Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/76aba510-da97-4c2e-ad61-1ca0628deb91.roa
File: 76aba510-da97-4c2e-ad61-1ca0628deb91.roa (raw, json)
Hash identifier: U5XRFIX/XGjK0AdE7V9ginpYLT582Sy4Y2uXfytUgUc=
Subject key identifier: DF:94:EB:44:7C:1A:A5:E3:26:0C:27:E2:B2:F0:FC:7E:9A:7F:DE:6F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4E99A8B7BC50986DC48290D43DA2F5E677DA27F7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/76aba510-da97-4c2e-ad61-1ca0628deb91.roa
Signing time: Fri 22 May 2026 16:16:25 +0000
ROA not before: Fri 22 May 2026 16:16:25 +0000
ROA not after: Thu 20 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d068:8000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:99:a8:b7:bc:50:98:6d:c4:82:90:d4:3d:a2:f5:e6:77:da:27:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 22 16:16:25 2026 GMT
Not After : Aug 20 23:59:59 2026 GMT
Subject: serialNumber=05b348850e2b65a69f63a13b2265936237f7139203c16d560aeef0e214afaa07, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:02:6c:54:26:3f:ce:17:dc:d6:fe:b1:ef:7b:
5b:37:79:5f:28:42:4c:d3:a5:dd:85:d5:ae:01:f3:
2b:66:de:52:e6:09:66:7a:5e:a5:18:f5:27:bf:c5:
de:62:cb:71:4f:8b:75:e4:65:67:b3:7f:55:7c:44:
f8:d9:a8:fb:ac:27:af:c2:81:d8:f1:48:06:85:27:
a7:96:e9:97:c3:f9:fc:24:b6:d2:5f:57:6d:2d:94:
15:46:56:90:35:a5:75:06:aa:e5:f3:90:5e:0b:d0:
40:4b:23:2a:6c:c2:67:54:45:6c:02:ca:bb:4b:2d:
60:b2:d9:b6:71:63:7d:1f:46:a1:f7:46:93:86:2d:
ff:18:cc:e1:06:e8:94:0e:e4:3d:e8:a1:77:b0:a2:
0c:10:fc:85:3d:06:e4:74:b9:52:c6:f5:68:76:ad:
c5:87:0e:6a:9f:6d:c7:44:72:09:1d:39:91:ba:9b:
94:2a:4a:af:a0:8e:02:a2:af:ae:3d:6f:4a:e9:73:
00:5c:4f:9a:10:6e:72:42:f2:2b:57:d3:6f:c6:db:
71:dc:ef:92:23:50:33:69:d5:8f:23:25:c8:4c:67:
5a:1a:0d:a4:a7:12:24:a6:37:57:f5:67:73:b9:c1:
c5:00:08:18:7a:9f:bf:1f:d5:f7:e8:f8:40:a8:ba:
57:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:94:EB:44:7C:1A:A5:E3:26:0C:27:E2:B2:F0:FC:7E:9A:7F:DE:6F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/76aba510-da97-4c2e-ad61-1ca0628deb91.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d068:8000::/40
Signature Algorithm: sha256WithRSAEncryption
b4:e8:56:39:8d:b3:78:6d:2d:15:7a:27:3d:34:ae:73:bb:d2:
67:e7:44:04:0c:c2:8e:ce:a8:b5:07:82:a2:e8:8f:e8:43:7c:
8e:a9:31:36:e5:a4:6f:1e:eb:13:b1:4e:88:a0:2d:12:bb:28:
da:fc:e1:8b:5b:d4:8e:53:af:84:55:10:1e:77:6b:7d:0a:a7:
60:8a:1c:8b:52:51:5f:55:38:96:2f:b7:d7:5d:00:0d:e6:8c:
44:ae:8a:36:ee:e6:02:99:6f:97:c0:00:3e:59:81:d9:81:d5:
d6:50:06:53:f1:d0:6b:92:c8:24:67:c6:d0:95:6c:8d:ed:3f:
d2:6f:2e:f9:69:fe:1c:46:f7:d4:f5:73:ef:3f:5c:c0:cd:6d:
db:da:43:24:f7:76:d3:05:ee:ab:7c:46:cf:bc:28:e7:6c:9e:
a2:37:39:a8:15:c3:ef:db:f7:85:d1:78:1a:72:3e:3f:2f:a5:
8b:d7:96:a7:92:fd:c6:04:18:9a:75:6e:bb:10:86:a0:b0:af:
0f:5b:3f:31:01:9c:e5:e3:7a:2f:93:a4:57:7f:69:30:4a:a7:
1c:2c:b4:94:63:ee:a4:08:42:90:9a:d1:c5:81:ea:08:1f:c9:
a9:c1:5f:91:a4:90:8c:4b:44:00:97:8b:66:3e:31:94:76:c7:
76:86:f0:43
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUTpmot7xQmG3EgpDUPaL15nfaJ/cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MjIxNjE2MjVaFw0yNjA4MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDA1YjM0ODg1MGUyYjY1YTY5ZjYzYTEzYjIyNjU5MzYyMzdmNzEzOTIwM2Mx
NmQ1NjBhZWVmMGUyMTRhZmFhMDcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMoCbFQmP84X3Nb+se97Wzd5XyhCTNOl3YXVrgHzK2beUuYJZnpepRj1J7/F
3mLLcU+LdeRlZ7N/VXxE+Nmo+6wnr8KB2PFIBoUnp5bpl8P5/CS20l9XbS2UFUZW
kDWldQaq5fOQXgvQQEsjKmzCZ1RFbALKu0stYLLZtnFjfR9GofdGk4Yt/xjM4Qbo
lA7kPeihd7CiDBD8hT0G5HS5Usb1aHatxYcOap9tx0RyCR05kbqblCpKr6COAqKv
rj1vSulzAFxPmhBuckLyK1fTb8bbcdzvkiNQM2nVjyMlyExnWhoNpKcSJKY3V/Vn
c7nBxQAIGHqfvx/V9+j4QKi6VxkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTflOtE
fBql4yYMJ+Ky8Px+mn/ebzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzZhYmE1MTAtZGE5Ny00YzJlLWFkNjEtMWNhMDYyOGRlYjkxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0GiA
MA0GCSqGSIb3DQEBCwUAA4IBAQC06FY5jbN4bS0Veic9NK5zu9Jn50QEDMKOzqi1
B4Ki6I/oQ3yOqTE25aRvHusTsU6IoC0Suyja/OGLW9SOU6+EVRAed2t9CqdgihyL
UlFfVTiWL7fXXQAN5oxEroo27uYCmW+XwAA+WYHZgdXWUAZT8dBrksgkZ8bQlWyN
7T/Sby75af4cRvfU9XPvP1zAzW3b2kMk93bTBe6rfEbPvCjnbJ6iNzmoFcPv2/eF
0Xgacj4/L6WL15ankv3GBBiadW67EIagsK8PWz8xAZzl43ovk6RXf2kwSqccLLSU
Y+6kCEKQmtHFgeoIH8mpwV+RpJCMS0QAl4tmPjGUdsd2hvBD
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:03:16 2026 by rpki-client