Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b76683fb-d41f-4bfd-ba78-b4b2492acd1e.roa
File: b76683fb-d41f-4bfd-ba78-b4b2492acd1e.roa (raw, json)
Hash identifier: IFucar+s8CmNPsWzIKqN0v5gZcO4hUW/WOoKv39yVhY=
Subject key identifier: 27:10:88:6F:D8:0B:22:8A:E0:06:E3:DC:36:B9:FD:B7:46:77:DB:32
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 29EDA36D4C98438EB2C52E6882443747F8FDF651
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b76683fb-d41f-4bfd-ba78-b4b2492acd1e.roa
Signing time: Tue 19 May 2026 04:40:45 +0000
ROA not before: Tue 19 May 2026 04:40:45 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01e:800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:ed:a3:6d:4c:98:43:8e:b2:c5:2e:68:82:44:37:47:f8:fd:f6:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 04:40:45 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=96617574e1c95be81dc0911418d2e9c127e635a5472e3ed4b1e49f4bb34a896d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:2a:ee:32:d4:e1:f0:fd:10:f4:67:a2:2e:b9:
89:66:57:50:6e:4b:d3:b2:79:0a:43:7d:66:06:33:
83:c7:cf:39:f8:e3:c2:e7:6e:d9:9a:76:59:b6:b4:
81:a7:00:32:86:f4:ce:f6:eb:46:14:5c:d6:84:f0:
5b:ba:ba:3b:d1:46:37:0c:68:5c:48:9b:30:27:aa:
35:88:a7:93:bd:da:95:00:5c:0b:94:a6:7c:ab:b7:
a0:09:3b:1b:2b:cd:18:da:e2:d3:a4:de:f7:90:78:
60:19:18:17:cc:a2:36:47:25:ff:78:9b:eb:a8:4b:
30:e7:d8:55:33:4c:88:64:c7:4e:bd:3c:b1:21:51:
ca:4a:e5:fe:44:b9:2d:9f:3a:5f:78:d4:1d:fc:25:
b6:17:21:43:5a:59:6a:45:f9:7e:81:53:3f:9a:46:
6e:5c:25:28:8f:08:9b:0c:12:ea:08:e9:51:02:61:
ac:9e:8f:48:b5:8d:22:fb:9c:fe:81:87:e4:5c:82:
2c:b8:ce:8e:3a:0d:f9:12:ac:59:ca:46:46:ce:a5:
4c:32:41:49:41:7d:c9:bb:e8:58:b0:f8:b2:60:72:
fe:46:34:d1:79:4e:25:6e:a4:62:16:a4:22:ba:57:
34:04:f4:4a:08:14:8f:72:96:fd:67:fe:af:07:cb:
92:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:10:88:6F:D8:0B:22:8A:E0:06:E3:DC:36:B9:FD:B7:46:77:DB:32
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b76683fb-d41f-4bfd-ba78-b4b2492acd1e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01e:800::/38
Signature Algorithm: sha256WithRSAEncryption
bb:f0:87:7f:8a:cc:35:23:d1:d1:38:77:2b:62:63:24:8a:d3:
ae:a6:6a:e0:be:2e:12:f3:e2:b2:4c:57:9a:35:a4:b7:2c:69:
42:6d:ac:76:a9:a3:a0:38:f1:5d:91:fc:13:cc:a5:84:a7:de:
94:bb:50:51:3c:9d:0d:ff:4a:51:18:3b:fa:9f:0b:e2:6f:a9:
36:e4:80:e7:dc:fa:3a:6a:b5:18:52:68:b8:c3:57:ea:d3:bf:
c2:fc:ef:bb:1d:e2:fd:be:35:6f:99:39:92:25:8f:4a:94:60:
06:3f:a3:58:10:10:0c:48:14:e0:58:fa:83:59:51:2a:da:d6:
89:cc:08:75:a7:82:3a:b2:19:c6:cb:7d:e1:63:e7:17:55:da:
87:cd:2c:12:b0:35:54:e8:7e:ed:5f:5a:c6:f4:c3:b9:ca:f1:
9b:11:c0:dd:80:58:4f:79:f3:6a:d4:de:1b:5c:6f:71:89:a3:
52:7e:10:55:7d:ee:e0:89:a3:58:57:a8:77:db:7d:a6:ee:8e:
47:62:fa:46:d6:38:c9:c6:d9:33:ad:d0:f0:4f:69:88:42:79:
56:7e:bd:88:18:e8:30:2e:6a:45:9d:a8:72:98:40:b6:2d:b9:
7a:94:88:ae:ea:d0:88:20:48:50:e1:cf:c4:09:ec:84:1d:1b:
09:52:70:64
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKe2jbUyYQ46yxS5ogkQ3R/j99lEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNDQwNDVaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDk2NjE3NTc0ZTFjOTViZTgxZGMwOTExNDE4ZDJlOWMxMjdlNjM1YTU0NzJl
M2VkNGIxZTQ5ZjRiYjM0YTg5NmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJcq7jLU4fD9EPRnoi65iWZXUG5L07J5CkN9ZgYzg8fPOfjjwudu2Zp2Wba0
gacAMob0zvbrRhRc1oTwW7q6O9FGNwxoXEibMCeqNYink73alQBcC5SmfKu3oAk7
GyvNGNri06Te95B4YBkYF8yiNkcl/3ib66hLMOfYVTNMiGTHTr08sSFRykrl/kS5
LZ86X3jUHfwlthchQ1pZakX5foFTP5pGblwlKI8ImwwS6gjpUQJhrJ6PSLWNIvuc
/oGH5FyCLLjOjjoN+RKsWcpGRs6lTDJBSUF9ybvoWLD4smBy/kY00XlOJW6kYhak
IrpXNAT0SggUj3KW/Wf+rwfLkvECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQnEIhv
2AsiiuAG49w2uf23RnfbMjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Yjc2NjgzZmItZDQxZi00YmZkLWJhNzgtYjRiMjQ5MmFjZDFlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0B4I
MA0GCSqGSIb3DQEBCwUAA4IBAQC78Id/isw1I9HROHcrYmMkitOupmrgvi4S8+Ky
TFeaNaS3LGlCbax2qaOgOPFdkfwTzKWEp96Uu1BRPJ0N/0pRGDv6nwvib6k25IDn
3Po6arUYUmi4w1fq07/C/O+7HeL9vjVvmTmSJY9KlGAGP6NYEBAMSBTgWPqDWVEq
2taJzAh1p4I6shnGy33hY+cXVdqHzSwSsDVU6H7tX1rG9MO5yvGbEcDdgFhPefNq
1N4bXG9xiaNSfhBVfe7giaNYV6h3232m7o5HYvpG1jjJxtkzrdDwT2mIQnlWfr2I
GOgwLmpFnahymEC2Lbl6lIiu6tCIIEhQ4c/ECeyEHRsJUnBk
-----END CERTIFICATE-----
Generated at Sat Jun 13 07:59:23 2026 by rpki-client