Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/77bc679b-5199-43c2-8199-be5c04a6c0d9.roa
File: 77bc679b-5199-43c2-8199-be5c04a6c0d9.roa (raw, json)
Hash identifier: mSTRScgLuXJT293sTLeGBNCuJ4rRXoKw953A2Xo5b6E=
Subject key identifier: EA:D8:47:70:52:76:87:D1:80:E5:F3:7A:81:E7:FA:3C:28:D6:A9:29
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0AABDA81B29589D9EBDB28EBC92FB70EF226F33D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/77bc679b-5199-43c2-8199-be5c04a6c0d9.roa
Signing time: Tue 19 May 2026 05:30:17 +0000
ROA not before: Tue 19 May 2026 05:30:17 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:c040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:ab:da:81:b2:95:89:d9:eb:db:28:eb:c9:2f:b7:0e:f2:26:f3:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:30:17 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=0428d61b7a9040cc69a89d32610409f5a0c34da611cf1051347c330563b3be3b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:b6:f0:ef:e7:a9:2f:e7:5b:27:b2:68:d9:e5:
5c:54:18:67:d1:ed:cc:0b:ec:d9:fb:42:22:38:74:
24:8d:7d:7e:36:56:50:fe:65:3a:16:95:ec:e2:1a:
62:0d:c8:67:db:dc:b3:28:32:af:61:51:5c:47:08:
a1:54:40:3a:d1:7f:cd:f6:fb:f3:e9:9e:0f:6a:df:
47:70:24:3e:c0:c5:15:d6:68:68:ed:f8:d1:34:3e:
51:e5:32:5d:4c:fa:d1:d4:1d:ef:f9:e8:15:92:f9:
aa:11:a5:ea:c3:6f:f8:fb:15:1c:82:f7:8c:9f:30:
95:c0:06:0d:3d:d3:e6:c4:5e:df:aa:bb:16:42:54:
03:ee:bd:16:e1:14:fa:c0:6e:e1:a3:22:ef:c4:ad:
4e:72:9a:d1:58:08:2c:07:da:2f:7d:eb:01:49:1a:
c8:92:0b:76:f2:c3:87:8b:24:30:53:1c:6f:17:1d:
5b:2e:c8:0b:03:7f:a9:a4:26:64:07:f4:7e:e9:31:
05:a3:44:38:ee:02:9a:90:d3:d5:ed:0f:0c:fb:c0:
a5:9a:65:12:d5:35:59:9b:50:20:45:67:3b:3e:b9:
1f:77:b8:5d:df:9c:77:b9:70:aa:7e:ac:14:21:8e:
54:4c:27:f8:54:fe:32:2b:4e:0f:41:3e:50:d3:ef:
d1:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:D8:47:70:52:76:87:D1:80:E5:F3:7A:81:E7:FA:3C:28:D6:A9:29
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/77bc679b-5199-43c2-8199-be5c04a6c0d9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:c040::/48
Signature Algorithm: sha256WithRSAEncryption
9f:6e:69:b7:46:9f:65:64:45:11:f5:31:bc:ea:f9:20:f1:05:
9b:f7:d0:ea:fd:13:c3:be:3d:69:b2:ba:8b:0a:dc:98:51:1b:
17:87:61:31:d9:94:eb:af:99:dc:66:22:28:fd:84:83:d8:82:
68:8f:8c:4e:cd:1b:36:ee:5c:7f:b3:2d:7a:bd:9c:5c:1c:01:
18:6e:4e:63:4b:5f:8b:0a:8f:b6:fd:81:6f:64:cb:bb:1c:89:
d0:c1:ae:25:f2:58:c5:c5:6f:59:c5:0a:0f:9c:5c:48:eb:a5:
8b:2f:2a:44:3a:c0:5d:74:1c:cc:ac:24:7c:a1:62:d0:67:66:
46:5f:af:c3:d5:2d:08:cf:89:fd:86:3e:74:2c:ba:01:c9:18:
2b:6b:f4:fe:83:d0:3b:bb:5d:4b:df:40:0f:28:cb:f5:07:3e:
83:1c:e1:ca:e7:97:02:e0:fa:2d:59:a6:11:b7:53:a1:40:8b:
c3:4b:22:96:3b:f4:a0:bf:ff:dc:85:c2:d6:c3:5b:08:04:c9:
07:22:f8:6c:4c:32:b4:a2:c7:b4:1a:da:1d:a9:3a:d9:21:aa:
ab:8d:55:33:f3:d0:66:67:c5:1a:9d:f1:76:83:79:15:1b:28:
49:ac:a0:4d:75:15:ab:12:6f:e3:56:bb:48:09:36:38:02:55:
2e:93:63:64
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUCqvagbKVidnr2yjryS+3DvIm8z0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTMwMTdaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDA0MjhkNjFiN2E5MDQwY2M2OWE4OWQzMjYxMDQwOWY1YTBjMzRkYTYxMWNm
MTA1MTM0N2MzMzA1NjNiM2JlM2IxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJy28O/nqS/nWyeyaNnlXFQYZ9HtzAvs2ftCIjh0JI19fjZWUP5lOhaV7OIa
Yg3IZ9vcsygyr2FRXEcIoVRAOtF/zfb78+meD2rfR3AkPsDFFdZoaO340TQ+UeUy
XUz60dQd7/noFZL5qhGl6sNv+PsVHIL3jJ8wlcAGDT3T5sRe36q7FkJUA+69FuEU
+sBu4aMi78StTnKa0VgILAfaL33rAUkayJILdvLDh4skMFMcbxcdWy7ICwN/qaQm
ZAf0fukxBaNEOO4CmpDT1e0PDPvApZplEtU1WZtQIEVnOz65H3e4Xd+cd7lwqn6s
FCGOVEwn+FT+MitOD0E+UNPv0b8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTq2Edw
UnaH0YDl83qB5/o8KNapKTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzdiYzY3OWItNTE5OS00M2MyLTgxOTktYmU1YzA0YTZjMGQ5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H/A
QDANBgkqhkiG9w0BAQsFAAOCAQEAn25pt0afZWRFEfUxvOr5IPEFm/fQ6v0Tw749
abK6iwrcmFEbF4dhMdmU66+Z3GYiKP2Eg9iCaI+MTs0bNu5cf7Mter2cXBwBGG5O
Y0tfiwqPtv2Bb2TLuxyJ0MGuJfJYxcVvWcUKD5xcSOuliy8qRDrAXXQczKwkfKFi
0GdmRl+vw9UtCM+J/YY+dCy6AckYK2v0/oPQO7tdS99ADyjL9Qc+gxzhyueXAuD6
LVmmEbdToUCLw0siljv0oL//3IXC1sNbCATJByL4bEwytKLHtBraHak62SGqq41V
M/PQZmfFGp3xdoN5FRsoSaygTXUVqxJv41a7SAk2OAJVLpNjZA==
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:00:40 2026 by rpki-client