Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c3f4b0e0-df6d-481a-8d75-7709e545d1e8.roa
File: c3f4b0e0-df6d-481a-8d75-7709e545d1e8.roa (raw, json)
Hash identifier: Z34tmKvata0uox+ZNDYiGJp3m+R6dlTpd8n1SwSs5T8=
Subject key identifier: C5:D7:FD:17:A4:89:C9:21:14:BD:9E:CF:39:08:B9:E8:EB:B6:56:A7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 76058397C122C3A401BA5234BD22C9C6B1595330
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c3f4b0e0-df6d-481a-8d75-7709e545d1e8.roa
Signing time: Tue 19 May 2026 05:20:38 +0000
ROA not before: Tue 19 May 2026 05:20:38 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:2000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:05:83:97:c1:22:c3:a4:01:ba:52:34:bd:22:c9:c6:b1:59:53:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:20:38 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=d580d57b51583c74b8dfdad08bf3c705462d60fb29625265821671c46e051f92, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:06:34:ef:60:cd:68:4f:5b:48:f1:4e:ac:8a:
61:53:0c:4a:fb:d0:ca:71:c8:fd:0d:4a:9b:e5:5d:
0f:3a:71:89:c6:d0:0e:66:01:49:65:2a:fa:21:7a:
1b:07:8f:22:fb:24:c6:45:8e:9b:ed:9b:39:ab:2c:
d3:b2:a1:26:ce:89:b9:b3:74:f9:13:48:7e:2e:d0:
f4:90:6f:4f:c5:5c:67:f5:dc:f8:50:e3:94:58:df:
de:9f:07:e2:3a:8f:1a:ef:28:8a:56:c7:ac:3a:3a:
88:83:5f:0e:3a:55:ec:76:ed:c0:ae:1e:b9:cb:4a:
c9:99:9e:e1:cb:42:91:9c:7d:ab:43:01:d7:eb:f4:
51:1b:12:ef:21:a7:41:c6:4e:38:ac:05:cd:f8:d5:
86:33:c2:e3:3b:24:bc:d1:72:2e:55:52:f1:6d:cb:
69:5f:e9:84:cc:8a:b1:89:ca:9f:16:a3:b6:bb:58:
60:c9:be:9d:6d:85:5d:08:29:e4:d6:fa:44:eb:0d:
60:3d:e9:72:21:2b:1f:9a:d9:ea:70:39:01:d2:3b:
3a:75:3c:80:a5:f4:18:62:1a:3d:e4:29:34:e4:84:
53:c4:d0:48:5e:f9:1c:ba:d3:22:e7:ed:ad:76:fa:
1c:a7:82:15:eb:08:55:5c:23:07:78:fb:22:02:10:
5b:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:D7:FD:17:A4:89:C9:21:14:BD:9E:CF:39:08:B9:E8:EB:B6:56:A7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c3f4b0e0-df6d-481a-8d75-7709e545d1e8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:2000::/40
Signature Algorithm: sha256WithRSAEncryption
22:65:3f:02:7a:76:bb:c6:d7:b3:b3:01:ce:32:f8:b8:a4:e1:
3f:2b:02:0f:e8:ba:df:52:6a:63:09:41:dc:0c:dc:d4:13:ac:
e5:29:c2:a2:08:4b:9b:29:7a:5b:3c:fe:cc:22:85:1e:a1:f9:
63:49:14:9a:5c:d6:47:e6:a1:22:0d:c3:40:47:2f:44:ac:24:
28:5f:17:4d:f3:fb:c6:e1:e3:2f:fd:64:f1:25:e0:98:67:5f:
07:cb:a2:7b:dc:de:d9:60:d1:14:75:e7:aa:71:93:82:56:ce:
a4:16:73:84:c0:84:08:1c:89:61:f8:f9:0b:71:85:3a:bb:60:
7e:e6:f0:ce:c3:63:b2:e8:62:60:94:ad:cf:af:f7:9b:d8:e2:
00:80:e6:d7:6b:3c:f7:39:0f:ce:60:d0:28:a9:3b:c6:5f:96:
06:8d:01:13:13:e6:8a:2e:54:62:57:93:54:14:f8:a1:d9:ab:
cd:96:97:5d:f5:68:55:1c:fb:97:0b:1d:4a:15:ca:e9:be:7a:
06:59:19:81:54:ce:9e:d9:99:ab:00:ce:00:45:72:7c:48:23:
37:79:af:f9:9f:fc:11:2d:5f:e3:b7:fb:6c:56:f5:51:3e:1f:
6b:06:13:2a:0b:f7:90:11:00:0f:c3:de:13:95:a4:7d:f8:42:
dd:9f:ed:77
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdgWDl8Eiw6QBulI0vSLJxrFZUzAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTIwMzhaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ1ODBkNTdiNTE1ODNjNzRiOGRmZGFkMDhiZjNjNzA1NDYyZDYwZmIyOTYy
NTI2NTgyMTY3MWM0NmUwNTFmOTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALEGNO9gzWhPW0jxTqyKYVMMSvvQynHI/Q1Km+VdDzpxicbQDmYBSWUq+iF6
GwePIvskxkWOm+2bOass07KhJs6JubN0+RNIfi7Q9JBvT8VcZ/Xc+FDjlFjf3p8H
4jqPGu8oilbHrDo6iINfDjpV7HbtwK4euctKyZme4ctCkZx9q0MB1+v0URsS7yGn
QcZOOKwFzfjVhjPC4zskvNFyLlVS8W3LaV/phMyKsYnKnxajtrtYYMm+nW2FXQgp
5Nb6ROsNYD3pciErH5rZ6nA5AdI7OnU8gKX0GGIaPeQpNOSEU8TQSF75HLrTIuft
rXb6HKeCFesIVVwjB3j7IgIQW5cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTF1/0X
pInJIRS9ns85CLno67ZWpzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzNmNGIwZTAtZGY2ZC00ODFhLThkNzUtNzcwOWU1NDVkMWU4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HIg
MA0GCSqGSIb3DQEBCwUAA4IBAQAiZT8Cena7xtezswHOMvi4pOE/KwIP6LrfUmpj
CUHcDNzUE6zlKcKiCEubKXpbPP7MIoUeofljSRSaXNZH5qEiDcNARy9ErCQoXxdN
8/vG4eMv/WTxJeCYZ18Hy6J73N7ZYNEUdeeqcZOCVs6kFnOEwIQIHIlh+PkLcYU6
u2B+5vDOw2Oy6GJglK3Pr/eb2OIAgObXazz3OQ/OYNAoqTvGX5YGjQETE+aKLlRi
V5NUFPih2avNlpdd9WhVHPuXCx1KFcrpvnoGWRmBVM6e2ZmrAM4ARXJ8SCM3ea/5
n/wRLV/jt/tsVvVRPh9rBhMqC/eQEQAPw94TlaR9+ELdn+13
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:11:45 2026 by rpki-client