Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7dcf014f-af88-4ab9-9976-746ed8dec1a6.roa
File: 7dcf014f-af88-4ab9-9976-746ed8dec1a6.roa (raw, json)
Hash identifier: CQwK0bdQIcxYyUEyehW5bhGPBbCMt1Dl0XRfrY9FLpU=
Subject key identifier: 6E:53:B1:60:AB:3D:C2:3C:2E:48:88:34:6E:22:95:57:60:4D:9E:1C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 01F5B495647347FC6454F9D64D9359C574154BCF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7dcf014f-af88-4ab9-9976-746ed8dec1a6.roa
Signing time: Tue 19 May 2026 04:50:36 +0000
ROA not before: Tue 19 May 2026 04:50:36 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:f5:b4:95:64:73:47:fc:64:54:f9:d6:4d:93:59:c5:74:15:4b:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:50:36 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=5c447bca2bf6e666d34021640d7b243ac3fb459673a98b68a677147ef46aeaf9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:a6:3d:d8:4a:ae:d1:57:f5:68:a0:18:38:c8:
9d:0d:a2:a4:dd:5b:84:32:1b:14:ba:6b:8d:a6:99:
a2:fc:69:59:1d:86:e4:71:90:ec:e6:92:f3:3a:df:
da:27:04:e9:4a:df:93:e2:3d:61:9e:4b:3c:9f:7e:
5a:1a:c7:92:44:48:9a:ba:69:4d:e5:6c:51:81:be:
fa:d9:36:f3:9b:e7:76:3b:09:d8:71:7c:6f:df:60:
d0:77:8a:51:e0:c1:d1:04:09:f2:90:bb:f0:8e:76:
29:20:18:b9:0e:92:9a:79:ec:90:90:68:4b:1f:67:
c7:31:32:1d:1d:6b:6e:b8:68:d4:e0:10:57:3c:a8:
0c:d9:08:2f:d6:9b:41:6e:0b:68:6d:8b:e5:7c:cb:
0e:32:2a:53:ba:a4:fb:53:46:ce:df:bc:6f:8b:b8:
01:1a:14:13:27:43:d6:14:22:f6:bb:0c:b3:2b:8f:
fd:2e:7a:9b:81:9a:77:ac:fc:5f:08:0c:f8:21:05:
b8:eb:2c:5e:51:38:bd:56:56:ba:55:06:d5:a0:a1:
b5:6c:e5:d9:0d:60:df:ad:2d:9d:94:52:c1:9c:31:
73:21:ff:4d:93:fd:62:76:37:f2:78:4e:76:0f:8b:
5f:d1:2f:8e:d3:d9:08:91:ee:7f:31:df:e0:fd:3c:
59:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:53:B1:60:AB:3D:C2:3C:2E:48:88:34:6E:22:95:57:60:4D:9E:1C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7dcf014f-af88-4ab9-9976-746ed8dec1a6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038::/32
Signature Algorithm: sha256WithRSAEncryption
88:60:d5:9f:b7:89:7a:28:30:00:d6:66:b0:d4:b5:09:59:09:
94:d3:a4:0a:ed:6c:b2:d0:e2:fd:01:48:eb:6b:71:42:5a:ee:
78:37:7f:74:a3:5e:0d:66:bf:d7:39:ef:60:dc:0e:af:1f:16:
61:25:34:52:89:d8:44:8f:58:ad:18:3f:9c:9d:43:a7:b7:ad:
a7:16:ce:19:1a:4c:15:6e:52:14:f0:a9:ca:7a:4f:47:49:2b:
2c:69:1c:da:c2:c7:3d:3d:d1:01:c3:d5:9b:6a:0d:79:d3:b3:
80:cd:78:8a:18:ba:7c:a2:4e:c1:98:77:2e:bf:16:0a:e4:82:
3f:33:ea:23:5b:4a:12:b3:04:ba:96:69:20:e6:bb:e3:e3:23:
b1:cf:4e:53:62:82:b7:23:99:e8:39:eb:e9:26:55:6c:fb:51:
b5:ac:44:82:dd:40:92:62:5d:bb:ce:e6:14:8d:d4:42:b6:ef:
a9:81:96:22:ab:5f:91:74:23:4e:a6:3a:61:dc:1e:27:d4:4c:
28:78:0b:73:c7:ec:15:c5:29:a9:a5:6d:6f:e1:59:1c:ba:39:
09:55:be:38:cd:3e:8e:27:f9:08:f6:0b:d4:e2:82:d4:cc:d7:
d8:4c:d6:30:fb:a4:fb:fd:f7:d7:8e:e1:11:d8:38:14:b4:09:
e0:1f:98:31
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUAfW0lWRzR/xkVPnWTZNZxXQVS88wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDUwMzZaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDVjNDQ3YmNhMmJmNmU2NjZkMzQwMjE2NDBkN2IyNDNhYzNmYjQ1OTY3M2E5
OGI2OGE2NzcxNDdlZjQ2YWVhZjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMSmPdhKrtFX9WigGDjInQ2ipN1bhDIbFLprjaaZovxpWR2G5HGQ7OaS8zrf
2icE6Urfk+I9YZ5LPJ9+WhrHkkRImrppTeVsUYG++tk285vndjsJ2HF8b99g0HeK
UeDB0QQJ8pC78I52KSAYuQ6SmnnskJBoSx9nxzEyHR1rbrho1OAQVzyoDNkIL9ab
QW4LaG2L5XzLDjIqU7qk+1NGzt+8b4u4ARoUEydD1hQi9rsMsyuP/S56m4Gad6z8
XwgM+CEFuOssXlE4vVZWulUG1aChtWzl2Q1g360tnZRSwZwxcyH/TZP9YnY38nhO
dg+LX9EvjtPZCJHufzHf4P08WZECAwEAAaOCAiIwggIeMB0GA1UdDgQWBBRuU7Fg
qz3CPC5IiDRuIpVXYE2eHDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2RjZjAxNGYtYWY4OC00YWI5LTk5NzYtNzQ2ZWQ4ZGVjMWE2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0Dgw
DQYJKoZIhvcNAQELBQADggEBAIhg1Z+3iXooMADWZrDUtQlZCZTTpArtbLLQ4v0B
SOtrcUJa7ng3f3SjXg1mv9c572DcDq8fFmElNFKJ2ESPWK0YP5ydQ6e3racWzhka
TBVuUhTwqcp6T0dJKyxpHNrCxz090QHD1ZtqDXnTs4DNeIoYunyiTsGYdy6/Fgrk
gj8z6iNbShKzBLqWaSDmu+PjI7HPTlNigrcjmeg56+kmVWz7UbWsRILdQJJiXbvO
5hSN1EK276mBliKrX5F0I06mOmHcHifUTCh4C3PH7BXFKamlbW/hWRy6OQlVvjjN
Po4n+Qj2C9TigtTM19hM1jD7pPv999eO4RHYOBS0CeAfmDE=
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:44:38 2026 by rpki-client