Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ca2a6462-f06a-427f-bb4a-06d3ea6a933a.roa
File: ca2a6462-f06a-427f-bb4a-06d3ea6a933a.roa (raw, json)
Hash identifier: ZHr+pWRadRrwH1cbq5kzFL5+pn1dUBWTRuJdKO6s+Ok=
Subject key identifier: C8:B0:74:14:12:8F:02:7B:48:BF:48:0F:3C:AA:F3:F2:93:9C:85:79
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1383337E4741E1AAE6C251283B6ECDD027B8A597
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ca2a6462-f06a-427f-bb4a-06d3ea6a933a.roa
Signing time: Sun 31 May 2026 01:11:06 +0000
ROA not before: Sun 31 May 2026 01:11:06 +0000
ROA not after: Sat 29 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07d:2080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:83:33:7e:47:41:e1:aa:e6:c2:51:28:3b:6e:cd:d0:27:b8:a5:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 31 01:11:06 2026 GMT
Not After : Aug 29 23:59:59 2026 GMT
Subject: serialNumber=7ddd62005ee9a4c52528458fe918e00605fa28f22da2fe49e0340baa5da137ed, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:67:95:0d:26:29:d9:b5:27:76:fe:6e:00:33:
e6:df:65:fc:8e:4f:45:9f:99:a5:dc:7e:97:b8:5d:
28:7e:06:78:f0:91:51:c0:16:7b:fc:4c:62:09:16:
6d:ad:45:f1:c9:b4:81:8f:18:25:f8:1f:25:82:cf:
3a:8b:7b:38:b6:31:80:f3:fa:28:a2:90:20:86:30:
4d:83:61:90:c2:20:e1:3b:50:56:94:b6:79:74:45:
c4:65:10:f6:0a:b3:f6:95:03:00:8b:60:1d:8f:86:
f2:f6:1f:b0:a3:97:9f:44:9a:30:f1:98:0e:25:f8:
be:04:38:c6:23:fc:12:bd:0d:8e:7d:8d:8a:77:30:
22:ca:8f:76:23:90:64:b8:3a:6e:45:f4:d7:65:61:
c2:2f:f2:7e:a5:28:76:8b:ff:ed:02:e7:37:93:f9:
f0:3d:64:8e:51:ec:19:b4:a4:dd:d4:d9:6c:8e:43:
88:5e:2d:93:bd:df:0e:7b:89:9f:89:a2:c3:16:88:
84:02:99:95:a1:64:a5:c8:03:19:93:4e:bf:67:95:
79:54:32:5f:f6:16:43:b8:ae:9e:41:0e:a1:fe:07:
57:bf:c7:ac:ba:96:76:eb:43:11:be:ba:e6:40:7c:
e8:2d:e6:47:a3:14:6f:da:d1:b2:42:d6:35:2b:d9:
4c:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:B0:74:14:12:8F:02:7B:48:BF:48:0F:3C:AA:F3:F2:93:9C:85:79
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ca2a6462-f06a-427f-bb4a-06d3ea6a933a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07d:2080::/48
Signature Algorithm: sha256WithRSAEncryption
7f:ff:ea:9c:33:53:f0:2d:36:47:8f:0f:69:d6:ab:9f:77:a5:
50:5f:13:96:88:e1:c0:ce:24:c5:23:a7:c6:60:7b:e5:b1:a1:
6a:a6:fb:07:05:e3:5f:1b:d7:65:db:0a:01:bb:72:0c:b8:ec:
f1:e2:96:9a:bd:dd:18:cc:a4:4c:87:7e:40:19:c4:d7:00:c1:
b7:dc:f2:db:ce:d1:cf:6e:57:a3:c9:7b:be:c3:b5:c3:d4:41:
55:35:5d:38:a9:87:9e:fb:90:a9:9e:90:80:bf:06:09:03:90:
6e:7c:10:0a:e8:0d:e4:fa:9b:26:43:3b:0e:0a:7b:4f:fa:78:
7a:af:45:bb:1a:4f:18:b9:26:e7:40:ad:a0:0d:ad:2b:a0:80:
f0:17:fb:de:58:b9:23:4c:bc:77:f8:a9:57:5b:c2:89:67:9c:
c3:42:48:bc:ce:85:c3:36:98:b0:37:d9:32:a4:a6:b0:4f:f5:
b4:40:53:43:28:1b:be:c1:cb:04:73:f6:02:a7:aa:13:30:64:
55:01:4b:fb:ad:a0:46:20:f8:8c:e4:68:50:68:15:9a:e4:5c:
93:f1:ac:53:ca:2c:41:9b:fd:28:d9:3e:be:0b:2e:93:ce:ce:
21:53:19:92:65:43:e8:54:20:46:c8:a6:b2:20:57:72:8d:6f:
bf:b9:67:c2
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUE4MzfkdB4armwlEoO27N0Ce4pZcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MzEwMTExMDZaFw0yNjA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDdkZGQ2MjAwNWVlOWE0YzUyNTI4NDU4ZmU5MThlMDA2MDVmYTI4ZjIyZGEy
ZmU0OWUwMzQwYmFhNWRhMTM3ZWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKdnlQ0mKdm1J3b+bgAz5t9l/I5PRZ+Zpdx+l7hdKH4GePCRUcAWe/xMYgkW
ba1F8cm0gY8YJfgfJYLPOot7OLYxgPP6KKKQIIYwTYNhkMIg4TtQVpS2eXRFxGUQ
9gqz9pUDAItgHY+G8vYfsKOXn0SaMPGYDiX4vgQ4xiP8Er0Njn2NincwIsqPdiOQ
ZLg6bkX012Vhwi/yfqUodov/7QLnN5P58D1kjlHsGbSk3dTZbI5DiF4tk73fDnuJ
n4miwxaIhAKZlaFkpcgDGZNOv2eVeVQyX/YWQ7iunkEOof4HV7/HrLqWdutDEb66
5kB86C3mR6MUb9rRskLWNSvZTAMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTIsHQU
Eo8Ce0i/SA88qvPyk5yFeTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2EyYTY0NjItZjA2YS00MjdmLWJiNGEtMDZkM2VhNmE5MzNhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H0g
gDANBgkqhkiG9w0BAQsFAAOCAQEAf//qnDNT8C02R48Padarn3elUF8TlojhwM4k
xSOnxmB75bGhaqb7BwXjXxvXZdsKAbtyDLjs8eKWmr3dGMykTId+QBnE1wDBt9zy
287Rz25Xo8l7vsO1w9RBVTVdOKmHnvuQqZ6QgL8GCQOQbnwQCugN5PqbJkM7Dgp7
T/p4eq9FuxpPGLkm50CtoA2tK6CA8Bf73li5I0y8d/ipV1vCiWecw0JIvM6FwzaY
sDfZMqSmsE/1tEBTQygbvsHLBHP2AqeqEzBkVQFL+62gRiD4jORoUGgVmuRck/Gs
U8osQZv9KNk+vgsuk87OIVMZkmVD6FQgRsimsiBXco1vv7lnwg==
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:24:22 2026 by rpki-client