Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/86da4413-78aa-4722-a1a2-1b8c81e93a74.roa
File: 86da4413-78aa-4722-a1a2-1b8c81e93a74.roa (raw, json)
Hash identifier: 6nye6nxz6y+DBYT8vF73JODiN1NmWGNPQlBfLuYb/B8=
Subject key identifier: F6:21:62:DB:C1:F5:43:5E:4F:28:9C:0F:8F:94:3F:09:B9:89:97:AE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 133DB055620BD8DF2DD921426D2602BBA006B4AF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/86da4413-78aa-4722-a1a2-1b8c81e93a74.roa
Signing time: Sun 31 May 2026 00:30:14 +0000
ROA not before: Sun 31 May 2026 00:30:14 +0000
ROA not after: Sat 29 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07d:10c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:3d:b0:55:62:0b:d8:df:2d:d9:21:42:6d:26:02:bb:a0:06:b4:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 31 00:30:14 2026 GMT
Not After : Aug 29 23:59:59 2026 GMT
Subject: serialNumber=ff4671ce688257c8188895ff43efa8ff68555449eb2b1da89fb29aeadc2ac919, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:29:4e:37:10:3f:7f:bc:d4:40:12:2c:be:23:
1a:ab:0e:24:3a:53:ae:86:20:da:ec:6a:4c:81:46:
ef:19:10:6a:79:a3:42:24:b0:b8:48:0a:a6:da:03:
13:0c:60:a9:ee:02:3d:19:e9:60:42:1a:76:ed:d6:
e2:11:46:b1:eb:b5:83:79:82:8c:8d:53:52:72:ca:
5b:4a:b2:cc:7c:1a:4a:04:1d:fb:6d:8b:ce:a4:c4:
d8:bc:c7:5a:1d:68:60:cc:e8:2e:b8:ce:e9:92:73:
f6:24:6f:8a:cd:a3:9d:3e:1b:f8:bc:e6:87:30:e2:
33:60:87:b1:7d:ef:8d:8f:c3:36:b6:25:8b:c7:a5:
cc:81:64:4d:97:ca:8a:49:75:b4:12:d1:e4:ef:0b:
89:ad:b6:db:a1:42:ca:59:83:f7:57:05:f3:60:3f:
07:7a:92:bf:39:ab:29:18:3e:26:cd:b9:b5:4c:33:
7c:88:e9:e7:14:05:b9:15:8d:b9:bb:e9:88:21:a1:
ca:98:56:ad:43:15:32:46:21:73:81:45:19:3f:c9:
76:f0:ba:94:92:33:d4:6a:a8:37:bb:57:a8:ef:1a:
46:66:7b:d3:12:05:09:cf:5e:cb:41:03:31:88:88:
78:c1:e7:8f:cc:8f:3b:05:8f:f8:16:7e:02:cc:9d:
97:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:21:62:DB:C1:F5:43:5E:4F:28:9C:0F:8F:94:3F:09:B9:89:97:AE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/86da4413-78aa-4722-a1a2-1b8c81e93a74.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07d:10c0::/48
Signature Algorithm: sha256WithRSAEncryption
95:07:9b:3c:8c:17:34:b2:db:43:91:77:d3:bb:50:f4:34:67:
f6:0f:31:32:1e:41:f5:38:3a:07:19:fc:a3:b2:a3:1b:98:4f:
dd:09:88:08:46:d4:84:38:2c:9a:c1:c1:96:da:ef:88:cb:11:
95:8c:f8:2c:b1:ba:c4:d2:ca:69:ca:f9:5d:4d:26:06:c5:8b:
9e:0b:9a:40:7d:18:a9:a7:27:42:45:99:b2:98:18:d9:0e:14:
c7:e2:98:77:21:cf:95:3e:27:59:d8:5a:38:73:d2:fe:98:2a:
64:81:c9:6f:fb:fb:8a:ea:ef:d0:9a:54:b8:f9:4d:34:4f:ec:
b9:b1:4e:65:eb:3e:2a:77:0c:ac:4e:66:61:e6:2d:88:d8:42:
a0:15:61:ec:64:d0:80:46:92:c4:7c:d0:aa:dc:09:35:f2:88:
99:81:16:a6:d1:64:98:05:f8:bd:e9:87:a8:60:cd:84:bd:87:
23:f1:0d:44:cc:16:44:25:47:13:cc:53:df:61:f2:ec:be:48:
07:af:5a:f1:15:90:b6:7a:6e:ea:aa:06:04:f3:b2:45:30:0c:
da:dc:44:42:66:de:27:90:ed:72:0c:28:a7:19:47:6b:74:f3:
c1:d4:0d:49:24:d5:90:7e:22:69:74:b2:7d:79:8b:ca:ff:56:
b0:08:97:22
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUEz2wVWIL2N8t2SFCbSYCu6AGtK8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MzEwMDMwMTRaFw0yNjA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGZmNDY3MWNlNjg4MjU3YzgxODg4OTVmZjQzZWZhOGZmNjg1NTU0NDllYjJi
MWRhODlmYjI5YWVhZGMyYWM5MTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOopTjcQP3+81EASLL4jGqsOJDpTroYg2uxqTIFG7xkQanmjQiSwuEgKptoD
Ewxgqe4CPRnpYEIadu3W4hFGseu1g3mCjI1TUnLKW0qyzHwaSgQd+22LzqTE2LzH
Wh1oYMzoLrjO6ZJz9iRvis2jnT4b+LzmhzDiM2CHsX3vjY/DNrYli8elzIFkTZfK
ikl1tBLR5O8Lia2226FCylmD91cF82A/B3qSvzmrKRg+Js25tUwzfIjp5xQFuRWN
ubvpiCGhyphWrUMVMkYhc4FFGT/JdvC6lJIz1GqoN7tXqO8aRmZ70xIFCc9ey0ED
MYiIeMHnj8yPOwWP+BZ+Asydl40CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT2IWLb
wfVDXk8onA+PlD8JuYmXrjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODZkYTQ0MTMtNzhhYS00NzIyLWExYTItMWI4YzgxZTkzYTc0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H0Q
wDANBgkqhkiG9w0BAQsFAAOCAQEAlQebPIwXNLLbQ5F307tQ9DRn9g8xMh5B9Tg6
Bxn8o7KjG5hP3QmICEbUhDgsmsHBltrviMsRlYz4LLG6xNLKacr5XU0mBsWLngua
QH0YqacnQkWZspgY2Q4Ux+KYdyHPlT4nWdhaOHPS/pgqZIHJb/v7iurv0JpUuPlN
NE/subFOZes+KncMrE5mYeYtiNhCoBVh7GTQgEaSxHzQqtwJNfKImYEWptFkmAX4
vemHqGDNhL2HI/ENRMwWRCVHE8xT32Hy7L5IB69a8RWQtnpu6qoGBPOyRTAM2txE
QmbeJ5DtcgwopxlHa3TzwdQNSSTVkH4iaXSyfXmLyv9WsAiXIg==
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:46:20 2026 by rpki-client