Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb352ba2-1c61-4993-802d-895dc73880c2.roa
File: cb352ba2-1c61-4993-802d-895dc73880c2.roa (raw, json)
Hash identifier: 6eBviQ1/GSptFhcR7x2+QtsIV16AFiVksTUwuI7aNUQ=
Subject key identifier: C3:A5:54:CF:DD:58:BF:53:9E:0A:5F:07:2A:68:E5:31:4F:A4:A1:0D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7C71511C8E5C6BD5F64CF0176C686F297D6D9392
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb352ba2-1c61-4993-802d-895dc73880c2.roa
Signing time: Sun 17 May 2026 02:00:06 +0000
ROA not before: Sun 17 May 2026 02:00:06 +0000
ROA not after: Sat 15 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:71:51:1c:8e:5c:6b:d5:f6:4c:f0:17:6c:68:6f:29:7d:6d:93:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 17 02:00:06 2026 GMT
Not After : Aug 15 23:59:59 2026 GMT
Subject: serialNumber=5ddf083f00f65bed5c46beda9b077c2f3bf87115d62ff9bb4257ab60db540088, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:1b:ed:f3:70:ec:38:7d:e2:98:e9:e4:5c:62:
59:64:a6:62:3c:05:10:28:ce:7c:cf:24:51:66:37:
e5:02:9f:00:bb:b5:09:7c:99:da:6f:95:83:7c:bb:
07:d0:9c:9d:13:bd:2c:f1:cf:ac:58:dd:17:3a:0a:
db:09:bd:48:ae:9b:a4:72:84:69:20:61:a0:2a:eb:
9c:60:71:43:12:ae:74:a7:67:fb:b7:5d:65:de:82:
77:f0:60:32:bb:c7:f2:a1:69:c1:ae:94:6d:e3:4d:
08:26:f9:6f:fd:b3:4a:cd:0b:d0:56:f0:cf:d3:e1:
4c:43:db:cf:67:ac:c4:06:69:0c:87:6c:eb:e3:32:
67:a8:11:6a:60:c0:11:07:56:96:91:1e:20:2d:d0:
be:78:19:2d:c2:0a:68:22:64:15:29:8d:46:40:69:
21:dd:98:d4:b5:07:b4:24:b6:21:4c:cc:88:05:65:
d8:68:86:26:d2:0c:fc:28:bc:f0:fb:16:5e:31:d4:
60:4a:16:d4:f6:aa:53:65:1d:27:5a:59:a3:c5:18:
73:f3:6e:fd:8a:ad:f6:28:cc:db:b4:d1:a5:66:31:
06:cf:d4:9c:65:07:8d:1d:7c:12:90:84:69:83:79:
da:be:5b:6d:83:af:39:20:6a:a7:96:5a:0e:75:2c:
09:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:A5:54:CF:DD:58:BF:53:9E:0A:5F:07:2A:68:E5:31:4F:A4:A1:0D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb352ba2-1c61-4993-802d-895dc73880c2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:800::/40
Signature Algorithm: sha256WithRSAEncryption
8d:91:39:43:07:36:4d:4c:15:78:2d:68:b0:da:61:db:ed:fb:
86:4b:79:71:58:bf:64:4b:71:13:fd:3e:ae:6b:d8:3c:cf:e3:
20:52:0b:a3:98:91:ac:e9:7b:af:26:fd:da:d3:80:73:69:14:
c3:8b:c6:7c:ca:54:6d:fc:f7:5e:7a:dc:38:85:09:ed:7d:f9:
9c:02:df:05:75:e0:9b:64:9f:eb:e6:78:ab:44:91:08:44:5b:
44:27:88:67:de:73:59:cf:88:25:bd:5f:36:fa:94:5c:aa:9f:
aa:bf:75:d5:09:2e:c9:0f:bf:52:a9:a6:a5:cc:1d:a8:26:6d:
99:14:bf:59:c0:74:53:f0:9c:67:ad:19:55:27:6d:1c:e3:b8:
e9:65:16:32:7c:14:7f:d8:14:4a:5c:c4:d7:f8:8a:00:ab:5e:
98:90:25:ff:46:93:be:34:be:ab:72:08:05:21:ee:dd:6e:1d:
59:90:4f:e4:b7:17:a7:66:82:41:c8:2f:07:1a:da:66:31:e5:
9c:fe:79:5b:3a:bf:0c:ae:65:94:4e:f0:bf:cd:ee:a2:c3:32:
25:ee:46:10:0d:16:67:b0:68:51:91:fb:c5:07:8e:25:64:66:
2d:aa:69:26:f2:5b:71:b3:24:0f:90:23:2d:cc:50:84:5a:90:
66:16:1b:82
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfHFRHI5ca9X2TPAXbGhvKX1tk5IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTcwMjAwMDZaFw0yNjA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDVkZGYwODNmMDBmNjViZWQ1YzQ2YmVkYTliMDc3YzJmM2JmODcxMTVkNjJm
ZjliYjQyNTdhYjYwZGI1NDAwODgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM0b7fNw7Dh94pjp5FxiWWSmYjwFECjOfM8kUWY35QKfALu1CXyZ2m+Vg3y7
B9CcnRO9LPHPrFjdFzoK2wm9SK6bpHKEaSBhoCrrnGBxQxKudKdn+7ddZd6Cd/Bg
MrvH8qFpwa6UbeNNCCb5b/2zSs0L0Fbwz9PhTEPbz2esxAZpDIds6+MyZ6gRamDA
EQdWlpEeIC3QvngZLcIKaCJkFSmNRkBpId2Y1LUHtCS2IUzMiAVl2GiGJtIM/Ci8
8PsWXjHUYEoW1PaqU2UdJ1pZo8UYc/Nu/Yqt9ijM27TRpWYxBs/UnGUHjR18EpCE
aYN52r5bbYOvOSBqp5ZaDnUsCb0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTDpVTP
3Vi/U54KXwcqaOUxT6ShDTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2IzNTJiYTItMWM2MS00OTkzLTgwMmQtODk1ZGM3Mzg4MGMyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DYI
MA0GCSqGSIb3DQEBCwUAA4IBAQCNkTlDBzZNTBV4LWiw2mHb7fuGS3lxWL9kS3ET
/T6ua9g8z+MgUgujmJGs6XuvJv3a04BzaRTDi8Z8ylRt/Pdeetw4hQntffmcAt8F
deCbZJ/r5nirRJEIRFtEJ4hn3nNZz4glvV82+pRcqp+qv3XVCS7JD79SqaalzB2o
Jm2ZFL9ZwHRT8JxnrRlVJ20c47jpZRYyfBR/2BRKXMTX+IoAq16YkCX/RpO+NL6r
cggFIe7dbh1ZkE/ktxenZoJByC8HGtpmMeWc/nlbOr8MrmWUTvC/ze6iwzIl7kYQ
DRZnsGhRkfvFB44lZGYtqmkm8ltxsyQPkCMtzFCEWpBmFhuC
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:12:39 2026 by rpki-client