Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/96632b04-b91d-4e29-8e82-14fddf17bed9.roa
File: 96632b04-b91d-4e29-8e82-14fddf17bed9.roa (raw, json)
Hash identifier: eKgEqZpIvCwudGmpUmSFtFcRw1uIEzEU9sZZhKiBYbU=
Subject key identifier: DF:3A:D3:2A:0D:A3:60:D6:76:4D:90:EA:95:AD:DE:67:F1:85:DC:CA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 70EF3D63CFE60E0E571177B42AB86F8D88FE3D11
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/96632b04-b91d-4e29-8e82-14fddf17bed9.roa
Signing time: Tue 19 May 2026 05:30:47 +0000
ROA not before: Tue 19 May 2026 05:30:47 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:8060::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:ef:3d:63:cf:e6:0e:0e:57:11:77:b4:2a:b8:6f:8d:88:fe:3d:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:30:47 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=4e20ca626afc18e20bd1ea175f8491e680884f9b0742dc8feca719e5bc353a3c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:da:c1:4c:b6:52:ff:55:4b:41:eb:a8:05:3b:
35:ba:fe:5e:b1:bf:27:6c:8e:39:75:dc:c4:34:39:
ea:db:b2:c0:9b:42:3e:98:2a:39:97:7e:65:11:c2:
c2:c5:16:9f:37:d3:eb:24:46:e9:cc:d9:0b:32:51:
e2:5b:a9:f1:0a:8c:14:63:f4:7f:11:c5:67:0f:3c:
a4:fa:87:0c:df:80:21:23:03:81:9c:02:8c:cd:72:
a1:e2:43:bb:be:b9:dd:0a:bf:2f:9f:79:da:08:12:
b8:ec:db:fa:d3:51:1a:05:53:21:ed:14:41:11:da:
7f:a1:54:8d:57:e5:21:9d:6e:9c:a0:b6:b8:a4:c7:
60:f9:14:02:d8:26:f8:0a:70:d6:f2:75:0b:01:21:
82:4e:d6:64:6a:45:2c:39:4c:9c:b2:63:ed:dd:c6:
b3:07:0e:89:aa:90:15:bc:f1:bf:79:56:bb:3b:34:
ff:89:8a:01:f9:76:61:25:8a:cd:a0:6e:b6:b0:e5:
5d:30:50:ca:e1:04:e9:c9:ec:8d:1e:0e:cf:48:31:
be:5a:06:86:8e:33:ef:85:28:9e:9a:a3:c0:66:95:
2e:ef:43:e0:6b:b5:5c:eb:e8:00:c9:b9:e1:d4:4e:
6f:2d:38:38:ae:ba:19:f8:70:88:66:ec:fd:94:96:
b2:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:3A:D3:2A:0D:A3:60:D6:76:4D:90:EA:95:AD:DE:67:F1:85:DC:CA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/96632b04-b91d-4e29-8e82-14fddf17bed9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:8060::/48
Signature Algorithm: sha256WithRSAEncryption
7f:34:ef:92:d2:a7:ce:91:37:fe:2f:d3:2e:04:cf:4f:19:fc:
a3:68:9e:b2:1c:e2:98:d6:11:19:c7:1a:5b:db:94:40:15:e0:
14:97:ad:25:b5:2a:1b:e8:dc:12:48:91:6d:b7:bc:97:55:27:
5d:9e:00:ef:da:37:53:4b:51:08:99:12:7b:da:ea:6e:b1:7d:
53:3a:55:77:29:b1:cd:b9:d8:17:be:53:28:ec:fc:d1:5f:f7:
9e:da:ed:d9:d4:0f:73:45:1f:fd:e1:74:d1:46:4d:a6:1a:d7:
a7:00:b1:f1:8f:a2:4f:48:74:25:cf:a1:b4:df:be:9c:c1:a3:
63:29:f1:86:28:98:63:33:a9:f5:5e:1c:df:35:b3:f6:8c:6c:
4b:e2:99:4b:07:b7:d2:93:fd:a0:b3:b6:8b:86:18:e3:81:20:
2b:9b:37:cb:89:e6:d0:cc:97:4e:33:31:01:2f:a3:9a:d2:1c:
bf:ef:c0:b2:cf:c6:f9:3d:4d:df:5f:82:94:56:84:d9:d2:0a:
7a:dd:bd:39:23:a0:90:b9:87:21:7e:0d:3b:36:8a:39:45:4a:
23:d4:93:49:16:0f:16:35:50:19:ad:06:90:f1:25:9a:91:0f:
1a:fd:6d:0a:e2:fa:c5:f8:25:90:c0:f3:9f:75:2c:ea:00:03:
b5:00:35:b4
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUcO89Y8/mDg5XEXe0KrhvjYj+PREwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTMwNDdaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDRlMjBjYTYyNmFmYzE4ZTIwYmQxZWExNzVmODQ5MWU2ODA4ODRmOWIwNzQy
ZGM4ZmVjYTcxOWU1YmMzNTNhM2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMHawUy2Uv9VS0HrqAU7Nbr+XrG/J2yOOXXcxDQ56tuywJtCPpgqOZd+ZRHC
wsUWnzfT6yRG6czZCzJR4lup8QqMFGP0fxHFZw88pPqHDN+AISMDgZwCjM1yoeJD
u7653Qq/L5952ggSuOzb+tNRGgVTIe0UQRHaf6FUjVflIZ1unKC2uKTHYPkUAtgm
+Apw1vJ1CwEhgk7WZGpFLDlMnLJj7d3GswcOiaqQFbzxv3lWuzs0/4mKAfl2YSWK
zaButrDlXTBQyuEE6cnsjR4Oz0gxvloGho4z74UonpqjwGaVLu9D4Gu1XOvoAMm5
4dROby04OK66GfhwiGbs/ZSWshsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTfOtMq
DaNg1nZNkOqVrd5n8YXcyjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTY2MzJiMDQtYjkxZC00ZTI5LThlODItMTRmZGRmMTdiZWQ5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+A
YDANBgkqhkiG9w0BAQsFAAOCAQEAfzTvktKnzpE3/i/TLgTPTxn8o2ieshzimNYR
GccaW9uUQBXgFJetJbUqG+jcEkiRbbe8l1UnXZ4A79o3U0tRCJkSe9rqbrF9UzpV
dymxzbnYF75TKOz80V/3ntrt2dQPc0Uf/eF00UZNphrXpwCx8Y+iT0h0Jc+htN++
nMGjYynxhiiYYzOp9V4c3zWz9oxsS+KZSwe30pP9oLO2i4YY44EgK5s3y4nm0MyX
TjMxAS+jmtIcv+/Ass/G+T1N31+ClFaE2dIKet29OSOgkLmHIX4NOzaKOUVKI9ST
SRYPFjVQGa0GkPElmpEPGv1tCuL6xfglkMDzn3Us6gADtQA1tA==
-----END CERTIFICATE-----
Generated at Sat Jun 13 12:42:42 2026 by rpki-client