Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c768f15e-576e-48c0-91d4-8446a6be70a8.roa
File: c768f15e-576e-48c0-91d4-8446a6be70a8.roa (raw, json)
Hash identifier: g0o3I8yLCuywICnhYxamltFRkQPINT6xZnpQLWNabK4=
Subject key identifier: 14:88:43:5C:6C:D5:29:24:0E:C8:E3:71:B8:0B:D4:A7:43:D6:35:88
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 76F0903E7A30A5E6EBE1C79DD89B315DDF1C9265
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c768f15e-576e-48c0-91d4-8446a6be70a8.roa
Signing time: Tue 19 May 2026 05:20:59 +0000
ROA not before: Tue 19 May 2026 05:20:59 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:e000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:f0:90:3e:7a:30:a5:e6:eb:e1:c7:9d:d8:9b:31:5d:df:1c:92:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:20:59 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=2e3f936bb5149725b71860c555bd42e6e28d8d3cd92b2ac430e2d77c12aa980a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:90:62:c1:b2:cc:6b:d0:03:9f:1b:8e:06:f8:
ed:2d:42:42:90:72:43:26:7b:f6:f1:6f:2b:18:e4:
cf:13:7c:70:7a:75:39:ce:2a:4d:a4:68:8d:cc:4b:
c0:5a:a2:e5:be:46:7b:3a:a2:36:c2:b9:57:64:38:
2e:83:60:ef:11:1b:69:fe:6a:7b:7b:7c:0f:1a:89:
5b:49:2c:5f:21:36:ed:7f:d1:75:5e:03:f5:65:68:
6d:b1:b0:e9:8b:cc:81:af:73:35:38:b7:38:f0:67:
03:d3:2b:d5:45:ca:64:10:a3:0a:17:e4:2a:1c:a8:
7f:c9:b4:6e:59:a5:c5:9b:f3:7d:bd:fa:a2:6e:1c:
a8:b2:55:43:be:f6:8b:ed:96:1f:df:93:7c:b9:83:
3f:af:e6:1d:f9:dc:9f:3a:ce:73:44:86:8f:5a:e1:
de:c7:d6:6b:5c:c9:56:c8:ed:82:1f:7a:fc:75:d7:
a9:08:90:3c:ce:2b:42:b2:94:9f:fd:9f:f8:12:ca:
da:3d:63:e1:e4:26:11:69:48:78:94:c8:5a:c8:a1:
b4:af:de:9a:fb:6e:e2:dc:e8:34:04:fe:6d:b8:a4:
e8:25:d2:16:86:3c:b5:c6:a8:2e:72:02:d6:44:33:
90:0e:41:55:c4:d5:0a:cb:fe:87:68:8c:1e:c5:bf:
78:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:88:43:5C:6C:D5:29:24:0E:C8:E3:71:B8:0B:D4:A7:43:D6:35:88
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c768f15e-576e-48c0-91d4-8446a6be70a8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:e000::/40
Signature Algorithm: sha256WithRSAEncryption
ba:dc:36:83:25:aa:8f:10:d3:6a:32:5c:3f:a4:48:68:e8:65:
ed:74:dd:2d:38:55:88:38:d8:32:d0:8a:29:e2:08:a4:11:09:
57:da:75:3e:6a:fd:3f:77:34:01:6f:1d:a9:da:1a:78:cf:3b:
08:ab:ac:69:bd:b9:ee:eb:a3:b4:59:93:bc:e4:f9:7d:c9:d5:
b9:a8:25:23:de:8e:49:7f:2b:f5:bf:9c:50:35:5e:90:3b:8e:
95:f3:88:40:36:d4:1b:47:6c:fa:a3:5d:18:ce:41:3a:f6:07:
78:e8:e1:7b:d5:be:ff:8d:7a:dd:a5:24:2c:1c:1d:3c:4e:f1:
7c:94:fd:21:7b:59:70:7f:65:00:98:1e:cd:17:09:0d:22:06:
1a:09:e4:ed:3f:72:97:e0:a9:65:71:43:d5:e4:21:4f:2d:2c:
a0:6f:e5:24:73:1c:5c:c4:60:de:64:96:36:34:0f:4c:03:4f:
5d:3e:34:eb:bd:a7:1c:37:b4:3e:93:af:17:a8:1b:14:93:ff:
14:e9:f8:8e:02:65:ba:0f:12:2c:24:c0:fa:b7:c0:04:47:60:
f0:82:0a:7b:d6:fd:d8:42:c1:78:1f:11:40:b4:dc:6d:e9:73:
b5:00:8b:50:f7:ab:17:4c:f0:4a:38:88:6e:87:00:6e:f8:d6:
54:49:86:03
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdvCQPnowpebr4ced2JsxXd8ckmUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTIwNTlaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDJlM2Y5MzZiYjUxNDk3MjViNzE4NjBjNTU1YmQ0MmU2ZTI4ZDhkM2NkOTJi
MmFjNDMwZTJkNzdjMTJhYTk4MGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ2QYsGyzGvQA58bjgb47S1CQpByQyZ79vFvKxjkzxN8cHp1Oc4qTaRojcxL
wFqi5b5GezqiNsK5V2Q4LoNg7xEbaf5qe3t8DxqJW0ksXyE27X/RdV4D9WVobbGw
6YvMga9zNTi3OPBnA9Mr1UXKZBCjChfkKhyof8m0blmlxZvzfb36om4cqLJVQ772
i+2WH9+TfLmDP6/mHfncnzrOc0SGj1rh3sfWa1zJVsjtgh96/HXXqQiQPM4rQrKU
n/2f+BLK2j1j4eQmEWlIeJTIWsihtK/emvtu4tzoNAT+bbik6CXSFoY8tcaoLnIC
1kQzkA5BVcTVCsv+h2iMHsW/eFcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQUiENc
bNUpJA7I43G4C9SnQ9Y1iDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Yzc2OGYxNWUtNTc2ZS00OGMwLTkxZDQtODQ0NmE2YmU3MGE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DLg
MA0GCSqGSIb3DQEBCwUAA4IBAQC63DaDJaqPENNqMlw/pEho6GXtdN0tOFWIONgy
0Iop4gikEQlX2nU+av0/dzQBbx2p2hp4zzsIq6xpvbnu66O0WZO85Pl9ydW5qCUj
3o5Jfyv1v5xQNV6QO46V84hANtQbR2z6o10YzkE69gd46OF71b7/jXrdpSQsHB08
TvF8lP0he1lwf2UAmB7NFwkNIgYaCeTtP3KX4KllcUPV5CFPLSygb+UkcxxcxGDe
ZJY2NA9MA09dPjTrvaccN7Q+k68XqBsUk/8U6fiOAmW6DxIsJMD6t8AER2Dwggp7
1v3YQsF4HxFAtNxt6XO1AItQ96sXTPBKOIhuhwBu+NZUSYYD
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:24:50 2026 by rpki-client