Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7665346b-5715-4d4a-9ee7-32affc669e92.roa
File: 7665346b-5715-4d4a-9ee7-32affc669e92.roa (raw, json)
Hash identifier: BhW9FxxWbEGHgK+99j4dzfgm6fpU0WJJEzGtpAzpVX0=
Subject key identifier: 2A:39:49:35:23:86:80:D8:C5:9A:8F:2D:1E:BA:A2:62:BC:FD:A5:21
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6C6EECE69B271A9A992E333A349FDAF3D51BF49D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7665346b-5715-4d4a-9ee7-32affc669e92.roa
Signing time: Tue 19 May 2026 04:30:10 +0000
ROA not before: Tue 19 May 2026 04:30:10 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:2040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:6e:ec:e6:9b:27:1a:9a:99:2e:33:3a:34:9f:da:f3:d5:1b:f4:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:30:10 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=536c7d078824edbe792be7b8d4fa9de1d030625f55e7180e3861103c15c4cd3b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:b2:30:e1:18:1c:26:0e:e5:92:7b:16:90:e4:
d5:dc:cc:ef:94:1d:3f:e2:cd:89:7d:a0:38:8f:c6:
66:00:8f:60:af:b6:5e:39:50:ed:f6:be:a9:91:57:
db:c0:71:f5:cc:34:f0:04:5f:1b:0b:9a:28:00:5f:
16:88:46:fc:52:52:b9:3b:00:ad:f2:f8:c5:09:63:
32:b4:4c:68:dc:84:58:f3:47:f9:2a:76:47:d1:4c:
9c:d7:8d:88:2b:7e:ad:a9:84:8f:69:b2:2a:d2:c6:
3a:86:d6:43:a8:0d:30:e2:4a:43:4d:f1:3b:42:0d:
89:8c:bb:85:f3:b3:fc:23:a0:94:68:a9:8a:fa:d9:
6a:dc:a2:d0:0b:a9:0b:6d:93:78:e2:96:ca:8b:d2:
47:78:5d:53:3c:15:94:be:79:70:56:fc:0a:46:fe:
8b:9d:41:6f:d0:3d:09:97:f5:41:11:7e:c2:77:be:
c1:6d:9e:75:54:ba:43:fe:1f:2a:58:dc:af:7b:50:
59:45:36:f2:d8:b9:fe:21:6c:a8:58:e4:a6:22:48:
d2:00:fd:af:42:d5:4b:0e:0d:fd:46:ab:74:ac:9a:
25:1d:5f:84:d2:74:43:39:cb:dd:d9:cc:83:79:76:
ac:22:98:3f:ae:dd:3f:59:2c:8c:cf:ea:cd:e9:be:
c0:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:39:49:35:23:86:80:D8:C5:9A:8F:2D:1E:BA:A2:62:BC:FD:A5:21
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7665346b-5715-4d4a-9ee7-32affc669e92.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:2040::/48
Signature Algorithm: sha256WithRSAEncryption
27:0c:9a:95:80:b2:98:7d:e8:0b:7d:0f:10:45:1b:44:b3:02:
18:3f:ae:cd:bd:c1:e3:2d:15:59:db:e4:24:ec:62:16:4a:43:
b4:d9:17:a1:3e:b3:8c:17:5c:b2:af:f2:85:e3:11:fb:22:c4:
4b:44:92:3d:2e:e4:e5:73:81:01:d3:cd:a8:1e:47:fd:6d:ec:
97:78:2a:16:25:c8:2a:58:f3:d0:9e:be:7d:a1:bb:31:34:41:
28:21:37:8b:15:da:03:cb:e9:bb:bd:4e:49:ed:b3:6f:21:77:
ff:b5:f1:e8:45:bc:94:47:36:29:67:a3:a0:b2:7f:3c:86:17:
57:75:70:19:98:52:33:3f:ff:8b:a5:e4:0f:86:86:01:75:29:
26:60:a2:dc:9a:e5:9e:54:f0:e4:42:55:c4:b3:9a:35:38:34:
4d:16:39:2d:45:96:62:c5:22:4f:06:d8:ff:47:dd:4a:48:82:
f2:e9:b0:67:fb:41:0a:b7:73:7a:14:da:e2:8f:f3:9b:a7:5a:
57:c3:8c:83:d9:c7:86:10:48:81:59:68:f6:1b:9b:d1:cf:64:
13:0f:27:26:0d:82:29:37:fd:01:b6:4f:84:fe:46:7e:cd:46:
40:6a:32:fd:d7:2e:b4:a7:f3:a3:c1:56:02:79:e1:86:3c:15:
64:bf:47:2a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUbG7s5psnGpqZLjM6NJ/a89Ub9J0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDMwMTBaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDUzNmM3ZDA3ODgyNGVkYmU3OTJiZTdiOGQ0ZmE5ZGUxZDAzMDYyNWY1NWU3
MTgwZTM4NjExMDNjMTVjNGNkM2IxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMGyMOEYHCYO5ZJ7FpDk1dzM75QdP+LNiX2gOI/GZgCPYK+2XjlQ7fa+qZFX
28Bx9cw08ARfGwuaKABfFohG/FJSuTsArfL4xQljMrRMaNyEWPNH+Sp2R9FMnNeN
iCt+ramEj2myKtLGOobWQ6gNMOJKQ03xO0INiYy7hfOz/COglGipivrZatyi0Aup
C22TeOKWyovSR3hdUzwVlL55cFb8Ckb+i51Bb9A9CZf1QRF+wne+wW2edVS6Q/4f
Kljcr3tQWUU28ti5/iFsqFjkpiJI0gD9r0LVSw4N/UardKyaJR1fhNJ0QznL3dnM
g3l2rCKYP67dP1ksjM/qzem+wA0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQqOUk1
I4aA2MWajy0euqJivP2lITAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzY2NTM0NmItNTcxNS00ZDRhLTllZTctMzJhZmZjNjY5ZTkyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0AAg
QDANBgkqhkiG9w0BAQsFAAOCAQEAJwyalYCymH3oC30PEEUbRLMCGD+uzb3B4y0V
WdvkJOxiFkpDtNkXoT6zjBdcsq/yheMR+yLES0SSPS7k5XOBAdPNqB5H/W3sl3gq
FiXIKljz0J6+faG7MTRBKCE3ixXaA8vpu71OSe2zbyF3/7Xx6EW8lEc2KWejoLJ/
PIYXV3VwGZhSMz//i6XkD4aGAXUpJmCi3JrlnlTw5EJVxLOaNTg0TRY5LUWWYsUi
TwbY/0fdSkiC8umwZ/tBCrdzehTa4o/zm6daV8OMg9nHhhBIgVlo9hub0c9kEw8n
Jg2CKTf9AbZPhP5Gfs1GQGoy/dcutKfzo8FWAnnhhjwVZL9HKg==
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:44:56 2026 by rpki-client