Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/94b69c02-a117-42df-89a0-b463fa809f2d.roa
File: 94b69c02-a117-42df-89a0-b463fa809f2d.roa (raw, json)
Hash identifier: xyAypzOVTaNWlycHlCdiygCbtib9FC9FFU4E1yc/zQc=
Subject key identifier: 3B:F9:DA:D4:56:46:46:AB:CF:0F:FE:DD:EC:9C:D3:79:FC:88:F5:85
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3C20FA35CE426EFC2ACB0EC3A0BCA32ADF039A87
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/94b69c02-a117-42df-89a0-b463fa809f2d.roa
Signing time: Tue 19 May 2026 05:21:01 +0000
ROA not before: Tue 19 May 2026 05:21:01 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:2000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:20:fa:35:ce:42:6e:fc:2a:cb:0e:c3:a0:bc:a3:2a:df:03:9a:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:21:01 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=8d17a77da10d4c3707b536fd061dcecc0820db894b1354032f87806c8d399b88, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:dc:74:21:49:12:d1:dd:53:98:be:55:ac:71:
f2:40:79:b1:28:f5:d1:ba:00:dd:3a:92:d3:64:0c:
d6:06:69:71:7a:22:b2:78:ed:38:fe:d7:66:7e:84:
25:c6:19:42:cf:d2:d7:9b:66:29:5b:fe:fe:e0:74:
ff:84:92:50:06:74:9d:ed:6f:d4:7d:4b:d0:58:f5:
f5:d4:65:32:7c:e1:74:08:2a:f9:46:5a:6b:d8:ab:
e5:95:a6:f3:58:89:b9:36:d5:de:ef:5a:e8:b5:0e:
59:8e:d0:12:84:3f:b0:27:87:8b:9b:93:f2:64:52:
82:0b:4f:df:29:32:30:86:c8:1b:33:b0:7f:19:46:
f7:4b:0d:38:ec:68:d4:9d:b9:30:4c:4c:49:4d:dd:
a0:eb:07:69:7c:fb:b3:a6:bf:a8:22:95:10:d6:d5:
35:01:da:d8:fd:e5:ed:e7:a0:30:35:a0:28:29:ff:
cf:f5:27:e7:83:c3:76:fb:85:15:95:2a:95:93:96:
f6:38:2d:7a:68:b2:5c:a8:09:07:76:6a:e0:a9:2f:
ef:df:c0:6d:8f:88:be:fc:a6:d1:41:f9:5b:a4:67:
68:08:3e:19:8d:89:66:a5:0d:70:44:5f:7c:13:ef:
30:b1:9f:59:40:2d:0a:10:af:91:b6:e8:41:7e:6c:
c8:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:F9:DA:D4:56:46:46:AB:CF:0F:FE:DD:EC:9C:D3:79:FC:88:F5:85
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/94b69c02-a117-42df-89a0-b463fa809f2d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:2000::/40
Signature Algorithm: sha256WithRSAEncryption
b5:cf:f2:c3:1f:ef:00:b6:d0:46:15:78:6d:64:c8:ce:23:55:
aa:2f:01:49:d4:9b:96:f0:5f:40:9c:d3:c7:a3:5f:9a:cc:4e:
88:3f:21:df:41:ad:9e:c2:20:b7:1e:96:e8:e4:a4:6c:1d:59:
c3:43:6d:40:f3:e8:14:a2:da:8d:04:83:3a:10:3f:a2:52:8e:
fd:73:f4:87:eb:03:cf:e9:c2:7a:ef:2d:0c:a6:24:16:77:7e:
16:29:71:7d:42:bc:bd:d0:2b:d7:1c:be:ac:72:94:f6:13:cf:
dc:51:2b:db:fb:86:77:94:8e:3b:4c:b9:68:79:37:44:b9:f8:
9b:b5:bf:22:fc:a9:1b:24:dc:41:b7:de:18:5b:73:1c:83:bf:
01:92:8d:87:d0:7c:3a:3f:27:c8:07:d0:9f:d2:72:29:cc:a1:
59:bc:17:6e:aa:99:94:73:93:9b:a7:86:a0:e6:57:79:d9:38:
cf:d1:a8:41:f7:f0:ea:72:2c:9e:66:78:f8:ee:9e:5c:8e:79:
e6:14:35:0c:e5:8e:71:bd:3c:4d:5b:e8:b8:01:48:68:fc:c6:
22:26:09:15:fe:d9:ec:0c:fc:07:f2:92:c0:00:b3:0b:4c:98:
5d:6a:dc:78:50:63:5e:b9:24:ae:ab:de:b0:81:1c:c0:fa:41:
b7:2a:ab:74
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUPCD6Nc5Cbvwqyw7DoLyjKt8DmocwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTIxMDFaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDhkMTdhNzdkYTEwZDRjMzcwN2I1MzZmZDA2MWRjZWNjMDgyMGRiODk0YjEz
NTQwMzJmODc4MDZjOGQzOTliODgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO7cdCFJEtHdU5i+Vaxx8kB5sSj10boA3TqS02QM1gZpcXoisnjtOP7XZn6E
JcYZQs/S15tmKVv+/uB0/4SSUAZ0ne1v1H1L0Fj19dRlMnzhdAgq+UZaa9ir5ZWm
81iJuTbV3u9a6LUOWY7QEoQ/sCeHi5uT8mRSggtP3ykyMIbIGzOwfxlG90sNOOxo
1J25MExMSU3doOsHaXz7s6a/qCKVENbVNQHa2P3l7eegMDWgKCn/z/Un54PDdvuF
FZUqlZOW9jgtemiyXKgJB3Zq4Kkv79/AbY+Ivvym0UH5W6RnaAg+GY2JZqUNcERf
fBPvMLGfWUAtChCvkbboQX5syAsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ7+drU
VkZGq88P/t3snNN5/Ij1hTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTRiNjljMDItYTExNy00MmRmLTg5YTAtYjQ2M2ZhODA5ZjJkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DYg
MA0GCSqGSIb3DQEBCwUAA4IBAQC1z/LDH+8AttBGFXhtZMjOI1WqLwFJ1JuW8F9A
nNPHo1+azE6IPyHfQa2ewiC3Hpbo5KRsHVnDQ21A8+gUotqNBIM6ED+iUo79c/SH
6wPP6cJ67y0MpiQWd34WKXF9Qry90CvXHL6scpT2E8/cUSvb+4Z3lI47TLloeTdE
ufibtb8i/KkbJNxBt94YW3Mcg78Bko2H0Hw6PyfIB9Cf0nIpzKFZvBduqpmUc5Ob
p4ag5ld52TjP0ahB9/DqciyeZnj47p5cjnnmFDUM5Y5xvTxNW+i4AUho/MYiJgkV
/tnsDPwH8pLAALMLTJhdatx4UGNeuSSuq96wgRzA+kG3Kqt0
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:44:54 2026 by rpki-client