Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9dcc70de-62b0-410a-8c40-d5102c9ccf7a.roa
File: 9dcc70de-62b0-410a-8c40-d5102c9ccf7a.roa (raw, json)
Hash identifier: iop8Hl90VhWnG/n65iLgDy4Q9xw0IqXbIqDJODEQTZE=
Subject key identifier: A9:86:54:F7:43:B7:59:62:59:9B:4D:4A:56:5B:92:5C:27:32:C0:AA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 17B18CF37F00EC348301FC5F9F05EFDF04882B93
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9dcc70de-62b0-410a-8c40-d5102c9ccf7a.roa
Signing time: Tue 19 May 2026 04:40:25 +0000
ROA not before: Tue 19 May 2026 04:40:25 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:6000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:b1:8c:f3:7f:00:ec:34:83:01:fc:5f:9f:05:ef:df:04:88:2b:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:40:25 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=f28ccfd9064eabfb5256e2e66e14b270c92f927438b7500e164ec3c5ca4a91d1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:8a:95:ca:ac:f1:64:c6:90:e8:ac:5d:2b:5e:
09:3d:45:95:7e:0b:5b:32:63:58:25:8d:07:cd:19:
68:d0:b2:57:7f:07:89:7f:57:8c:99:ea:7e:db:5b:
fb:14:38:cd:6c:04:91:05:7c:f1:ed:1c:2b:0f:a6:
46:71:b8:81:04:cd:60:00:a2:5d:88:44:8f:07:fb:
f4:fa:3e:c7:c7:a0:0a:cc:e8:a5:2e:e2:f3:ad:07:
3e:ed:35:d9:6c:2a:49:c6:5d:23:58:06:2b:92:6e:
c3:c4:ba:8d:24:16:ef:16:5f:c9:0d:f7:01:c6:7b:
3a:cb:29:ba:45:00:11:89:a0:44:bd:75:54:85:1a:
ff:05:e5:8c:5f:dd:cb:0f:af:79:1c:59:c6:ba:41:
f8:4e:b2:1e:15:8d:73:70:2c:e6:5f:46:e2:b0:df:
4c:af:5f:5e:13:de:8a:3a:27:6c:a5:43:c8:cd:93:
90:5a:d9:48:22:c5:00:20:76:a1:69:67:f2:1d:df:
d5:57:80:40:6a:32:11:05:ae:86:ff:9b:1a:4f:5c:
19:a4:0e:60:7a:dc:a7:e4:c1:41:5a:75:dc:67:fe:
48:c3:e0:09:31:d0:cf:4a:65:45:5d:aa:ff:c5:db:
ef:c2:7e:cf:90:df:f9:d1:5f:25:72:64:cc:ba:a3:
00:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:86:54:F7:43:B7:59:62:59:9B:4D:4A:56:5B:92:5C:27:32:C0:AA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9dcc70de-62b0-410a-8c40-d5102c9ccf7a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:6000::/40
Signature Algorithm: sha256WithRSAEncryption
60:cc:ad:2b:52:d2:f9:a1:54:83:ec:f1:98:ed:a5:ad:31:e7:
21:40:fc:f1:d8:53:9a:49:88:cd:66:7b:ed:9c:35:ea:5b:2b:
18:27:c9:a9:2f:13:ec:20:ed:be:88:00:f2:77:a8:31:92:d5:
80:c7:70:52:e3:3d:0a:99:e2:1e:02:e6:50:c5:67:91:f6:02:
79:6d:eb:28:9b:da:44:cf:16:59:34:c9:98:f4:5c:e6:82:ca:
3c:1e:02:7a:b1:e0:ac:61:5f:b5:36:d6:68:39:0c:60:45:12:
55:67:7e:a3:09:82:a2:cc:48:7d:5b:70:0d:3e:1a:15:07:f4:
62:2e:b4:f2:f3:7f:dd:ac:d5:6e:7d:95:78:0e:47:33:76:2c:
3e:9b:76:4d:ce:c4:a5:3c:5c:df:5c:51:4d:b0:73:5d:ab:31:
84:1f:be:14:ee:1e:8d:d1:16:d4:78:55:de:13:2d:e9:cd:97:
85:b0:9a:78:d6:2d:83:c7:f9:5e:3c:1b:d8:eb:71:a7:ad:03:
cd:b8:9b:4c:34:66:20:c3:cd:ed:93:c3:fc:8f:0e:a5:34:1c:
14:63:18:3d:36:55:f6:8c:d6:6b:50:df:03:7e:ae:65:98:3e:
92:86:40:42:71:4e:54:ce:2e:88:e2:d7:73:f1:1f:3b:d0:b6:
e6:68:50:a1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUF7GM838A7DSDAfxfnwXv3wSIK5MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDQwMjVaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGYyOGNjZmQ5MDY0ZWFiZmI1MjU2ZTJlNjZlMTRiMjcwYzkyZjkyNzQzOGI3
NTAwZTE2NGVjM2M1Y2E0YTkxZDExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJyKlcqs8WTGkOisXSteCT1FlX4LWzJjWCWNB80ZaNCyV38HiX9XjJnqfttb
+xQ4zWwEkQV88e0cKw+mRnG4gQTNYACiXYhEjwf79Po+x8egCszopS7i860HPu01
2WwqScZdI1gGK5Juw8S6jSQW7xZfyQ33AcZ7OsspukUAEYmgRL11VIUa/wXljF/d
yw+veRxZxrpB+E6yHhWNc3As5l9G4rDfTK9fXhPeijonbKVDyM2TkFrZSCLFACB2
oWln8h3f1VeAQGoyEQWuhv+bGk9cGaQOYHrcp+TBQVp13Gf+SMPgCTHQz0plRV2q
/8Xb78J+z5Df+dFfJXJkzLqjAIcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSphlT3
Q7dZYlmbTUpWW5JcJzLAqjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWRjYzcwZGUtNjJiMC00MTBhLThjNDAtZDUxMDJjOWNjZjdhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DJg
MA0GCSqGSIb3DQEBCwUAA4IBAQBgzK0rUtL5oVSD7PGY7aWtMechQPzx2FOaSYjN
ZnvtnDXqWysYJ8mpLxPsIO2+iADyd6gxktWAx3BS4z0KmeIeAuZQxWeR9gJ5beso
m9pEzxZZNMmY9Fzmgso8HgJ6seCsYV+1NtZoOQxgRRJVZ36jCYKizEh9W3ANPhoV
B/RiLrTy83/drNVufZV4Dkczdiw+m3ZNzsSlPFzfXFFNsHNdqzGEH74U7h6N0RbU
eFXeEy3pzZeFsJp41i2Dx/lePBvY63GnrQPNuJtMNGYgw83tk8P8jw6lNBwUYxg9
NlX2jNZrUN8Dfq5lmD6ShkBCcU5Uzi6I4tdz8R870LbmaFCh
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:12:58 2026 by rpki-client