Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bc69f8f6-03c8-4468-a98a-f23fe40eeaef.roa
File: bc69f8f6-03c8-4468-a98a-f23fe40eeaef.roa (raw, json)
Hash identifier: Otbdj9rEJgQa+8+JL0mhHsmwzbz22IZoWTBdiL3tMG4=
Subject key identifier: CD:7C:71:0C:AA:7C:5B:84:99:FC:A8:AF:C9:94:3F:98:EF:61:B4:43
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 370C04457F9DCA9279BC1BBDF2536C9D712DF2E4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bc69f8f6-03c8-4468-a98a-f23fe40eeaef.roa
Signing time: Tue 19 May 2026 05:30:46 +0000
ROA not before: Tue 19 May 2026 05:30:46 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:0c:04:45:7f:9d:ca:92:79:bc:1b:bd:f2:53:6c:9d:71:2d:f2:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:30:46 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=eef44f1ac005fbe09ecc22a8deba2473ccf82bf23b7204147e7df3bc78c1dbe9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:09:7d:10:83:e0:d4:d6:4c:21:1a:3e:73:35:
e4:64:d2:39:de:f2:8e:58:8e:c9:ca:b6:a1:e7:3d:
6c:df:ed:34:ff:51:35:fe:b7:11:b2:a4:08:16:89:
e1:e9:ff:09:94:41:b2:bb:ae:ad:23:a4:74:ad:7a:
56:a0:32:e5:1c:91:96:e9:c0:4c:81:04:77:29:66:
82:2a:5d:ed:8e:f8:ad:a8:b3:23:a5:0b:8c:9c:59:
e8:b6:e1:4e:46:70:3b:bc:b4:dd:3e:85:33:28:4f:
84:d5:e6:d5:de:a9:e9:49:03:59:94:d7:60:b1:78:
64:cd:f7:5b:68:bb:8c:1e:7f:d9:38:c2:e3:1a:f0:
16:4b:22:03:f4:11:9c:f8:7e:0a:52:51:7d:33:7d:
b1:e9:c0:0c:d5:dd:61:ff:2b:e2:81:68:3b:1c:f8:
3a:99:c8:ef:28:5a:35:4f:6b:27:37:dc:56:94:03:
a6:0a:54:d6:b1:0f:a9:0b:1a:91:15:59:e0:4d:ad:
27:20:3a:9c:d1:d5:76:cc:ff:57:98:98:6d:78:de:
0f:23:02:f3:fa:cb:d2:78:33:38:99:52:61:f2:ea:
36:7e:04:91:db:ca:7b:89:61:bf:cf:93:a5:56:51:
9b:77:8b:0b:d7:d6:3d:87:98:d9:71:1b:e0:36:7d:
78:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:7C:71:0C:AA:7C:5B:84:99:FC:A8:AF:C9:94:3F:98:EF:61:B4:43
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bc69f8f6-03c8-4468-a98a-f23fe40eeaef.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:5000::/40
Signature Algorithm: sha256WithRSAEncryption
9e:8d:5e:9c:4c:de:2a:0d:ff:99:a2:eb:41:b3:f4:65:3b:09:
12:fc:d6:31:94:94:01:25:63:bf:1c:9f:0f:33:91:5b:e6:df:
6b:3e:47:fd:f3:2d:97:2d:83:4e:4d:98:59:a6:1f:37:80:21:
43:53:4d:b8:79:0d:18:1a:c4:97:f1:00:72:28:4a:aa:60:ad:
fe:36:b9:84:1f:bf:e6:35:44:86:34:a4:3a:df:3c:95:43:fd:
44:fa:9c:f6:ca:93:53:62:87:0a:11:ea:ac:86:0c:24:66:83:
89:da:30:19:7f:a4:05:cb:0a:bf:e0:04:3b:55:42:f2:f7:41:
f3:da:c6:9b:4b:40:13:38:fd:2b:35:09:3f:8d:0c:20:b6:08:
e9:3f:19:90:d2:b3:8c:f5:00:1e:b8:c4:ba:2e:90:8a:54:25:
89:66:be:ec:44:98:2c:b3:7d:b8:3b:dc:c8:99:d0:45:c4:8d:
d4:43:3d:88:87:d7:b7:39:f8:61:62:be:a3:dd:fd:86:20:1f:
48:c6:76:b9:4a:34:96:04:d1:fd:64:65:8b:16:55:0c:62:bb:
03:6f:5b:7e:e9:51:29:51:ca:fc:e8:38:99:bb:ea:ec:eb:5e:
fb:25:9d:53:b5:92:80:2c:10:85:29:92:c9:f7:ed:10:83:1a:
01:7d:df:1c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNwwERX+dypJ5vBu98lNsnXEt8uQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTMwNDZaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGVlZjQ0ZjFhYzAwNWZiZTA5ZWNjMjJhOGRlYmEyNDczY2NmODJiZjIzYjcy
MDQxNDdlN2RmM2JjNzhjMWRiZTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALAJfRCD4NTWTCEaPnM15GTSOd7yjliOycq2oec9bN/tNP9RNf63EbKkCBaJ
4en/CZRBsruurSOkdK16VqAy5RyRlunATIEEdylmgipd7Y74raizI6ULjJxZ6Lbh
TkZwO7y03T6FMyhPhNXm1d6p6UkDWZTXYLF4ZM33W2i7jB5/2TjC4xrwFksiA/QR
nPh+ClJRfTN9senADNXdYf8r4oFoOxz4OpnI7yhaNU9rJzfcVpQDpgpU1rEPqQsa
kRVZ4E2tJyA6nNHVdsz/V5iYbXjeDyMC8/rL0ngzOJlSYfLqNn4EkdvKe4lhv8+T
pVZRm3eLC9fWPYeY2XEb4DZ9eOsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTNfHEM
qnxbhJn8qK/JlD+Y72G0QzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmM2OWY4ZjYtMDNjOC00NDY4LWE5OGEtZjIzZmU0MGVlYWVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HFQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCejV6cTN4qDf+ZoutBs/RlOwkS/NYxlJQBJWO/
HJ8PM5Fb5t9rPkf98y2XLYNOTZhZph83gCFDU024eQ0YGsSX8QByKEqqYK3+NrmE
H7/mNUSGNKQ63zyVQ/1E+pz2ypNTYocKEeqshgwkZoOJ2jAZf6QFywq/4AQ7VULy
90Hz2sabS0ATOP0rNQk/jQwgtgjpPxmQ0rOM9QAeuMS6LpCKVCWJZr7sRJgss324
O9zImdBFxI3UQz2Ih9e3OfhhYr6j3f2GIB9Ixna5SjSWBNH9ZGWLFlUMYrsDb1t+
6VEpUcr86DiZu+rs6177JZ1TtZKALBCFKZLJ9+0QgxoBfd8c
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:24:13 2026 by rpki-client