Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7fc80124-256d-4d3d-bffc-2fe5d82c477f.roa
File: 7fc80124-256d-4d3d-bffc-2fe5d82c477f.roa (raw, json)
Hash identifier: eag7DEqo0UCz0RSK3w6n68uEVndFU0zwHfMx13UbMMc=
Subject key identifier: 9F:B2:1D:46:92:67:00:23:2D:2E:87:56:1A:C1:35:04:56:77:8F:8E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 427B5E5DB720AA6629DA537C42402BB8E5DE5B13
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7fc80124-256d-4d3d-bffc-2fe5d82c477f.roa
Signing time: Fri 15 May 2026 02:20:07 +0000
ROA not before: Fri 15 May 2026 02:20:07 +0000
ROA not after: Thu 13 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:4000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:7b:5e:5d:b7:20:aa:66:29:da:53:7c:42:40:2b:b8:e5:de:5b:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 15 02:20:07 2026 GMT
Not After : Aug 13 23:59:59 2026 GMT
Subject: serialNumber=d639db06aab91851c84b72842c2d76341eb134427bd81a89bf1098e742555544, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:15:88:d5:5c:fe:f3:97:c0:5f:e4:2b:7d:37:
3d:24:90:c1:eb:8a:bd:10:7b:6e:8f:a7:51:84:03:
31:17:02:4b:04:ba:b8:89:d0:55:c1:a7:1a:ae:0b:
6b:b0:b8:cc:ad:d9:6d:98:89:c4:46:ad:89:eb:7c:
85:35:68:2e:20:5e:c6:da:c4:b1:0c:00:86:93:b0:
eb:5c:16:15:37:8d:3b:a6:3a:17:17:f1:87:e2:5d:
65:e4:77:df:ed:b4:5b:ef:94:df:23:e0:69:de:ec:
8d:72:ef:e7:a4:ee:d1:26:0f:cf:c1:d3:89:79:fa:
a4:5c:7c:ee:e2:ab:b4:37:81:24:79:b0:cd:2b:56:
e0:bd:0e:96:77:31:c0:08:e6:7d:20:3d:c9:7c:2f:
4a:c6:7f:5e:5e:92:d6:ba:65:99:d4:a4:d7:38:fe:
b0:fe:69:bf:e3:05:ba:60:0d:5c:75:c8:d5:f5:a6:
b5:ac:cd:e2:42:ce:af:96:08:c9:70:33:16:1f:e8:
44:fe:05:66:f3:b3:6f:14:cf:e4:5e:4e:ef:0d:02:
bf:b5:54:e9:13:8c:fb:34:18:a1:78:c9:d9:90:00:
36:4e:08:66:7c:ec:4a:18:dd:88:d1:9f:35:cd:48:
ef:24:74:fe:a6:4b:03:89:84:ef:0d:fd:6c:36:08:
e2:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:B2:1D:46:92:67:00:23:2D:2E:87:56:1A:C1:35:04:56:77:8F:8E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7fc80124-256d-4d3d-bffc-2fe5d82c477f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:4000::/40
Signature Algorithm: sha256WithRSAEncryption
b2:5a:da:3d:88:86:0d:68:12:3c:c6:15:94:fa:83:0f:7c:d0:
94:2a:54:b1:13:d2:48:98:78:64:2e:74:d5:f9:33:d5:7b:c8:
0d:a8:81:bd:a6:06:7b:16:6c:72:2f:63:08:42:a8:c1:13:e9:
e8:74:f8:89:87:a0:3a:28:c8:da:5c:35:3e:2d:05:99:ad:8e:
16:a3:04:f4:0a:52:0b:fb:b3:4b:bf:3c:dd:fc:13:b4:bb:fa:
a5:0c:85:1d:cb:91:82:c9:a1:57:74:42:60:d2:43:5a:b8:8d:
b6:62:b6:ab:a3:59:59:69:18:4c:44:66:10:33:8f:80:62:eb:
c6:e4:71:74:5e:02:e8:25:95:c9:21:20:3a:c2:3c:50:ef:c8:
ce:57:61:28:eb:78:1c:dd:5b:f3:11:cd:86:7d:bf:8e:56:05:
bc:cd:3b:a8:28:d3:3f:9e:83:2f:81:75:62:f0:16:f5:77:02:
f8:b1:2d:2a:05:0a:71:29:fe:59:39:fe:60:ac:18:c1:68:94:
97:91:58:f4:48:f0:9a:1e:33:47:03:c8:fa:87:d7:aa:6b:1b:
55:81:85:16:b9:1f:b6:cd:92:ff:48:66:a7:3a:c9:e0:5c:a5:
7e:67:93:71:bd:91:ee:71:98:48:28:36:ef:8f:6f:8d:11:64:
ec:a3:60:2b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQnteXbcgqmYp2lN8QkAruOXeWxMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTUwMjIwMDdaFw0yNjA4MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ2MzlkYjA2YWFiOTE4NTFjODRiNzI4NDJjMmQ3NjM0MWViMTM0NDI3YmQ4
MWE4OWJmMTA5OGU3NDI1NTU1NDQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM8ViNVc/vOXwF/kK303PSSQweuKvRB7bo+nUYQDMRcCSwS6uInQVcGnGq4L
a7C4zK3ZbZiJxEatiet8hTVoLiBextrEsQwAhpOw61wWFTeNO6Y6Fxfxh+JdZeR3
3+20W++U3yPgad7sjXLv56Tu0SYPz8HTiXn6pFx87uKrtDeBJHmwzStW4L0Olncx
wAjmfSA9yXwvSsZ/Xl6S1rplmdSk1zj+sP5pv+MFumANXHXI1fWmtazN4kLOr5YI
yXAzFh/oRP4FZvOzbxTP5F5O7w0Cv7VU6ROM+zQYoXjJ2ZAANk4IZnzsShjdiNGf
Nc1I7yR0/qZLA4mE7w39bDYI4sMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSfsh1G
kmcAIy0uh1YawTUEVnePjjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2ZjODAxMjQtMjU2ZC00ZDNkLWJmZmMtMmZlNWQ4MmM0NzdmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DVA
MA0GCSqGSIb3DQEBCwUAA4IBAQCyWto9iIYNaBI8xhWU+oMPfNCUKlSxE9JImHhk
LnTV+TPVe8gNqIG9pgZ7FmxyL2MIQqjBE+nodPiJh6A6KMjaXDU+LQWZrY4WowT0
ClIL+7NLvzzd/BO0u/qlDIUdy5GCyaFXdEJg0kNauI22Yraro1lZaRhMRGYQM4+A
YuvG5HF0XgLoJZXJISA6wjxQ78jOV2Eo63gc3VvzEc2Gfb+OVgW8zTuoKNM/noMv
gXVi8Bb1dwL4sS0qBQpxKf5ZOf5grBjBaJSXkVj0SPCaHjNHA8j6h9eqaxtVgYUW
uR+2zZL/SGanOsngXKV+Z5NxvZHucZhIKDbvj2+NEWTso2Ar
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:45:00 2026 by rpki-client