Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a6d5c4d-40dd-4577-9520-a2ac286c8194.roa
File: 7a6d5c4d-40dd-4577-9520-a2ac286c8194.roa (raw, json)
Hash identifier: gVGOy9WUsWc9zJ86KgUeCaDO+p39gvTGRSx55xvIC5c=
Subject key identifier: 16:E5:24:67:29:FF:51:05:28:92:F6:1B:01:77:8E:17:5F:2E:3F:B7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 20B751ADD2A332A1D51E76352362148974B6968C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a6d5c4d-40dd-4577-9520-a2ac286c8194.roa
Signing time: Tue 19 May 2026 04:40:57 +0000
ROA not before: Tue 19 May 2026 04:40:57 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:c0c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:b7:51:ad:d2:a3:32:a1:d5:1e:76:35:23:62:14:89:74:b6:96:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:40:57 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=78fccc546784b4ea31dbc71a689c323931307e7a39d26421580e43b7b87718c8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:16:e5:fb:02:58:12:ee:89:0c:33:e0:32:09:
9c:ca:f1:70:f7:be:ff:bb:30:3c:3d:12:4d:13:17:
48:6a:c8:e6:ba:ba:fb:fc:1f:b1:5f:49:d5:01:ec:
c8:9b:2f:f3:2a:7a:9b:3e:4d:eb:bf:cd:a2:90:64:
7e:30:53:2a:6e:0f:36:85:87:21:24:ed:1d:6d:b1:
2e:9d:7e:ad:74:c9:8a:a1:74:27:3a:62:79:a0:48:
92:c4:9b:64:22:89:85:fb:b3:16:12:ff:31:cb:ba:
14:bb:b5:71:aa:d0:cf:54:f0:7d:4e:92:5a:5b:91:
f5:7e:29:14:b7:85:b1:32:d7:5e:90:14:43:e4:22:
e8:f0:e0:6f:da:25:d2:b4:36:da:f3:6e:3a:bc:66:
91:13:c6:b4:c9:c6:60:0f:c4:e8:cf:87:7c:a0:30:
e9:5b:b8:4f:89:56:f2:34:fd:7a:ee:7b:4c:5f:08:
69:3b:53:05:8a:7e:d8:11:be:3c:d8:03:3b:db:c6:
80:59:ec:96:4e:28:26:dd:c2:89:76:8d:8c:70:d3:
e9:5f:59:e7:83:75:9e:b0:03:da:74:68:7c:d6:4d:
85:47:aa:8c:84:d7:15:b5:30:d5:b1:53:1f:9e:c0:
53:66:24:1d:9c:8c:52:91:ff:39:52:a1:ce:6f:00:
bb:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:E5:24:67:29:FF:51:05:28:92:F6:1B:01:77:8E:17:5F:2E:3F:B7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7a6d5c4d-40dd-4577-9520-a2ac286c8194.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:c0c0::/48
Signature Algorithm: sha256WithRSAEncryption
21:fb:98:6f:62:b2:a7:94:13:e5:a0:c7:68:62:1c:f1:1b:70:
8a:51:8c:5c:87:b6:9e:05:ac:e2:0f:0d:d3:60:82:58:53:05:
ac:d7:d0:6a:3d:d0:78:35:f8:7a:98:b9:d5:04:3c:21:fa:67:
75:84:ce:7c:b8:35:a8:99:9f:42:16:4e:09:46:93:1a:60:72:
4e:0c:4b:0b:f8:81:21:15:20:1b:72:85:5f:2c:8a:af:75:a8:
bf:6b:5c:cb:fe:ab:f4:f7:2f:dd:16:5a:1d:93:3f:4f:4c:cb:
0c:22:45:16:52:0f:ff:e3:1f:29:3d:4d:2f:ff:b2:da:86:15:
eb:19:f7:93:b7:83:12:a4:82:d2:ca:f4:d1:c4:8a:9a:78:61:
57:b6:4a:61:2c:2e:d5:1b:ad:80:31:94:de:b6:c4:18:d0:a5:
0e:cd:bf:78:63:b0:71:3f:a8:cd:6b:bd:05:81:0c:e7:c9:54:
92:59:22:ef:31:b1:46:c5:f9:b7:f7:dd:8c:15:62:40:77:ee:
e6:6a:ab:5f:89:9d:88:c3:48:a1:eb:7e:6b:92:d2:84:e7:40:
56:ff:af:7b:f8:53:54:a2:52:7e:ee:c4:75:f6:5f:c3:f1:0d:
75:d5:0e:5b:b3:0b:6b:71:a5:d8:1f:ed:65:fc:16:1b:da:52:
26:43:b7:c1
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUILdRrdKjMqHVHnY1I2IUiXS2lowwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDQwNTdaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDc4ZmNjYzU0Njc4NGI0ZWEzMWRiYzcxYTY4OWMzMjM5MzEzMDdlN2EzOWQy
NjQyMTU4MGU0M2I3Yjg3NzE4YzgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ0W5fsCWBLuiQwz4DIJnMrxcPe+/7swPD0STRMXSGrI5rq6+/wfsV9J1QHs
yJsv8yp6mz5N67/NopBkfjBTKm4PNoWHISTtHW2xLp1+rXTJiqF0JzpieaBIksSb
ZCKJhfuzFhL/Mcu6FLu1carQz1TwfU6SWluR9X4pFLeFsTLXXpAUQ+Qi6PDgb9ol
0rQ22vNuOrxmkRPGtMnGYA/E6M+HfKAw6Vu4T4lW8jT9eu57TF8IaTtTBYp+2BG+
PNgDO9vGgFnslk4oJt3CiXaNjHDT6V9Z54N1nrAD2nRofNZNhUeqjITXFbUw1bFT
H57AU2YkHZyMUpH/OVKhzm8Au88CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQW5SRn
Kf9RBSiS9hsBd44XXy4/tzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2E2ZDVjNGQtNDBkZC00NTc3LTk1MjAtYTJhYzI4NmM4MTk0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H/A
wDANBgkqhkiG9w0BAQsFAAOCAQEAIfuYb2Kyp5QT5aDHaGIc8RtwilGMXIe2ngWs
4g8N02CCWFMFrNfQaj3QeDX4epi51QQ8IfpndYTOfLg1qJmfQhZOCUaTGmByTgxL
C/iBIRUgG3KFXyyKr3Wov2tcy/6r9Pcv3RZaHZM/T0zLDCJFFlIP/+MfKT1NL/+y
2oYV6xn3k7eDEqSC0sr00cSKmnhhV7ZKYSwu1RutgDGU3rbEGNClDs2/eGOwcT+o
zWu9BYEM58lUklki7zGxRsX5t/fdjBViQHfu5mqrX4mdiMNIoet+a5LShOdAVv+v
e/hTVKJSfu7EdfZfw/ENddUOW7MLa3Gl2B/tZfwWG9pSJkO3wQ==
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:00:10 2026 by rpki-client