Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a37b3e49-cec5-4def-b3ef-5356277d82ab.roa
File: a37b3e49-cec5-4def-b3ef-5356277d82ab.roa (raw, json)
Hash identifier: FJ/nTpY2zLetDpdIQb9vlt7kyfi/olRV2dYoNSxIrR4=
Subject key identifier: 99:77:BC:13:5F:7B:B1:EE:83:30:A7:FB:35:53:62:F6:AC:DB:A1:06
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1242F0EB2D0BE5BCF0CAA6E37B21A77B8F5A2440
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a37b3e49-cec5-4def-b3ef-5356277d82ab.roa
Signing time: Tue 19 May 2026 05:30:15 +0000
ROA not before: Tue 19 May 2026 05:30:15 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:42:f0:eb:2d:0b:e5:bc:f0:ca:a6:e3:7b:21:a7:7b:8f:5a:24:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:30:15 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=e26caf64fc3344335b5f8575abe458231c0036262c5e34be0168ebe61f6f39be, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:3b:2a:55:cc:21:a1:9e:9f:f1:a1:8b:81:be:
e6:31:30:d0:14:5d:c1:b1:8e:06:44:8d:6d:cd:5a:
c1:c8:94:55:c2:1d:ff:e9:fb:a9:8e:39:15:e2:de:
e5:5e:90:3f:8a:f8:16:45:23:34:0d:f3:96:44:d3:
b5:4f:70:12:d6:7f:fe:0e:b1:af:d0:53:2f:7a:9e:
e4:ec:16:e8:11:47:a7:14:9a:db:6d:fd:15:ef:62:
05:fc:bc:cb:e3:27:5f:2f:56:10:d2:68:3e:4a:fe:
bb:55:d1:72:bd:35:bc:68:c0:15:9c:8e:3f:84:82:
5f:97:3f:52:4b:39:6e:65:d5:62:b6:a3:a9:1a:e9:
bd:3f:aa:38:f5:4b:0d:34:22:22:b8:6a:b7:a3:12:
00:4d:5b:d5:ba:ae:33:41:05:93:91:47:aa:0c:6c:
e1:28:76:a1:a9:18:04:5a:18:bf:a0:41:75:d9:f2:
e7:c1:92:8d:8d:a9:cd:72:50:87:97:06:f6:92:18:
e5:eb:93:8b:39:c1:30:37:c7:d4:a7:e5:bb:73:80:
66:ad:93:d0:c8:42:3e:8a:4d:02:6c:87:39:29:eb:
7e:12:c9:ad:e2:4d:f9:b2:14:23:3d:4f:63:51:fa:
bd:b7:60:c7:c8:54:49:a1:5d:b3:4a:53:04:9a:3e:
28:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:77:BC:13:5F:7B:B1:EE:83:30:A7:FB:35:53:62:F6:AC:DB:A1:06
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a37b3e49-cec5-4def-b3ef-5356277d82ab.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:1000::/40
Signature Algorithm: sha256WithRSAEncryption
42:38:14:bc:f2:b5:0b:aa:2d:dc:5c:51:28:78:34:da:e5:12:
0e:15:5a:82:93:ff:85:69:59:e8:b9:94:71:df:99:ac:2a:2e:
43:fe:c0:82:38:c0:5e:85:ee:7e:fd:39:b2:86:30:95:da:a1:
bc:4c:56:04:02:36:0a:7b:1f:cf:68:02:12:6c:8e:65:af:35:
7a:79:cd:3f:df:38:60:40:40:fb:db:87:f1:83:3d:9d:5e:39:
49:5b:c8:f0:43:c2:6f:04:eb:fc:26:4d:6a:48:f3:da:94:3d:
29:b1:1b:51:43:f0:00:4d:05:4a:12:9a:70:d2:57:a0:ff:d0:
9f:10:dc:d1:0b:a0:90:a9:a5:1f:fb:94:04:6a:48:24:ba:73:
db:5f:52:96:9f:6c:93:b9:18:20:36:1d:7c:c8:9c:f9:10:4d:
e8:3e:68:b3:90:c6:f4:bf:75:05:6a:92:07:87:8a:96:05:1f:
fa:e6:e8:45:99:1f:44:96:15:16:9e:ec:39:d1:5a:e0:38:02:
c9:f6:49:68:46:db:14:df:46:65:4e:3a:c3:9f:7a:54:d5:7e:
ec:fe:e0:7d:ed:6f:fb:5f:1e:db:9a:6c:d9:85:fb:17:68:5f:
ea:04:0a:7e:64:60:87:bc:9b:53:40:ad:c3:f6:12:4c:33:24:
20:bd:8d:1a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEkLw6y0L5bzwyqbjeyGne49aJEAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTMwMTVaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGUyNmNhZjY0ZmMzMzQ0MzM1YjVmODU3NWFiZTQ1ODIzMWMwMDM2MjYyYzVl
MzRiZTAxNjhlYmU2MWY2ZjM5YmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKA7KlXMIaGen/Ghi4G+5jEw0BRdwbGOBkSNbc1awciUVcId/+n7qY45FeLe
5V6QP4r4FkUjNA3zlkTTtU9wEtZ//g6xr9BTL3qe5OwW6BFHpxSa2239Fe9iBfy8
y+MnXy9WENJoPkr+u1XRcr01vGjAFZyOP4SCX5c/Uks5bmXVYrajqRrpvT+qOPVL
DTQiIrhqt6MSAE1b1bquM0EFk5FHqgxs4Sh2oakYBFoYv6BBddny58GSjY2pzXJQ
h5cG9pIY5euTiznBMDfH1Kflu3OAZq2T0MhCPopNAmyHOSnrfhLJreJN+bIUIz1P
Y1H6vbdgx8hUSaFds0pTBJo+KOMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSZd7wT
X3ux7oMwp/s1U2L2rNuhBjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTM3YjNlNDktY2VjNS00ZGVmLWIzZWYtNTM1NjI3N2Q4MmFiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DgQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBCOBS88rULqi3cXFEoeDTa5RIOFVqCk/+FaVno
uZRx35msKi5D/sCCOMBehe5+/TmyhjCV2qG8TFYEAjYKex/PaAISbI5lrzV6ec0/
3zhgQED724fxgz2dXjlJW8jwQ8JvBOv8Jk1qSPPalD0psRtRQ/AATQVKEppw0leg
/9CfENzRC6CQqaUf+5QEakgkunPbX1KWn2yTuRggNh18yJz5EE3oPmizkMb0v3UF
apIHh4qWBR/65uhFmR9ElhUWnuw50VrgOALJ9kloRtsU30ZlTjrDn3pU1X7s/uB9
7W/7Xx7bmmzZhfsXaF/qBAp+ZGCHvJtTQK3D9hJMMyQgvY0a
-----END CERTIFICATE-----
Generated at Sat Jun 13 11:34:19 2026 by rpki-client