Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9fb96617-2d2f-468d-b766-35c52d9f2681.roa
File: 9fb96617-2d2f-468d-b766-35c52d9f2681.roa (raw, json)
Hash identifier: kOwVfrm1TxKIDza34j/QEYRMH4emjC2bjrAljSCsiSk=
Subject key identifier: 66:D0:94:9B:4A:F9:96:E3:60:B8:25:65:9D:C8:CB:2C:98:70:65:16
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2AC34487533EFF5AA5E8778F61546799F9C527E3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9fb96617-2d2f-468d-b766-35c52d9f2681.roa
Signing time: Tue 19 May 2026 04:40:48 +0000
ROA not before: Tue 19 May 2026 04:40:48 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d015:800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:c3:44:87:53:3e:ff:5a:a5:e8:77:8f:61:54:67:99:f9:c5:27:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:40:48 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=af918a05cb3f09232f49e6c8b76259247c572dc26dd26d4979e97e865c20c496, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:2c:eb:19:f4:ac:37:f0:78:d7:d8:fb:82:06:
6d:73:f6:1e:c3:7b:80:74:02:60:da:cf:5c:6e:a2:
cf:0e:99:c7:bd:7e:af:99:40:a3:f3:47:46:0d:d2:
6b:a6:12:48:ff:d8:b2:c8:2f:9b:2e:55:65:6b:c0:
39:67:a2:06:d4:25:f4:59:01:b3:f6:d8:c7:32:02:
a4:72:cf:1d:b6:c2:86:67:77:5f:21:cf:6c:d6:03:
95:80:e8:c0:56:a8:52:c7:74:7c:19:47:3f:6e:a7:
4e:5a:5b:1f:e0:2d:fd:98:f6:db:48:81:cd:f7:bb:
28:f1:16:ac:59:b5:c1:58:f5:05:34:e8:da:fc:58:
e0:56:c9:74:86:7f:e6:cf:0e:f6:00:fe:c8:5a:cd:
bb:3c:67:eb:f6:23:f0:cf:0b:12:31:a7:aa:47:9b:
e6:6d:a2:a6:67:bf:2c:cb:b6:ba:f7:5d:3d:da:85:
3a:9c:65:ad:4c:c1:25:6c:9a:43:ab:8e:48:59:bd:
c7:87:bd:1f:df:e3:96:a1:62:73:49:1b:0b:da:ed:
79:98:91:c7:61:d2:32:8f:f5:03:bb:28:6c:7e:34:
a2:9b:db:1e:7e:69:e8:fd:34:cd:75:dc:45:d7:64:
b9:0d:67:43:8d:d0:f6:11:7f:3a:f9:e2:74:46:9c:
d8:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:D0:94:9B:4A:F9:96:E3:60:B8:25:65:9D:C8:CB:2C:98:70:65:16
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9fb96617-2d2f-468d-b766-35c52d9f2681.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d015:800::/38
Signature Algorithm: sha256WithRSAEncryption
4d:0b:16:f6:ac:4e:dd:81:f2:01:6b:87:39:4e:b6:85:16:9f:
85:40:9d:98:1e:3f:f1:2c:80:ae:3f:fd:32:80:b2:7c:c4:96:
c2:47:87:94:73:83:53:35:20:ed:65:90:31:97:25:7e:07:1b:
3e:d1:35:06:22:c4:3d:46:cd:bd:25:93:53:0e:8c:a7:09:33:
6b:50:1b:3c:24:60:21:54:a2:77:6f:ab:41:a1:5e:01:37:8d:
b8:2a:72:a4:94:60:cb:ca:65:6f:17:9d:43:e6:ee:4b:32:cf:
58:28:80:8f:1c:a3:58:6c:8e:fc:eb:5e:9c:4d:a2:02:c8:da:
a8:65:bb:55:2b:58:e1:3b:3b:95:18:94:6e:14:88:4d:54:04:
23:5f:e2:37:13:88:c7:20:a1:8a:b0:74:a5:75:09:ef:c3:c7:
d9:bd:27:75:1b:bc:08:f3:0f:40:90:d4:61:c9:5b:21:bb:b6:
d3:29:6f:e3:79:59:ea:8d:5e:1f:12:69:4a:06:12:45:cc:24:
f4:38:32:8c:fc:27:20:c2:fb:97:28:5a:c9:4a:4f:36:9c:9c:
b7:fe:2f:48:94:0a:93:97:05:39:30:2c:1f:c7:06:d9:21:ae:
23:49:29:1d:3e:27:a4:40:af:ed:c7:d2:49:39:a2:27:0b:89:
e0:dc:93:d7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKsNEh1M+/1ql6HePYVRnmfnFJ+MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDQwNDhaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGFmOTE4YTA1Y2IzZjA5MjMyZjQ5ZTZjOGI3NjI1OTI0N2M1NzJkYzI2ZGQy
NmQ0OTc5ZTk3ZTg2NWMyMGM0OTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK4s6xn0rDfweNfY+4IGbXP2HsN7gHQCYNrPXG6izw6Zx71+r5lAo/NHRg3S
a6YSSP/Yssgvmy5VZWvAOWeiBtQl9FkBs/bYxzICpHLPHbbChmd3XyHPbNYDlYDo
wFaoUsd0fBlHP26nTlpbH+At/Zj220iBzfe7KPEWrFm1wVj1BTTo2vxY4FbJdIZ/
5s8O9gD+yFrNuzxn6/Yj8M8LEjGnqkeb5m2ipme/LMu2uvddPdqFOpxlrUzBJWya
Q6uOSFm9x4e9H9/jlqFic0kbC9rteZiRx2HSMo/1A7sobH40opvbHn5p6P00zXXc
RddkuQ1nQ43Q9hF/OvnidEac2A0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRm0JSb
SvmW42C4JWWdyMssmHBlFjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWZiOTY2MTctMmQyZi00NjhkLWI3NjYtMzVjNTJkOWYyNjgxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BUI
MA0GCSqGSIb3DQEBCwUAA4IBAQBNCxb2rE7dgfIBa4c5TraFFp+FQJ2YHj/xLICu
P/0ygLJ8xJbCR4eUc4NTNSDtZZAxlyV+Bxs+0TUGIsQ9Rs29JZNTDoynCTNrUBs8
JGAhVKJ3b6tBoV4BN424KnKklGDLymVvF51D5u5LMs9YKICPHKNYbI78616cTaIC
yNqoZbtVK1jhOzuVGJRuFIhNVAQjX+I3E4jHIKGKsHSldQnvw8fZvSd1G7wI8w9A
kNRhyVshu7bTKW/jeVnqjV4fEmlKBhJFzCT0ODKM/CcgwvuXKFrJSk82nJy3/i9I
lAqTlwU5MCwfxwbZIa4jSSkdPiekQK/tx9JJOaInC4ng3JPX
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:13:01 2026 by rpki-client