Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c42c966b-1b62-4165-bbfb-62aaaca567ad.roa
File: c42c966b-1b62-4165-bbfb-62aaaca567ad.roa (raw, json)
Hash identifier: MgatXDMlJENYwQfYiB5Fcircgz9P4WlWM5udCWTiDT0=
Subject key identifier: D9:A9:BE:4B:33:24:59:00:58:3D:62:11:84:F2:AE:E1:EA:DA:EB:69
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6BADF9D619BB9911BA7786FA182D0AA02F9F1165
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c42c966b-1b62-4165-bbfb-62aaaca567ad.roa
Signing time: Fri 15 May 2026 03:50:05 +0000
ROA not before: Fri 15 May 2026 03:50:05 +0000
ROA not after: Thu 13 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:ad:f9:d6:19:bb:99:11:ba:77:86:fa:18:2d:0a:a0:2f:9f:11:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 15 03:50:05 2026 GMT
Not After : Aug 13 23:59:59 2026 GMT
Subject: serialNumber=e3a341779dbdbea4a39a4fb16fb69c232211961f7ad00494bd28fce8fb93427c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:97:e3:55:7d:05:68:ea:2e:92:c0:04:06:5d:
77:39:80:83:c8:06:54:78:c9:90:f7:7e:0b:28:3f:
72:b5:6a:d6:cd:02:e9:2c:0c:40:be:cb:76:be:bb:
42:58:ca:a7:86:1a:6e:ea:ac:28:0d:1c:15:d5:f9:
54:c0:2f:7e:84:48:cf:0c:24:7e:11:ff:14:74:19:
c6:1d:17:bb:a5:48:cc:9b:d4:3e:61:ba:d1:99:2b:
95:80:66:e3:90:79:b6:a6:c2:9e:94:fe:18:9d:af:
82:99:49:f3:19:b5:96:dc:d6:ba:44:43:f9:7b:91:
ee:92:79:d7:5a:c2:7f:aa:6e:bd:66:01:ca:22:8d:
f9:6a:85:7f:b5:d3:6b:3b:b4:75:6a:84:f7:11:c8:
a7:f1:6e:c5:6d:69:41:7d:1f:27:a1:b5:b0:0b:11:
1c:19:d7:d6:d0:77:96:4c:d7:e7:1e:0b:95:4b:56:
54:10:60:cb:3e:26:b5:a5:8b:50:4b:a2:20:df:35:
dc:b6:04:70:75:97:55:c6:00:87:ed:36:e6:6a:a7:
8b:53:bd:89:1f:86:5d:b3:fb:27:4c:94:ad:2c:46:
f4:14:8a:d6:5f:fa:f1:cf:14:f8:cd:9e:5b:91:a9:
4e:b5:62:2a:4f:4b:64:ce:8a:ed:60:09:55:1e:fd:
16:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:A9:BE:4B:33:24:59:00:58:3D:62:11:84:F2:AE:E1:EA:DA:EB:69
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c42c966b-1b62-4165-bbfb-62aaaca567ad.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077::/32
Signature Algorithm: sha256WithRSAEncryption
63:54:48:36:34:75:a7:86:c0:2d:b2:a5:de:a1:32:fd:2c:09:
4a:04:7a:5b:12:2e:d3:89:f9:c1:1f:c2:f9:c0:4e:08:ba:b7:
52:49:64:9c:ff:90:f4:a7:4a:f5:a1:66:6f:83:42:be:91:5c:
6d:49:c7:aa:9a:08:64:66:b2:fd:d9:e9:29:93:f9:0e:35:4c:
92:12:e9:f0:bf:fe:ce:1e:b2:81:09:6e:5f:d0:cb:ac:39:82:
9b:1a:75:f5:db:ba:90:9d:47:9b:db:eb:a2:3c:dd:59:e4:2f:
46:9d:44:50:8a:00:83:1b:9b:07:82:c5:3d:ac:a2:df:b9:4f:
92:f4:ba:94:b7:d7:f5:dd:55:7b:b1:68:ee:e0:24:41:85:a1:
89:18:84:22:bd:bb:77:c1:49:32:4d:79:1b:f4:a5:0d:b2:43:
32:dc:85:39:28:08:7d:56:37:00:b3:b8:eb:5f:18:a3:19:86:
a1:39:3d:55:dd:4b:03:47:be:10:3f:69:d4:2b:a0:ea:c4:92:
37:35:66:25:0a:3e:4e:7b:5a:a3:5d:53:d1:e5:b6:02:35:f3:
3b:da:31:35:50:bb:38:35:99:1d:85:f3:af:30:7b:5b:ac:19:
ad:ed:52:8c:34:3d:6b:d3:be:5a:ea:7b:c5:99:aa:39:6b:60:
fd:ee:90:5d
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUa6351hm7mRG6d4b6GC0KoC+fEWUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTUwMzUwMDVaFw0yNjA4MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGUzYTM0MTc3OWRiZGJlYTRhMzlhNGZiMTZmYjY5YzIzMjIxMTk2MWY3YWQw
MDQ5NGJkMjhmY2U4ZmI5MzQyN2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMKX41V9BWjqLpLABAZddzmAg8gGVHjJkPd+Cyg/crVq1s0C6SwMQL7Ldr67
QljKp4YabuqsKA0cFdX5VMAvfoRIzwwkfhH/FHQZxh0Xu6VIzJvUPmG60ZkrlYBm
45B5tqbCnpT+GJ2vgplJ8xm1ltzWukRD+XuR7pJ511rCf6puvWYByiKN+WqFf7XT
azu0dWqE9xHIp/FuxW1pQX0fJ6G1sAsRHBnX1tB3lkzX5x4LlUtWVBBgyz4mtaWL
UEuiIN813LYEcHWXVcYAh+025mqni1O9iR+GXbP7J0yUrSxG9BSK1l/68c8U+M2e
W5GpTrViKk9LZM6K7WAJVR79FocCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBTZqb5L
MyRZAFg9YhGE8q7h6trraTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzQyYzk2NmItMWI2Mi00MTY1LWJiZmItNjJhYWFjYTU2N2FkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0Hcw
DQYJKoZIhvcNAQELBQADggEBAGNUSDY0daeGwC2ypd6hMv0sCUoEelsSLtOJ+cEf
wvnATgi6t1JJZJz/kPSnSvWhZm+DQr6RXG1Jx6qaCGRmsv3Z6SmT+Q41TJIS6fC/
/s4esoEJbl/Qy6w5gpsadfXbupCdR5vb66I83VnkL0adRFCKAIMbmweCxT2sot+5
T5L0upS31/XdVXuxaO7gJEGFoYkYhCK9u3fBSTJNeRv0pQ2yQzLchTkoCH1WNwCz
uOtfGKMZhqE5PVXdSwNHvhA/adQroOrEkjc1ZiUKPk57WqNdU9HltgI18zvaMTVQ
uzg1mR2F868we1usGa3tUow0PWvTvlrqe8WZqjlrYP3ukF0=
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:24:13 2026 by rpki-client