Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9fa19511-0738-48ff-a25a-e667f5ca90f8.roa
File: 9fa19511-0738-48ff-a25a-e667f5ca90f8.roa (raw, json)
Hash identifier: BsO2uYgWw0kSnaJQwWKjdRmGnweZ/hKhTqvlXfDW7ng=
Subject key identifier: 91:55:F9:1F:4D:07:41:D0:81:99:E6:C0:76:73:03:51:EE:9B:26:18
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7E1D849CE8E5A9BF8510BDCD952660FC5F1BD2AD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9fa19511-0738-48ff-a25a-e667f5ca90f8.roa
Signing time: Fri 15 May 2026 03:50:06 +0000
ROA not before: Fri 15 May 2026 03:50:06 +0000
ROA not after: Thu 13 Aug 2026 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d077::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:1d:84:9c:e8:e5:a9:bf:85:10:bd:cd:95:26:60:fc:5f:1b:d2:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 15 03:50:06 2026 GMT
Not After : Aug 13 23:59:59 2026 GMT
Subject: serialNumber=7fa78e65d45b66be99a4c6495f22920743ad2d84a3d0f3b0c23052c53b0b98ef, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:e0:0e:29:58:3f:1f:45:1e:f8:af:5a:c4:90:
7a:bc:bf:82:1b:57:c0:2b:88:19:75:90:87:11:55:
51:44:aa:67:12:dc:3a:95:8d:73:29:4a:82:ca:df:
8e:ec:e0:64:86:66:29:ff:84:3e:28:4a:e0:39:f1:
bf:71:c1:ac:3e:0f:c1:6e:75:a3:54:c3:00:f1:6c:
96:b3:40:d8:c1:18:15:6d:39:1f:4d:30:3e:74:0a:
40:c2:f2:14:cc:fc:f1:d6:3b:e6:97:3d:18:1b:bb:
93:3d:f5:bb:1d:78:b0:f8:aa:3b:76:47:f1:8e:29:
0e:8b:98:0a:85:28:d0:33:40:3a:e4:e6:a7:8e:43:
c9:28:34:d4:aa:76:68:cd:9b:26:82:a6:8c:b1:19:
b2:f3:75:15:0f:d5:5d:96:0b:ea:a0:cb:97:79:f2:
06:6d:ad:f7:e0:23:1d:fe:9c:af:3c:29:0b:21:6c:
79:2e:a3:d1:4f:05:4b:ef:f8:0f:28:c1:4d:fe:1f:
a0:e7:9a:82:3b:99:a6:b0:24:a9:49:c3:24:8f:a3:
66:5a:00:77:63:e1:d9:66:c3:a9:d2:33:f9:db:08:
84:fe:d3:0d:25:8d:2d:ab:5d:f1:da:ba:c6:f4:20:
d6:ec:30:68:ad:d3:9e:32:54:17:e6:71:e0:9d:c1:
8f:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:55:F9:1F:4D:07:41:D0:81:99:E6:C0:76:73:03:51:EE:9B:26:18
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9fa19511-0738-48ff-a25a-e667f5ca90f8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077::/32
Signature Algorithm: sha256WithRSAEncryption
9d:71:32:4d:8f:7d:77:51:24:e4:78:5e:05:0a:b2:5a:1b:af:
c5:7b:07:af:45:f7:5e:7d:d2:ff:44:75:ab:5c:0a:bb:34:32:
91:0f:e3:a1:c9:7b:4b:e4:96:22:37:a5:e7:d7:de:02:91:5d:
0b:b9:74:56:39:0a:71:3a:a4:ec:10:55:22:92:99:47:72:48:
0b:ff:5b:74:20:8c:d2:ef:e8:c4:ca:7b:8a:3a:08:0d:c9:df:
cf:b1:c4:83:68:ce:9d:9e:e4:ef:83:5e:ea:28:cd:11:9c:c2:
0d:c1:b7:38:f7:e6:90:fc:46:77:7c:6f:f3:cb:7c:b8:ef:de:
c2:0f:f1:39:bf:a5:ac:45:aa:7c:ea:2a:76:e6:17:dc:a9:70:
58:9b:90:85:aa:69:4c:48:04:b2:8d:18:30:d9:9a:63:1e:6a:
2b:d7:81:ff:0b:f5:58:a4:20:99:d0:d1:df:88:4f:2e:cb:e2:
e4:43:c6:04:12:ef:c5:ad:7a:ff:7b:de:9b:f9:8c:66:0c:67:
82:ab:85:b0:3a:6a:6e:56:2e:bf:03:7d:dc:ba:d2:2e:11:c2:
a5:e4:8e:5d:6f:70:5b:d4:68:1e:8a:50:66:e5:50:a3:1a:73:
4f:92:87:b4:9e:ae:fb:2d:fe:2a:3e:d2:b8:a3:3c:68:35:7f:
e1:81:3c:62
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUfh2EnOjlqb+FEL3NlSZg/F8b0q0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTUwMzUwMDZaFw0yNjA4MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDdmYTc4ZTY1ZDQ1YjY2YmU5OWE0YzY0OTVmMjI5MjA3NDNhZDJkODRhM2Qw
ZjNiMGMyMzA1MmM1M2IwYjk4ZWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANDgDilYPx9FHvivWsSQery/ghtXwCuIGXWQhxFVUUSqZxLcOpWNcylKgsrf
juzgZIZmKf+EPihK4Dnxv3HBrD4PwW51o1TDAPFslrNA2MEYFW05H00wPnQKQMLy
FMz88dY75pc9GBu7kz31ux14sPiqO3ZH8Y4pDouYCoUo0DNAOuTmp45DySg01Kp2
aM2bJoKmjLEZsvN1FQ/VXZYL6qDLl3nyBm2t9+AjHf6crzwpCyFseS6j0U8FS+/4
DyjBTf4foOeagjuZprAkqUnDJI+jZloAd2Ph2WbDqdIz+dsIhP7TDSWNLatd8dq6
xvQg1uwwaK3TnjJUF+Zx4J3BjzMCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBSRVfkf
TQdB0IGZ5sB2cwNR7psmGDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWZhMTk1MTEtMDczOC00OGZmLWEyNWEtZTY2N2Y1Y2E5MGY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0Hcw
DQYJKoZIhvcNAQELBQADggEBAJ1xMk2PfXdRJOR4XgUKslobr8V7B69F91590v9E
datcCrs0MpEP46HJe0vkliI3pefX3gKRXQu5dFY5CnE6pOwQVSKSmUdySAv/W3Qg
jNLv6MTKe4o6CA3J38+xxINozp2e5O+DXuoozRGcwg3Btzj35pD8Rnd8b/PLfLjv
3sIP8Tm/paxFqnzqKnbmF9ypcFibkIWqaUxIBLKNGDDZmmMeaivXgf8L9VikIJnQ
0d+ITy7L4uRDxgQS78Wtev973pv5jGYMZ4KrhbA6am5WLr8Dfdy60i4RwqXkjl1v
cFvUaB6KUGblUKMac0+Sh7Servst/io+0rijPGg1f+GBPGI=
-----END CERTIFICATE-----
Generated at Sat Jun 13 07:59:42 2026 by rpki-client