Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c3736673-707b-4dfc-aca4-88dcbb52a94d.roa
File: c3736673-707b-4dfc-aca4-88dcbb52a94d.roa (raw, json)
Hash identifier: PZKeAf9bvCVwrhvLyD0XyEnroKpuKPfyEl8w3FoKsYU=
Subject key identifier: 6B:94:AC:6E:CD:50:42:9E:B2:08:36:E9:0A:77:D4:9C:7E:D7:61:C2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 76ED2C320AB15CCB3956F7CF06BBE068F7BA33C3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c3736673-707b-4dfc-aca4-88dcbb52a94d.roa
Signing time: Sun 17 May 2026 02:00:02 +0000
ROA not before: Sun 17 May 2026 02:00:02 +0000
ROA not after: Sat 15 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d078:800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:ed:2c:32:0a:b1:5c:cb:39:56:f7:cf:06:bb:e0:68:f7:ba:33:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 17 02:00:02 2026 GMT
Not After : Aug 15 23:59:59 2026 GMT
Subject: serialNumber=f964408fd5f3c4ce026b36db44f03cdac68e6a1e7bff480e3d2f6a91f62a7b8b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:6f:84:cc:32:3b:b0:89:5c:34:7d:5f:f0:12:
c7:2c:94:40:de:e6:c8:a6:f1:5e:ae:f2:be:c5:a2:
63:41:6d:62:82:f4:70:9a:dd:4e:bc:13:df:ab:1b:
01:1a:44:3b:3d:63:36:49:60:53:6f:81:1d:e0:da:
28:40:e3:25:33:a9:05:97:52:7e:6c:74:29:5a:99:
03:6b:38:02:5f:cc:2b:46:ed:8f:f6:f6:2d:46:5c:
91:8b:3b:e6:3c:95:59:9c:19:0d:a9:4d:ea:fd:a6:
e9:7d:d7:d3:9e:1b:e0:a2:b5:5c:cc:6d:fb:ba:f7:
8e:05:97:13:3b:56:cc:48:83:e0:ae:7e:a4:f1:b3:
55:1c:b6:d9:4b:cf:93:d4:d6:46:ce:5e:c5:ba:bf:
0d:ce:59:e4:07:7d:b6:a8:a8:74:d3:dc:6d:d1:13:
25:99:ca:ec:2e:a0:33:46:76:25:3e:6b:ae:b9:91:
76:a8:11:4c:9b:07:e3:18:eb:62:0f:30:d7:9a:fd:
e3:4b:e8:e1:95:2b:9c:77:6c:09:5f:5c:be:ab:01:
62:2d:16:84:77:82:43:b8:3e:50:88:53:7d:b6:fa:
9d:0a:ef:1a:8f:da:ba:21:0d:2e:cf:45:e7:9d:87:
aa:12:9d:ec:6d:0d:55:61:92:fe:b7:05:67:f9:8c:
e3:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:94:AC:6E:CD:50:42:9E:B2:08:36:E9:0A:77:D4:9C:7E:D7:61:C2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c3736673-707b-4dfc-aca4-88dcbb52a94d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d078:800::/40
Signature Algorithm: sha256WithRSAEncryption
94:51:59:88:5e:94:1a:87:14:22:dd:1f:18:2d:80:6f:8b:b3:
50:7a:af:76:75:71:fe:75:d0:ae:62:81:c7:5f:bc:70:0d:59:
35:38:ef:7c:8f:6a:2c:12:34:31:d6:2c:d7:65:ab:55:ed:29:
90:39:2f:94:c1:a1:f3:e4:ab:77:c3:52:d0:c4:6f:a2:9b:3d:
71:3a:b2:96:6a:3c:39:cd:0b:86:47:30:47:4e:cd:b0:27:58:
56:43:b0:40:f2:2e:3a:6c:da:53:f9:1b:b9:c9:a0:1c:35:45:
1b:4e:6f:a3:64:91:0d:53:da:4a:7d:e6:3a:bf:48:89:bd:d5:
c2:f7:e9:85:83:75:a1:6c:fb:a6:fb:b4:e4:0f:b3:30:84:6f:
fe:89:9a:4c:9a:84:bf:93:0a:2c:df:b6:82:1b:13:b6:66:d8:
ab:eb:7d:dc:3d:75:80:34:fb:29:87:b1:2d:44:97:b6:53:65:
84:d2:a4:ac:97:b9:18:0a:05:e8:a7:2e:28:fe:49:41:ad:89:
48:6a:27:7b:e3:31:f4:21:0d:35:fd:a2:dd:9c:f3:f6:83:34:
c0:69:0a:a2:2f:c0:5c:27:89:d6:c5:16:f7:a1:c5:a8:53:17:
c8:a1:0b:58:6a:d7:7d:bf:e9:f9:66:21:14:81:12:1c:8c:5e:
41:d3:c3:11
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdu0sMgqxXMs5VvfPBrvgaPe6M8MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTcwMjAwMDJaFw0yNjA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGY5NjQ0MDhmZDVmM2M0Y2UwMjZiMzZkYjQ0ZjAzY2RhYzY4ZTZhMWU3YmZm
NDgwZTNkMmY2YTkxZjYyYTdiOGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKFvhMwyO7CJXDR9X/ASxyyUQN7myKbxXq7yvsWiY0FtYoL0cJrdTrwT36sb
ARpEOz1jNklgU2+BHeDaKEDjJTOpBZdSfmx0KVqZA2s4Al/MK0btj/b2LUZckYs7
5jyVWZwZDalN6v2m6X3X054b4KK1XMxt+7r3jgWXEztWzEiD4K5+pPGzVRy22UvP
k9TWRs5exbq/Dc5Z5Ad9tqiodNPcbdETJZnK7C6gM0Z2JT5rrrmRdqgRTJsH4xjr
Yg8w15r940vo4ZUrnHdsCV9cvqsBYi0WhHeCQ7g+UIhTfbb6nQrvGo/auiENLs9F
552HqhKd7G0NVWGS/rcFZ/mM4+cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRrlKxu
zVBCnrIINukKd9ScftdhwjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzM3MzY2NzMtNzA3Yi00ZGZjLWFjYTQtODhkY2JiNTJhOTRkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HgI
MA0GCSqGSIb3DQEBCwUAA4IBAQCUUVmIXpQahxQi3R8YLYBvi7NQeq92dXH+ddCu
YoHHX7xwDVk1OO98j2osEjQx1izXZatV7SmQOS+UwaHz5Kt3w1LQxG+imz1xOrKW
ajw5zQuGRzBHTs2wJ1hWQ7BA8i46bNpT+Ru5yaAcNUUbTm+jZJENU9pKfeY6v0iJ
vdXC9+mFg3WhbPum+7TkD7MwhG/+iZpMmoS/kwos37aCGxO2Ztir633cPXWANPsp
h7EtRJe2U2WE0qSsl7kYCgXopy4o/klBrYlIaid74zH0IQ01/aLdnPP2gzTAaQqi
L8BcJ4nWxRb3ocWoUxfIoQtYatd9v+n5ZiEUgRIcjF5B08MR
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:00:05 2026 by rpki-client