Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b3b18648-bea0-4f7e-8f0f-5ad2d2f05ea8.roa
File: b3b18648-bea0-4f7e-8f0f-5ad2d2f05ea8.roa (raw, json)
Hash identifier: YtZj/d+ggoJduiNpQ6aAouzKEk5rm2yiStSsBfkErc8=
Subject key identifier: 42:F9:99:51:B7:A5:F0:35:6B:44:AC:35:F5:FD:9C:06:5F:F5:8E:AA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7A2EAC759E387A11E1E833B8E38A63D7EF0D1B44
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b3b18648-bea0-4f7e-8f0f-5ad2d2f05ea8.roa
Signing time: Tue 19 May 2026 05:10:39 +0000
ROA not before: Tue 19 May 2026 05:10:39 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d02b:800::/37 maxlen: 37
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:2e:ac:75:9e:38:7a:11:e1:e8:33:b8:e3:8a:63:d7:ef:0d:1b:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:10:39 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=5a803df7b0345a620f74d5d0169764c55aa483f7294e3d29993bec9a4f2933fc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:9a:58:3a:2f:33:75:e9:92:34:6b:ad:47:7c:
44:24:82:65:7f:4b:1b:d2:54:cc:54:69:06:2a:bf:
38:a2:a7:7b:93:46:e2:9e:3e:c8:98:a7:26:0d:b9:
a6:6d:d1:98:13:5a:9c:d4:03:d9:05:9f:ac:39:ed:
8a:d9:c7:89:89:8a:32:14:d1:35:82:34:97:c6:0f:
43:4c:88:13:d1:13:bd:03:90:22:43:17:16:e5:81:
35:d5:48:cc:b5:3b:dc:ac:f8:77:a2:0f:f5:85:3b:
82:5e:9a:cf:f3:f0:bc:7a:da:e0:87:1a:7f:c4:15:
27:fd:57:0b:dd:cb:59:59:20:e3:84:77:ca:02:c9:
9b:b3:66:d6:4a:ca:33:05:ea:bf:86:ce:6a:66:0e:
a9:27:30:28:6f:c1:52:17:fd:47:88:14:b5:06:cf:
6f:28:80:bf:bf:b9:92:c8:7e:7a:e2:25:63:ca:ca:
69:99:c5:ba:d2:75:8b:5b:31:99:0d:47:a0:a8:a4:
69:fc:9b:f9:da:40:fc:f6:89:56:a2:c4:2e:8f:1e:
87:90:f6:9c:df:45:e7:8e:2b:0e:50:86:7b:bc:40:
4d:21:78:05:55:78:ad:d4:49:f8:7e:fd:12:00:71:
9f:ba:96:85:5a:bb:84:e3:c3:59:66:a0:39:a7:35:
2b:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:F9:99:51:B7:A5:F0:35:6B:44:AC:35:F5:FD:9C:06:5F:F5:8E:AA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b3b18648-bea0-4f7e-8f0f-5ad2d2f05ea8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d02b:800::/37
Signature Algorithm: sha256WithRSAEncryption
ca:24:0b:17:8f:ef:a9:8b:e3:95:85:9a:ca:e4:8e:f6:f4:19:
61:90:94:c3:67:99:c7:05:22:31:51:8c:c0:27:e7:27:4e:f3:
d8:c6:54:d7:9f:df:13:f3:97:5b:f1:15:6e:1d:d3:d2:f8:fa:
ea:7e:41:e6:d8:13:9d:ab:8b:8a:7e:c0:d2:68:4f:41:10:6a:
e9:e3:e7:57:eb:42:e8:95:1f:7e:fd:cd:18:9f:9e:a1:84:81:
3e:e8:39:fc:fa:a5:eb:92:74:61:c4:75:25:55:5e:9b:5e:e0:
17:3f:1a:30:ec:5b:78:f1:99:84:be:3e:99:dc:0a:71:08:6f:
83:bb:fa:4f:af:b7:e8:f4:9e:5a:2a:44:f1:3f:68:a1:1e:1e:
b3:14:12:02:83:b5:e6:65:3f:8a:12:d4:86:11:78:41:b9:3e:
5e:5d:70:5d:d8:bf:fa:19:0b:27:5c:dc:36:a0:7c:f7:52:f2:
11:1e:66:b2:45:1a:d6:ad:46:bb:10:5a:7c:20:27:bf:a2:d0:
f3:71:a5:d9:45:e1:8d:83:d2:71:69:5e:13:09:85:78:51:a3:
8e:c1:ed:62:3c:75:68:03:3f:d3:a1:02:d3:e6:46:c7:6f:ff:
e5:21:cc:f0:69:a6:56:66:ea:18:5f:b9:77:d0:d5:d8:68:3f:
b2:ac:50:52
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUei6sdZ44ehHh6DO444pj1+8NG0QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTEwMzlaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDVhODAzZGY3YjAzNDVhNjIwZjc0ZDVkMDE2OTc2NGM1NWFhNDgzZjcyOTRl
M2QyOTk5M2JlYzlhNGYyOTMzZmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANGaWDovM3XpkjRrrUd8RCSCZX9LG9JUzFRpBiq/OKKne5NG4p4+yJinJg25
pm3RmBNanNQD2QWfrDntitnHiYmKMhTRNYI0l8YPQ0yIE9ETvQOQIkMXFuWBNdVI
zLU73Kz4d6IP9YU7gl6az/PwvHra4Icaf8QVJ/1XC93LWVkg44R3ygLJm7Nm1krK
MwXqv4bOamYOqScwKG/BUhf9R4gUtQbPbyiAv7+5ksh+euIlY8rKaZnFutJ1i1sx
mQ1HoKikafyb+dpA/PaJVqLELo8eh5D2nN9F544rDlCGe7xATSF4BVV4rdRJ+H79
EgBxn7qWhVq7hOPDWWagOac1KxsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRC+ZlR
t6XwNWtErDX1/ZwGX/WOqjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjNiMTg2NDgtYmVhMC00ZjdlLThmMGYtNWFkMmQyZjA1ZWE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoF0CsI
MA0GCSqGSIb3DQEBCwUAA4IBAQDKJAsXj++pi+OVhZrK5I729BlhkJTDZ5nHBSIx
UYzAJ+cnTvPYxlTXn98T85db8RVuHdPS+PrqfkHm2BOdq4uKfsDSaE9BEGrp4+dX
60LolR9+/c0Yn56hhIE+6Dn8+qXrknRhxHUlVV6bXuAXPxow7Ft48ZmEvj6Z3Apx
CG+Du/pPr7fo9J5aKkTxP2ihHh6zFBICg7XmZT+KEtSGEXhBuT5eXXBd2L/6GQsn
XNw2oHz3UvIRHmayRRrWrUa7EFp8ICe/otDzcaXZReGNg9JxaV4TCYV4UaOOwe1i
PHVoAz/ToQLT5kbHb//lIczwaaZWZuoYX7l30NXYaD+yrFBS
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:44:07 2026 by rpki-client