Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/819bfec2-19de-4cdb-ba40-657fff6a743e.roa
File: 819bfec2-19de-4cdb-ba40-657fff6a743e.roa (raw, json)
Hash identifier: tzl2F7qQEgRXeASP6T1pdJLn/xt3OdLZqMNC2vheSQc=
Subject key identifier: 5B:9E:73:68:47:D9:EB:C0:C5:47:EB:FC:25:3F:05:7A:F6:84:6D:FC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 247A716698B94C539BC2DA740162D7414EF0D657
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/819bfec2-19de-4cdb-ba40-657fff6a743e.roa
Signing time: Tue 19 May 2026 04:41:00 +0000
ROA not before: Tue 19 May 2026 04:41:00 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:9000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:7a:71:66:98:b9:4c:53:9b:c2:da:74:01:62:d7:41:4e:f0:d6:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:41:00 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=42417ed6db27e51f53f5462963088d662c31ee70e648daed5a9e9f2f3802ab6a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:8b:27:35:63:82:9f:f6:7f:46:8d:0f:8a:f1:
37:f2:ce:76:f5:6f:00:cf:64:af:06:aa:48:68:86:
ad:b6:41:be:6f:86:ed:6c:5b:b0:c9:2a:d1:d7:7e:
bd:de:24:e0:2f:ea:58:16:e6:83:5a:7b:cb:dc:ea:
b1:a0:67:d9:33:42:55:5d:02:32:4e:19:9a:cf:c0:
03:8f:ad:f1:30:97:74:9c:d8:8a:92:57:27:bf:47:
bc:ee:e6:45:c7:43:c4:6e:1a:a1:fb:0e:67:01:40:
54:56:b0:4e:d0:f3:05:d3:dc:66:13:22:93:58:2b:
56:69:91:a4:5d:67:fc:65:d1:71:75:e0:dd:c4:d4:
8d:12:3a:b7:56:50:6b:de:42:1c:21:19:a4:a3:0c:
fb:23:2d:7c:e4:ef:32:4c:15:00:21:8f:a3:2f:ab:
69:b9:ec:fb:42:4f:a5:0d:79:9a:85:85:4f:71:25:
b1:f4:40:12:ea:a6:d4:7a:38:91:41:41:d6:b6:d2:
55:b9:83:ae:70:da:a2:52:9a:24:4d:b7:61:65:75:
57:b3:d9:fd:28:6a:f3:bb:a7:6f:9d:9c:8c:a6:59:
2f:a6:a8:41:c2:0c:ef:10:19:39:b4:13:32:33:1c:
31:b9:bf:5f:fb:bc:1e:f6:4d:77:8c:ab:1c:4d:4a:
ec:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:9E:73:68:47:D9:EB:C0:C5:47:EB:FC:25:3F:05:7A:F6:84:6D:FC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/819bfec2-19de-4cdb-ba40-657fff6a743e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:9000::/40
Signature Algorithm: sha256WithRSAEncryption
2c:7c:cf:e8:d0:97:e5:28:ac:6b:2e:da:db:f1:f1:3b:be:03:
ac:4f:d3:e8:d8:4d:a7:28:65:18:c2:d4:74:c4:8c:5f:1a:83:
a2:20:32:5d:74:4b:f1:5a:b4:6a:33:ed:1d:d3:18:76:6c:50:
26:af:fd:7c:5e:9f:64:a8:e9:d4:e9:f0:9b:78:16:52:a6:da:
74:d7:64:99:74:f1:5d:72:6f:02:fa:92:f0:1e:e0:29:f6:14:
35:8f:7a:d2:8d:7d:d5:56:34:7d:47:24:fb:67:c4:99:d6:82:
35:33:b3:49:9c:9a:21:90:bd:ce:70:bd:0b:82:30:a0:e3:19:
1a:57:c3:a9:8a:73:9a:97:53:e6:15:a2:30:f6:a9:d2:c4:3f:
c6:bb:6e:36:ba:2d:f9:ab:a7:b8:b3:36:97:3a:08:9f:d6:17:
a1:7d:b4:7b:4f:26:10:0a:1a:e6:77:ca:ac:e3:70:85:dd:de:
31:cc:32:9d:33:16:0f:cb:4f:06:ef:b0:50:85:54:0a:b3:4c:
2c:61:29:68:6f:b4:83:5a:be:26:69:99:cc:21:d8:7f:e9:fe:
1e:6f:87:b3:81:90:f7:4c:6f:c9:4e:d8:e9:50:54:47:99:26:
88:53:05:f5:77:c4:e0:3b:76:30:de:f7:30:24:93:71:cd:20:
63:9f:0e:33
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJHpxZpi5TFObwtp0AWLXQU7w1lcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDQxMDBaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDQyNDE3ZWQ2ZGIyN2U1MWY1M2Y1NDYyOTYzMDg4ZDY2MmMzMWVlNzBlNjQ4
ZGFlZDVhOWU5ZjJmMzgwMmFiNmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMKLJzVjgp/2f0aND4rxN/LOdvVvAM9krwaqSGiGrbZBvm+G7WxbsMkq0dd+
vd4k4C/qWBbmg1p7y9zqsaBn2TNCVV0CMk4Zms/AA4+t8TCXdJzYipJXJ79HvO7m
RcdDxG4aofsOZwFAVFawTtDzBdPcZhMik1grVmmRpF1n/GXRcXXg3cTUjRI6t1ZQ
a95CHCEZpKMM+yMtfOTvMkwVACGPoy+rabns+0JPpQ15moWFT3ElsfRAEuqm1Ho4
kUFB1rbSVbmDrnDaolKaJE23YWV1V7PZ/Shq87unb52cjKZZL6aoQcIM7xAZObQT
MjMcMbm/X/u8HvZNd4yrHE1K7G8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRbnnNo
R9nrwMVH6/wlPwV69oRt/DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODE5YmZlYzItMTlkZS00Y2RiLWJhNDAtNjU3ZmZmNmE3NDNlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H+Q
MA0GCSqGSIb3DQEBCwUAA4IBAQAsfM/o0JflKKxrLtrb8fE7vgOsT9Po2E2nKGUY
wtR0xIxfGoOiIDJddEvxWrRqM+0d0xh2bFAmr/18Xp9kqOnU6fCbeBZSptp012SZ
dPFdcm8C+pLwHuAp9hQ1j3rSjX3VVjR9RyT7Z8SZ1oI1M7NJnJohkL3OcL0LgjCg
4xkaV8OpinOal1PmFaIw9qnSxD/Gu242ui35q6e4szaXOgif1hehfbR7TyYQChrm
d8qs43CF3d4xzDKdMxYPy08G77BQhVQKs0wsYSlob7SDWr4maZnMIdh/6f4eb4ez
gZD3TG/JTtjpUFRHmSaIUwX1d8TgO3Yw3vcwJJNxzSBjnw4z
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:44:59 2026 by rpki-client