Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7fd7a5ed-37e9-48af-965f-a4b6d6af2b98.roa
File: 7fd7a5ed-37e9-48af-965f-a4b6d6af2b98.roa (raw, json)
Hash identifier: qizi9W/9YrL3uTKSlV4SLTP66cGSvrqjSk+6l6QQdx4=
Subject key identifier: EA:B4:DB:45:92:AE:C3:98:AD:68:6C:AC:60:EA:59:FF:60:1C:39:CD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 30E627962078752FE3FF46FF8DA49BB2DEDC2BC7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7fd7a5ed-37e9-48af-965f-a4b6d6af2b98.roa
Signing time: Sat 16 May 2026 00:40:08 +0000
ROA not before: Sat 16 May 2026 00:40:08 +0000
ROA not after: Fri 14 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06c:6000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:e6:27:96:20:78:75:2f:e3:ff:46:ff:8d:a4:9b:b2:de:dc:2b:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 16 00:40:08 2026 GMT
Not After : Aug 14 23:59:59 2026 GMT
Subject: serialNumber=78b80213696a9505e2eb97b1bf1a98338d912b5be9ab84570c24e52e7bf0139d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:0e:a8:96:5c:e8:ac:b8:ad:be:87:08:2a:43:
1e:1d:8c:83:ea:8c:c5:18:55:fc:33:40:9e:63:68:
df:c8:e4:70:7e:8e:36:f4:7e:ea:fe:d3:3e:53:88:
5f:42:48:22:b9:8a:f4:83:fe:3c:70:73:31:7b:03:
9d:02:8d:ae:2d:ac:60:ff:b9:d5:cc:a3:4c:2a:06:
81:63:cc:a3:13:22:6a:cd:d2:30:fc:89:cd:28:82:
44:2a:09:af:55:f0:7b:0c:35:0b:be:b5:47:a1:ed:
9a:e2:36:05:70:18:b7:04:94:de:f8:47:bf:66:b2:
00:3c:3a:06:76:3d:18:5e:d5:af:8b:99:2a:53:11:
8d:3f:d0:03:e6:27:ec:5f:8a:03:4c:b3:80:d2:c4:
b9:84:07:6c:51:0a:20:a2:f6:71:54:e3:70:16:1f:
78:32:d5:e0:dc:c1:34:54:35:20:ba:29:39:6d:2f:
80:7c:6c:18:6b:7d:90:59:22:23:6e:15:c7:ba:8d:
b1:d2:f6:6c:bf:6a:ca:f5:1e:c2:db:19:b0:76:e2:
f0:d7:f1:77:84:2f:c3:91:04:35:f4:68:2f:a7:a8:
50:94:75:1f:43:67:ac:c1:24:9d:16:e4:3a:99:34:
bb:17:60:1a:a4:3c:9b:b6:1f:6c:78:7e:b3:00:d6:
42:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:B4:DB:45:92:AE:C3:98:AD:68:6C:AC:60:EA:59:FF:60:1C:39:CD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7fd7a5ed-37e9-48af-965f-a4b6d6af2b98.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06c:6000::/48
Signature Algorithm: sha256WithRSAEncryption
5b:ce:18:d4:7e:fc:3e:02:03:d5:87:87:81:30:fb:be:f5:f3:
cc:43:3c:a8:f0:b6:11:8d:96:33:c8:e8:79:c6:e8:44:16:ad:
d2:bb:e4:88:50:5b:b7:88:ac:4a:5d:29:61:92:21:5f:97:42:
37:df:ee:a0:4f:7d:7e:51:1c:ed:d1:e7:49:9a:1e:86:77:a7:
f9:31:19:9f:01:c5:98:ea:2e:75:88:1f:7f:55:68:06:9d:6c:
c6:46:40:c7:da:1f:0b:2f:66:c7:e5:32:f3:7e:3d:e3:9c:89:
82:21:bf:78:69:cc:64:33:86:61:6d:65:42:91:4d:14:d8:ed:
5f:9b:12:48:e4:cb:ed:57:82:c9:49:dd:b0:9e:2a:98:8e:bc:
f1:6e:e8:45:52:fe:b2:86:8b:ec:f1:23:14:4e:62:21:e5:de:
ff:e7:25:c6:1d:8e:1e:07:aa:cc:a0:b0:b9:20:d0:12:a3:44:
73:d3:d5:3a:68:34:6a:71:e7:47:76:6d:d8:ec:fd:21:de:1e:
c6:8f:96:a8:bf:d3:51:ea:1d:41:ab:ca:d6:15:4d:d3:7c:b0:
c8:51:06:77:9f:98:38:b5:8a:15:52:5a:20:c7:d8:3e:95:cc:
cc:5f:f1:f0:02:46:a4:ea:db:b7:8b:66:1d:26:c5:4f:5a:70:
00:b9:37:14
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUMOYnliB4dS/j/0b/jaSbst7cK8cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTYwMDQwMDhaFw0yNjA4MTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDc4YjgwMjEzNjk2YTk1MDVlMmViOTdiMWJmMWE5ODMzOGQ5MTJiNWJlOWFi
ODQ1NzBjMjRlNTJlN2JmMDEzOWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALcOqJZc6Ky4rb6HCCpDHh2Mg+qMxRhV/DNAnmNo38jkcH6ONvR+6v7TPlOI
X0JIIrmK9IP+PHBzMXsDnQKNri2sYP+51cyjTCoGgWPMoxMias3SMPyJzSiCRCoJ
r1Xweww1C761R6HtmuI2BXAYtwSU3vhHv2ayADw6BnY9GF7Vr4uZKlMRjT/QA+Yn
7F+KA0yzgNLEuYQHbFEKIKL2cVTjcBYfeDLV4NzBNFQ1ILopOW0vgHxsGGt9kFki
I24Vx7qNsdL2bL9qyvUewtsZsHbi8Nfxd4Qvw5EENfRoL6eoUJR1H0NnrMEknRbk
Opk0uxdgGqQ8m7YfbHh+swDWQukCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTqtNtF
kq7DmK1obKxg6ln/YBw5zTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2ZkN2E1ZWQtMzdlOS00OGFmLTk2NWYtYTRiNmQ2YWYyYjk4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0Gxg
ADANBgkqhkiG9w0BAQsFAAOCAQEAW84Y1H78PgID1YeHgTD7vvXzzEM8qPC2EY2W
M8joecboRBat0rvkiFBbt4isSl0pYZIhX5dCN9/uoE99flEc7dHnSZoehnen+TEZ
nwHFmOoudYgff1VoBp1sxkZAx9ofCy9mx+Uy834945yJgiG/eGnMZDOGYW1lQpFN
FNjtX5sSSOTL7VeCyUndsJ4qmI688W7oRVL+soaL7PEjFE5iIeXe/+clxh2OHgeq
zKCwuSDQEqNEc9PVOmg0anHnR3Zt2Oz9Id4exo+WqL/TUeodQavK1hVN03ywyFEG
d5+YOLWKFVJaIMfYPpXMzF/x8AJGpOrbt4tmHSbFT1pwALk3FA==
-----END CERTIFICATE-----
Generated at Sat Jun 13 12:42:37 2026 by rpki-client