Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9902e563-fe64-4a01-9616-0424a53839fb.roa
File: 9902e563-fe64-4a01-9616-0424a53839fb.roa (raw, json)
Hash identifier: jHVC0naJLdCVOAzgp23tnV4jLBLKXrTbQR6SlQMj76M=
Subject key identifier: 44:49:FD:CC:ED:6C:C9:12:7B:50:0A:97:A3:D7:25:7E:0D:20:0E:B8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0D1F8D55DEA240DF8D24D6868B2619228C0E8AE0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9902e563-fe64-4a01-9616-0424a53839fb.roa
Signing time: Tue 19 May 2026 05:00:57 +0000
ROA not before: Tue 19 May 2026 05:00:57 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:80c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:1f:8d:55:de:a2:40:df:8d:24:d6:86:8b:26:19:22:8c:0e:8a:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:00:57 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=1265ad49f9f62d3f8fdc021990823b9f4042cecd92faff6f208305daf280dacb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:67:05:46:de:60:cc:16:b9:fe:d4:c5:5b:63:
6c:6e:87:f5:ea:7b:9d:4e:d9:4b:f1:dd:ad:36:8f:
0a:04:f7:ed:0e:e5:30:8f:73:c6:d5:be:7e:10:56:
c5:e3:cf:a0:b8:a2:e1:c4:53:e2:5f:6d:8b:a4:ec:
d0:d1:58:90:84:9d:af:2d:32:ea:8d:22:fb:0f:d3:
0b:91:89:22:49:bf:6e:4c:29:6e:18:2b:3b:7d:10:
65:41:f4:56:b1:43:a0:a6:ae:ab:5c:92:66:9a:78:
a7:bd:0c:3d:d8:41:5c:92:0f:7e:53:f6:1d:8a:c1:
fb:44:d3:83:e1:78:5d:3e:60:2e:65:13:11:1c:42:
f0:1f:b9:62:6f:6d:ed:66:a1:69:36:64:92:e1:58:
84:09:bb:90:79:2d:53:78:86:e9:c7:84:57:e3:f3:
a6:58:88:cb:91:01:ff:f5:37:74:cb:3c:c9:45:81:
de:69:a9:b1:aa:f0:6e:82:a9:82:83:f7:ae:f9:1f:
25:8b:83:cf:ee:07:87:f0:3a:82:02:35:a6:3f:c3:
61:3f:5e:fa:9d:19:92:04:88:e0:bb:c5:68:54:0e:
f3:86:5b:32:90:8c:15:77:f8:44:32:ea:2e:e1:9f:
26:4e:19:9c:77:08:43:1d:1b:ff:f0:b4:6a:f6:d7:
32:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:49:FD:CC:ED:6C:C9:12:7B:50:0A:97:A3:D7:25:7E:0D:20:0E:B8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9902e563-fe64-4a01-9616-0424a53839fb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:80c0::/48
Signature Algorithm: sha256WithRSAEncryption
92:df:b4:ba:22:c7:2f:ce:40:4f:13:59:62:06:73:3e:ed:2d:
0a:8f:d4:d1:07:df:a6:01:c6:79:bd:57:60:16:d3:ac:12:10:
39:9c:78:69:c3:c3:4b:79:b5:63:64:6e:fb:cc:c0:49:71:8d:
ff:0f:b1:f8:76:f0:7d:79:ec:3a:2a:03:08:5b:4d:dc:44:61:
66:6c:2a:e3:07:79:62:c9:15:51:fe:73:c9:7c:f0:14:a3:b8:
28:2b:36:fa:cc:46:7f:61:0e:84:65:c1:b8:f2:1f:28:d4:d2:
9c:b2:9c:c2:74:93:5a:e3:7d:a6:0b:19:9b:6d:3d:d2:c2:ec:
65:0a:11:d8:3a:1e:0d:98:37:a2:2c:75:09:5c:6f:e9:1f:3f:
6e:31:5c:3d:be:33:cc:5f:10:6e:a4:d8:fb:17:5f:5c:d5:4c:
91:f5:7e:14:ed:1d:2e:3a:c4:a2:7e:9a:05:ef:63:5d:28:0e:
e4:f8:3b:eb:65:22:b6:a1:71:ee:d0:34:b1:2f:2a:75:e8:da:
39:3c:3a:22:d9:97:af:4f:e3:74:26:e5:fa:6b:90:44:d6:70:
9a:fb:34:b9:a3:97:6f:11:24:27:80:02:ba:a5:de:1b:63:5c:
85:04:4f:2c:5d:4e:a0:c4:a6:7d:3c:a6:1a:14:d4:be:84:85:
1d:21:4a:5f
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUDR+NVd6iQN+NJNaGiyYZIowOiuAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTAwNTdaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDEyNjVhZDQ5ZjlmNjJkM2Y4ZmRjMDIxOTkwODIzYjlmNDA0MmNlY2Q5MmZh
ZmY2ZjIwODMwNWRhZjI4MGRhY2IxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANVnBUbeYMwWuf7UxVtjbG6H9ep7nU7ZS/HdrTaPCgT37Q7lMI9zxtW+fhBW
xePPoLii4cRT4l9ti6Ts0NFYkISdry0y6o0i+w/TC5GJIkm/bkwpbhgrO30QZUH0
VrFDoKauq1ySZpp4p70MPdhBXJIPflP2HYrB+0TTg+F4XT5gLmUTERxC8B+5Ym9t
7WahaTZkkuFYhAm7kHktU3iG6ceEV+PzpliIy5EB//U3dMs8yUWB3mmpsarwboKp
goP3rvkfJYuDz+4Hh/A6ggI1pj/DYT9e+p0ZkgSI4LvFaFQO84ZbMpCMFXf4RDLq
LuGfJk4ZnHcIQx0b//C0avbXMsMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRESf3M
7WzJEntQCpej1yV+DSAOuDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTkwMmU1NjMtZmU2NC00YTAxLTk2MTYtMDQyNGE1MzgzOWZiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACA
wDANBgkqhkiG9w0BAQsFAAOCAQEAkt+0uiLHL85ATxNZYgZzPu0tCo/U0QffpgHG
eb1XYBbTrBIQOZx4acPDS3m1Y2Ru+8zASXGN/w+x+HbwfXnsOioDCFtN3ERhZmwq
4wd5YskVUf5zyXzwFKO4KCs2+sxGf2EOhGXBuPIfKNTSnLKcwnSTWuN9pgsZm209
0sLsZQoR2DoeDZg3oix1CVxv6R8/bjFcPb4zzF8QbqTY+xdfXNVMkfV+FO0dLjrE
on6aBe9jXSgO5Pg762UitqFx7tA0sS8qdejaOTw6ItmXr0/jdCbl+muQRNZwmvs0
uaOXbxEkJ4ACuqXeG2NchQRPLF1OoMSmfTymGhTUvoSFHSFKXw==
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:25:08 2026 by rpki-client