Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7df76649-dcc0-4f8c-be6b-13fca27ec4f2.roa
File: 7df76649-dcc0-4f8c-be6b-13fca27ec4f2.roa (raw, json)
Hash identifier: bDDfPUSuIp/OMDtFDe5CHAisiQVDieKrb2kRvJe4N4Y=
Subject key identifier: 65:FC:9A:B8:CB:8D:E0:91:AD:7B:CC:18:5A:E7:D8:2E:2D:40:57:84
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 23CE599E946FE1173A7B9EC8C586FA2522C5A957
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7df76649-dcc0-4f8c-be6b-13fca27ec4f2.roa
Signing time: Tue 19 May 2026 05:40:50 +0000
ROA not before: Tue 19 May 2026 05:40:50 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d012::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:ce:59:9e:94:6f:e1:17:3a:7b:9e:c8:c5:86:fa:25:22:c5:a9:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:40:50 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=8f3db416b81a69256441adc170e16725d6f67256b271db41371c731c5b393db5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:9c:73:81:04:c7:14:e4:46:cb:5d:03:72:57:
68:c7:89:3c:fa:ec:0c:3c:ad:f0:f4:f1:50:11:8f:
aa:16:b8:13:cf:92:49:6a:93:99:c3:45:ba:73:9c:
e2:e8:4b:6e:01:84:f3:68:96:17:06:d6:f3:56:22:
4e:c6:c7:72:34:89:b7:93:89:a3:84:56:6f:27:09:
38:87:bf:2c:91:3d:85:81:45:c8:f2:a3:b7:6b:76:
fb:99:d8:60:1d:93:25:77:a9:aa:ca:e0:2e:d0:1e:
79:6f:71:2c:c5:d1:46:92:31:b3:66:69:9a:ca:e3:
d7:43:af:6d:f0:3a:6e:de:a5:0e:9f:e1:24:53:34:
5d:e2:8f:f3:36:59:d7:79:10:00:ee:a9:b1:24:d6:
7f:df:43:fc:2e:74:79:58:86:9a:3b:ca:fd:8d:7c:
2e:a2:14:3b:b8:34:3b:4e:48:71:65:12:cb:ab:1c:
49:ea:ed:df:8f:e6:d7:4e:bb:82:a3:e9:64:9b:f2:
50:16:af:3a:52:03:ac:2f:80:2a:dd:b1:97:15:6a:
46:ca:35:dc:a1:69:61:78:82:83:cc:93:63:03:e8:
10:1a:cb:43:0b:3f:38:72:fb:92:2b:69:ac:88:b4:
99:fe:68:14:04:cf:d3:97:cf:2c:6a:40:5a:04:bd:
1f:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:FC:9A:B8:CB:8D:E0:91:AD:7B:CC:18:5A:E7:D8:2E:2D:40:57:84
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7df76649-dcc0-4f8c-be6b-13fca27ec4f2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d012::/36
Signature Algorithm: sha256WithRSAEncryption
0e:6c:ff:ac:10:68:e9:74:4e:c2:c1:b5:bc:b8:05:64:e0:10:
fd:88:e2:c8:78:e3:08:2e:6f:27:7e:77:e4:b4:70:dc:78:85:
ca:a5:e8:af:f6:18:b6:17:8c:28:d2:d5:09:2a:16:4e:cf:a5:
05:2e:20:14:c2:8f:e7:41:36:6d:65:7f:e4:85:8e:19:2d:03:
88:a7:53:4f:d5:48:0a:da:a6:14:91:dd:dd:e3:79:de:5e:9f:
ef:3a:cd:60:f9:a6:4c:42:9f:4d:94:76:bb:87:cc:1d:ef:48:
b9:9d:3c:fe:3c:7c:35:d6:ab:81:fb:67:84:70:cd:69:e7:a4:
a1:fd:4e:76:91:a5:66:c0:0f:9c:60:9a:0d:be:ac:86:33:c4:
b8:4c:f3:9b:fe:91:7d:55:a0:96:c4:d8:bc:1e:4e:a7:88:94:
3f:f3:2a:16:17:6c:00:a3:bb:9d:ae:bc:7e:a9:b5:ff:86:cc:
5e:36:4f:b6:43:e1:98:82:a3:a5:c1:35:49:d0:80:09:09:80:
2d:4e:d4:9d:b5:90:b5:7f:db:30:ff:28:3d:28:49:03:1d:85:
a8:c2:8f:5d:af:30:2d:9e:25:c2:c2:91:2e:93:67:19:e0:a9:
12:4a:b6:cf:dd:f0:db:58:ac:fb:15:8a:7e:96:16:ae:d9:b7:
f0:4e:15:f4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUI85ZnpRv4Rc6e57IxYb6JSLFqVcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTQwNTBaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDhmM2RiNDE2YjgxYTY5MjU2NDQxYWRjMTcwZTE2NzI1ZDZmNjcyNTZiMjcx
ZGI0MTM3MWM3MzFjNWIzOTNkYjUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOacc4EExxTkRstdA3JXaMeJPPrsDDyt8PTxUBGPqha4E8+SSWqTmcNFunOc
4uhLbgGE82iWFwbW81YiTsbHcjSJt5OJo4RWbycJOIe/LJE9hYFFyPKjt2t2+5nY
YB2TJXepqsrgLtAeeW9xLMXRRpIxs2Zpmsrj10OvbfA6bt6lDp/hJFM0XeKP8zZZ
13kQAO6psSTWf99D/C50eViGmjvK/Y18LqIUO7g0O05IcWUSy6scSert34/m1067
gqPpZJvyUBavOlIDrC+AKt2xlxVqRso13KFpYXiCg8yTYwPoEBrLQws/OHL7kitp
rIi0mf5oFATP05fPLGpAWgS9H1ECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRl/Jq4
y43gka17zBha59guLUBXhDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2RmNzY2NDktZGNjMC00ZjhjLWJlNmItMTNmY2EyN2VjNGYyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BIA
MA0GCSqGSIb3DQEBCwUAA4IBAQAObP+sEGjpdE7CwbW8uAVk4BD9iOLIeOMILm8n
fnfktHDceIXKpeiv9hi2F4wo0tUJKhZOz6UFLiAUwo/nQTZtZX/khY4ZLQOIp1NP
1UgK2qYUkd3d43neXp/vOs1g+aZMQp9NlHa7h8wd70i5nTz+PHw11quB+2eEcM1p
56Sh/U52kaVmwA+cYJoNvqyGM8S4TPOb/pF9VaCWxNi8Hk6niJQ/8yoWF2wAo7ud
rrx+qbX/hsxeNk+2Q+GYgqOlwTVJ0IAJCYAtTtSdtZC1f9sw/yg9KEkDHYWowo9d
rzAtniXCwpEuk2cZ4KkSSrbP3fDbWKz7FYp+lhau2bfwThX0
-----END CERTIFICATE-----
Generated at Sat Jun 13 07:59:01 2026 by rpki-client