:17:b0:04:61:05:e6:2a:dd:c8:92:99:6c:07:be:54:11:
fa:22:56:fd:c6:54:5b:76:20:c3:d0:06:d1:51:36:ea:fe:96:
3f:26:b8:2c:b5:eb:56:71:5a:d2:4c:78:b3:00:37:b6:a5:b8:
7c:4d:ba:a9:66:9e:f4:13:b1:17:02:30:49:79:e7:90:9c:43:
61:c0:d7:f2:de:44:71:e1:d6:49:72:51:dd:22:9c:c8:ec:38:
95:aa:9c:78:bf:a4:59:13:cb:c8:97:a3:e3:d2:28:22:63:25:
ca:74:52:92:94:ac:b5:06:7c:3e:90:c9:0d:9f:0d:33:35:a0:
84:71:0d:f3:42:a2:ad:10:99:33:51:56:80:a4:cb:68:10:5d:
d3:03:6a:41:ca:fe:e7:6c:37:dd:b6:39:fa:89:87:ce:1f:84:
74:d9:ba:a6:6b:76:4f:df:ff:56:c2:3c:cd:86:35:66:be:73:
c7:c1:f7:95
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUAf3RlgsOHjuhYKJJzs+VvYqF2aMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTIwMzZaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDMzMDY1Mzk3NGQyNDA3NGMxMThkYTJkM2ZiNTRmMDQ1ZWZmNGE4MjFlZGI0
ODllYTNkMDBjNDk3ZGI4YWQxMTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMEbL5K9XDksILa0iJsxq2DK75w/sP72Cu4JczZG0Dsqy6/QzHc22Z/1jlhl
I1SOeWNL4o+tPYV0CR1L7RKv0kXxh2WMr/EHeJTneSh+TLs4G6cWiQUkdJtWAwCR
xHyGpjPYUzE1h60TMNhmaU/gGKSjZpp3rYwb+FtNHmd2LoWldLqUN07C9/R4AVhO
tb5b8zUDGmEJZJ0xR+JgOiLbFMdFLToFmpIlAfVggpAX4SS8bJFRY/5g+7osvwWz
Vsp7x1UjVYUO+h9bGQb8+vxzr2LPQwFvFVN3z1Lq1swm4i8IyeOBLpVusWJEiqJu
xb37Y0KqH1I62/4l7nU4wPWv3s0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT0NSGj
6rUVI3+8nTD5MfYWwfV3jzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzBhMmJjNmYtYWUwZi00ZjEzLTk0OTktNzhjNTA1YTVmN2M5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Fjg
MA0GCSqGSIb3DQEBCwUAA4IBAQAw7opveKROWoXJ2+3IzZM3gJxqibO9E/CaiZmW
O62kZP6nmWIP8xSchsQ3Hm0TPz15323k3OqzbLgQDS6ro0LE03DAq+q7u3VPGRew
BGEF5irdyJKZbAe+VBH6Ilb9xlRbdiDD0AbRUTbq/pY/JrgstetWcVrSTHizADe2
pbh8TbqpZp70E7EXAjBJeeeQnENhwNfy3kRx4dZJclHdIpzI7DiVqpx4v6RZE8vI
l6Pj0igiYyXKdFKSlKy1Bnw+kMkNnw0zNaCEcQ3zQqKtEJkzUVaApMtoEF3TA2pB
yv7nbDfdtjn6iYfOH4R02bqma3ZP3/9WwjzNhjVmvnPHwfeV
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:00:42 2026 by rpki-client