Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/773f4606-0d98-4350-9ccd-3aba599136ef.roa
File: 773f4606-0d98-4350-9ccd-3aba599136ef.roa (raw, json)
Hash identifier: aweQTlO9m7AYVr5iAh2N1TivjlXZkpiyOuRMKQAxFNQ=
Subject key identifier: D2:3B:9C:76:BC:F9:20:EF:F7:5D:C3:ED:09:B7:B1:CE:C5:E8:F5:58
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7E8EFB270405CE3867FC038585D97220E08B5DE4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/773f4606-0d98-4350-9ccd-3aba599136ef.roa
Signing time: Sun 17 May 2026 02:10:06 +0000
ROA not before: Sun 17 May 2026 02:10:06 +0000
ROA not after: Sat 15 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:8e:fb:27:04:05:ce:38:67:fc:03:85:85:d9:72:20:e0:8b:5d:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 17 02:10:06 2026 GMT
Not After : Aug 15 23:59:59 2026 GMT
Subject: serialNumber=00cd9158da02fd36140d9cc0431c3a931b6a7a3cc19d9bd226944744f5217d1c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:cc:c9:6f:b7:26:31:4e:dd:03:10:03:5b:5c:
81:92:d5:39:43:d5:df:46:09:d3:01:ec:c4:91:89:
43:85:fd:0b:35:8d:67:23:3e:67:63:51:cc:20:ff:
4c:64:90:f9:b2:56:5f:ca:03:d4:e5:cf:fc:d4:04:
a9:36:ed:db:c6:11:eb:96:9c:98:f0:cc:2d:7e:9d:
f8:b8:b5:9a:68:c3:07:27:68:06:91:cf:89:28:6e:
5b:42:10:42:80:31:cd:ff:6a:ab:1b:c1:50:29:04:
41:43:93:86:82:95:d4:ce:e5:8a:34:63:5e:a5:8a:
12:e7:a2:92:d2:81:af:fe:1c:44:56:c5:e6:ba:b7:
cd:52:f4:6a:64:7c:2d:73:ac:41:16:77:38:49:05:
e3:ad:38:d3:80:ff:6d:4e:b4:64:eb:8b:c7:ed:72:
9e:c3:a6:6a:19:2d:df:2a:bc:ce:32:63:f6:6c:90:
26:07:9f:23:5b:6f:c4:4d:25:ad:a6:40:63:c7:08:
22:3f:fb:c1:f7:e7:8f:fa:1c:73:fe:17:40:69:39:
c5:30:2e:7d:7a:8f:cd:06:bd:68:b6:cf:96:86:52:
3b:ab:23:67:c8:2c:7e:6a:b5:49:25:4d:53:7a:c4:
26:d6:d9:40:15:ac:a5:ea:d9:4c:ea:ff:12:b2:eb:
28:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:3B:9C:76:BC:F9:20:EF:F7:5D:C3:ED:09:B7:B1:CE:C5:E8:F5:58
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/773f4606-0d98-4350-9ccd-3aba599136ef.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:800::/40
Signature Algorithm: sha256WithRSAEncryption
04:bd:11:59:1e:ea:86:0a:12:a9:14:95:2f:bb:83:43:fb:81:
c8:3c:2c:42:93:a2:d0:c7:7f:eb:af:ad:47:91:e7:2a:ae:dc:
70:09:99:2f:8c:a3:9c:8d:75:99:fc:e8:0e:64:40:37:e2:b0:
1f:fc:95:40:36:5a:aa:f8:b0:88:e2:09:09:2a:87:3b:72:c3:
18:b8:03:6e:f8:7a:7a:37:3a:9e:a9:6c:9a:d3:99:df:b3:01:
fb:4c:9e:da:7c:5e:85:d7:6f:33:5e:32:e2:85:8e:ba:6f:a2:
ec:9a:2a:90:34:92:77:8b:39:4b:d5:d6:5c:63:63:74:28:60:
92:9e:11:93:52:b1:77:f4:a3:e0:fb:c2:ff:04:69:8e:f5:68:
8b:c0:0e:94:48:3b:2d:a0:b5:05:69:7f:9c:7b:95:b8:2b:73:
01:58:3a:1c:a9:4b:4a:73:40:0a:c3:e4:2c:c8:8a:ab:be:01:
42:b5:0b:fc:28:8e:2a:a2:22:3d:bd:85:af:df:29:da:47:f2:
03:89:c9:24:a7:29:16:f4:5b:39:a4:32:f5:c4:d6:58:71:13:
65:7f:5f:06:3d:a5:dd:66:ca:92:4a:81:fa:8a:38:96:13:1b:
73:fe:3b:d2:73:3a:25:e1:52:de:8b:88:c7:b6:b4:e3:06:d1:
88:c5:f7:5a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfo77JwQFzjhn/AOFhdlyIOCLXeQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTcwMjEwMDZaFw0yNjA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDAwY2Q5MTU4ZGEwMmZkMzYxNDBkOWNjMDQzMWMzYTkzMWI2YTdhM2NjMTlk
OWJkMjI2OTQ0NzQ0ZjUyMTdkMWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJnMyW+3JjFO3QMQA1tcgZLVOUPV30YJ0wHsxJGJQ4X9CzWNZyM+Z2NRzCD/
TGSQ+bJWX8oD1OXP/NQEqTbt28YR65acmPDMLX6d+Li1mmjDBydoBpHPiShuW0IQ
QoAxzf9qqxvBUCkEQUOThoKV1M7lijRjXqWKEueiktKBr/4cRFbF5rq3zVL0amR8
LXOsQRZ3OEkF460404D/bU60ZOuLx+1ynsOmahkt3yq8zjJj9myQJgefI1tvxE0l
raZAY8cIIj/7wffnj/occ/4XQGk5xTAufXqPzQa9aLbPloZSO6sjZ8gsfmq1SSVN
U3rEJtbZQBWsperZTOr/ErLrKLMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTSO5x2
vPkg7/ddw+0Jt7HOxej1WDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzczZjQ2MDYtMGQ5OC00MzUwLTljY2QtM2FiYTU5OTEzNmVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DgI
MA0GCSqGSIb3DQEBCwUAA4IBAQAEvRFZHuqGChKpFJUvu4ND+4HIPCxCk6LQx3/r
r61HkecqrtxwCZkvjKOcjXWZ/OgOZEA34rAf/JVANlqq+LCI4gkJKoc7csMYuANu
+Hp6NzqeqWya05nfswH7TJ7afF6F128zXjLihY66b6LsmiqQNJJ3izlL1dZcY2N0
KGCSnhGTUrF39KPg+8L/BGmO9WiLwA6USDstoLUFaX+ce5W4K3MBWDocqUtKc0AK
w+QsyIqrvgFCtQv8KI4qoiI9vYWv3ynaR/IDickkpykW9Fs5pDL1xNZYcRNlf18G
PaXdZsqSSoH6ijiWExtz/jvSczol4VLei4jHtrTjBtGIxfda
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:12:47 2026 by rpki-client