Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a2215e7-5ee2-420b-8f98-5e0faef4cbea.roa
File: 7a2215e7-5ee2-420b-8f98-5e0faef4cbea.roa (raw, json)
Hash identifier: he6B2YLYspPDFi2MQ/oioE7gOG8KF+/nTIrRwvQ+fRM=
Subject key identifier: 03:C3:79:B7:03:D3:0B:44:79:13:4B:AC:AD:83:84:E5:EB:27:9D:13
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7E6C2FB860BC3C83F7B09C81B319D4B7BB1C732B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a2215e7-5ee2-420b-8f98-5e0faef4cbea.roa
Signing time: Tue 19 May 2026 04:40:22 +0000
ROA not before: Tue 19 May 2026 04:40:22 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:6c:2f:b8:60:bc:3c:83:f7:b0:9c:81:b3:19:d4:b7:bb:1c:73:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:40:22 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=ef39cabc209950d3f3dd59a1f53d6aaa74ed1bb13c767a5768644daf7ba037b3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:bf:0c:e5:22:31:50:73:4e:28:93:ff:12:60:
f5:c9:d4:27:26:42:ff:5f:c2:e9:f8:3f:21:b2:d1:
31:10:db:ff:2a:97:82:ac:89:a0:c5:13:6c:03:ad:
31:0c:98:e1:c9:90:91:d8:e8:3e:08:85:a0:06:e5:
71:fa:5f:61:ac:ee:74:5d:36:78:c5:6c:0d:3a:8b:
1e:5c:b9:54:02:86:c8:ab:dc:4f:90:ff:ac:68:f8:
e7:54:0a:18:b3:50:7a:5d:c6:19:2d:78:1b:8f:c1:
83:c6:2f:e9:5b:66:78:62:14:d1:bc:66:ab:ba:41:
55:01:62:77:ad:da:54:fb:19:c9:90:46:76:b8:81:
52:c6:8c:ad:a6:35:dd:d1:cc:35:ed:61:f0:fa:b8:
b0:ee:a5:69:a7:80:85:b2:57:54:49:cf:78:6a:65:
7c:47:e7:01:1e:a8:b5:55:02:3e:54:f3:12:e9:48:
8a:3d:16:8a:9d:4a:36:6e:7e:c2:ed:c7:a8:d7:4a:
cc:36:19:52:34:86:68:ec:f1:3f:94:a5:61:98:81:
97:80:bc:0f:d8:2d:15:5c:f9:42:97:11:63:31:b5:
02:cb:b2:59:62:65:b2:f6:5b:4b:d4:a5:82:87:64:
94:cd:8d:1e:eb:80:56:ff:2f:eb:b8:48:b8:49:78:
4f:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:C3:79:B7:03:D3:0B:44:79:13:4B:AC:AD:83:84:E5:EB:27:9D:13
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a2215e7-5ee2-420b-8f98-5e0faef4cbea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:e000::/40
Signature Algorithm: sha256WithRSAEncryption
62:8d:1a:56:87:37:9a:d0:14:88:f5:7c:de:46:37:22:43:d5:
28:08:a2:24:a2:b0:f0:57:4d:35:d2:b6:5f:8c:5f:5f:70:17:
60:c4:c2:e3:8e:bc:50:6d:36:3d:28:7c:00:d7:8e:df:6e:6e:
18:27:87:a0:45:ae:7e:40:43:35:17:a5:59:48:97:ce:87:c9:
b0:e0:cc:3a:dc:4b:3a:42:e1:44:c5:7e:c7:a5:e8:33:0c:d4:
f1:f4:d2:34:53:45:fc:5f:45:86:14:78:35:1d:f1:72:5c:1b:
7b:76:8d:7a:b0:a1:c2:e5:5e:64:71:47:cd:b7:3e:a3:6b:95:
38:38:b7:86:ba:67:ac:94:c4:59:9c:24:c6:c3:52:39:c5:9d:
62:d5:32:0f:41:20:41:6a:5e:a1:91:d1:28:eb:ad:fe:65:be:
a0:fc:59:e5:87:65:de:01:45:c9:2c:82:04:d8:67:e2:0d:ed:
4c:5a:18:df:de:9c:97:55:72:56:c6:d8:d3:9e:c1:d5:7f:67:
a3:89:8d:87:9e:f0:7c:2a:61:8f:6e:cb:df:cc:09:cf:cf:96:
81:07:8e:57:6f:c4:3d:8c:0d:7c:85:2d:1d:95:6b:13:13:eb:
7a:fc:4f:d4:c5:88:fa:1e:fe:f6:30:70:d0:71:4e:9b:85:8a:
c5:3e:96:97
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfmwvuGC8PIP3sJyBsxnUt7sccyswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDQwMjJaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGVmMzljYWJjMjA5OTUwZDNmM2RkNTlhMWY1M2Q2YWFhNzRlZDFiYjEzYzc2
N2E1NzY4NjQ0ZGFmN2JhMDM3YjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANq/DOUiMVBzTiiT/xJg9cnUJyZC/1/C6fg/IbLRMRDb/yqXgqyJoMUTbAOt
MQyY4cmQkdjoPgiFoAblcfpfYazudF02eMVsDTqLHly5VAKGyKvcT5D/rGj451QK
GLNQel3GGS14G4/Bg8Yv6VtmeGIU0bxmq7pBVQFid63aVPsZyZBGdriBUsaMraY1
3dHMNe1h8Pq4sO6laaeAhbJXVEnPeGplfEfnAR6otVUCPlTzEulIij0Wip1KNm5+
wu3HqNdKzDYZUjSGaOzxP5SlYZiBl4C8D9gtFVz5QpcRYzG1AsuyWWJlsvZbS9Sl
godklM2NHuuAVv8v67hIuEl4T4MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQDw3m3
A9MLRHkTS6ytg4Tl6yedEzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2EyMjE1ZTctNWVlMi00MjBiLThmOTgtNWUwZmFlZjRjYmVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Djg
MA0GCSqGSIb3DQEBCwUAA4IBAQBijRpWhzea0BSI9XzeRjciQ9UoCKIkorDwV001
0rZfjF9fcBdgxMLjjrxQbTY9KHwA147fbm4YJ4egRa5+QEM1F6VZSJfOh8mw4Mw6
3Es6QuFExX7HpegzDNTx9NI0U0X8X0WGFHg1HfFyXBt7do16sKHC5V5kcUfNtz6j
a5U4OLeGumeslMRZnCTGw1I5xZ1i1TIPQSBBal6hkdEo663+Zb6g/Fnlh2XeAUXJ
LIIE2GfiDe1MWhjf3pyXVXJWxtjTnsHVf2ejiY2HnvB8KmGPbsvfzAnPz5aBB45X
b8Q9jA18hS0dlWsTE+t6/E/UxYj6Hv72MHDQcU6bhYrFPpaX
-----END CERTIFICATE-----
Generated at Sat Jun 13 07:59:22 2026 by rpki-client