Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb8f4f37-fecd-4bc6-8edc-80be9f2fbeda.roa
File: cb8f4f37-fecd-4bc6-8edc-80be9f2fbeda.roa (raw, json)
Hash identifier: jV3GHcl881fb1IN1BAwdpFnEp6zL8GPedXqTDp4NBiE=
Subject key identifier: 39:7D:0F:F4:49:27:8E:A0:06:FC:07:A2:23:B3:90:19:A4:24:F7:18
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 21CEF338D2263E4D313B974E85DDF85F248F7E8B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb8f4f37-fecd-4bc6-8edc-80be9f2fbeda.roa
Signing time: Tue 19 May 2026 05:20:11 +0000
ROA not before: Tue 19 May 2026 05:20:11 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:c000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:ce:f3:38:d2:26:3e:4d:31:3b:97:4e:85:dd:f8:5f:24:8f:7e:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:20:11 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=4a2079cfb4555248f89e248cb0c194244b288509b2ea5f589bb2c9345700c921, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:30:8b:29:2b:76:73:ef:2e:a5:4a:a7:34:0f:
3a:89:74:86:44:0a:db:ee:3b:18:c9:d0:15:78:4a:
cb:b6:90:cd:c6:e7:0c:c7:0d:78:8c:d8:ec:89:ba:
2d:dc:31:17:d3:62:56:76:5b:f8:4e:80:5f:e1:a5:
52:1a:1e:eb:5f:73:02:d8:0b:80:d4:6f:ee:61:d6:
d2:f0:af:d5:8b:54:8c:c6:49:b0:15:3c:76:8d:9c:
e9:81:40:d4:ec:69:0a:91:ea:62:2c:70:39:1d:63:
e5:c8:43:77:d0:70:c3:9f:65:b0:b0:1f:57:cd:d1:
ca:85:cd:9b:8d:fa:5e:07:fe:4f:4c:20:dc:95:00:
aa:21:6b:6f:67:ad:c5:dd:2f:ab:eb:be:26:6f:1a:
e8:c0:6e:b8:f6:a5:e5:f1:1a:9b:08:6f:1d:4d:04:
3a:88:cc:ef:90:19:bb:52:47:3c:e9:bd:ee:9b:67:
2a:d1:73:f3:f1:86:56:dd:84:93:5c:58:52:fa:bb:
1e:08:07:e8:08:d2:21:8d:e8:e3:a4:10:ba:25:c8:
6b:87:eb:98:35:60:ab:2f:03:b5:73:10:11:f6:92:
84:a8:cd:b6:fe:4a:b5:83:ee:c8:26:7d:3a:3f:63:
c7:12:f9:e4:d2:5d:62:ae:27:7d:70:e2:34:1c:a6:
7a:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:7D:0F:F4:49:27:8E:A0:06:FC:07:A2:23:B3:90:19:A4:24:F7:18
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cb8f4f37-fecd-4bc6-8edc-80be9f2fbeda.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:c000::/40
Signature Algorithm: sha256WithRSAEncryption
3d:12:e9:5c:39:09:1a:ee:64:ba:c8:f1:cc:25:13:f8:fd:d0:
f4:66:8b:0f:00:57:14:78:d8:93:33:b9:ed:dc:5b:54:50:e9:
a1:69:e6:5e:b8:57:ed:32:ec:47:18:0e:46:37:56:d7:64:14:
97:6d:2d:8b:d1:cb:55:d0:be:62:e8:36:c5:84:f9:31:7c:66:
5e:27:46:94:2a:aa:d2:42:d0:46:9f:7f:e8:60:35:72:93:bc:
da:b0:dd:fa:5d:79:bf:e8:28:35:34:b3:f7:df:77:5c:7a:94:
1f:61:f5:8b:af:8f:bf:8c:35:06:e8:10:6e:a3:ac:fa:64:ba:
01:b9:54:0d:95:eb:6b:ba:a4:1a:90:67:05:5e:c5:83:f3:3a:
de:c5:86:20:65:5d:03:51:07:55:3f:91:12:4a:1c:b2:d2:df:
05:81:d4:b9:fc:32:3f:2c:8c:e9:cf:74:de:24:60:32:da:cc:
14:ff:f6:73:9f:d1:b9:c1:d2:6c:fe:86:c1:63:b1:fb:7a:4a:
48:7d:21:01:f2:25:1d:33:19:34:c7:5f:fc:39:ae:bf:07:ce:
bb:38:53:59:e3:cc:3a:0e:d6:41:3f:74:82:ee:ff:93:9a:65:
a9:0e:76:1c:92:63:c0:0a:5b:42:dc:5a:23:ee:7a:47:56:22:
9e:00:8b:02
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIc7zONImPk0xO5dOhd34XySPfoswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTIwMTFaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDRhMjA3OWNmYjQ1NTUyNDhmODllMjQ4Y2IwYzE5NDI0NGIyODg1MDliMmVh
NWY1ODliYjJjOTM0NTcwMGM5MjExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK0wiykrdnPvLqVKpzQPOol0hkQK2+47GMnQFXhKy7aQzcbnDMcNeIzY7Im6
LdwxF9NiVnZb+E6AX+GlUhoe619zAtgLgNRv7mHW0vCv1YtUjMZJsBU8do2c6YFA
1OxpCpHqYixwOR1j5chDd9Bww59lsLAfV83RyoXNm436Xgf+T0wg3JUAqiFrb2et
xd0vq+u+Jm8a6MBuuPal5fEamwhvHU0EOojM75AZu1JHPOm97ptnKtFz8/GGVt2E
k1xYUvq7HggH6AjSIY3o46QQuiXIa4frmDVgqy8DtXMQEfaShKjNtv5KtYPuyCZ9
Oj9jxxL55NJdYq4nfXDiNBymep0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ5fQ/0
SSeOoAb8B6Ijs5AZpCT3GDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2I4ZjRmMzctZmVjZC00YmM2LThlZGMtODBiZTlmMmZiZWRhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DrA
MA0GCSqGSIb3DQEBCwUAA4IBAQA9EulcOQka7mS6yPHMJRP4/dD0ZosPAFcUeNiT
M7nt3FtUUOmhaeZeuFftMuxHGA5GN1bXZBSXbS2L0ctV0L5i6DbFhPkxfGZeJ0aU
KqrSQtBGn3/oYDVyk7zasN36XXm/6Cg1NLP333dcepQfYfWLr4+/jDUG6BBuo6z6
ZLoBuVQNletruqQakGcFXsWD8zrexYYgZV0DUQdVP5ESShyy0t8FgdS5/DI/LIzp
z3TeJGAy2swU//Zzn9G5wdJs/obBY7H7ekpIfSEB8iUdMxk0x1/8Oa6/B867OFNZ
48w6DtZBP3SC7v+TmmWpDnYckmPACltC3Foj7npHViKeAIsC
-----END CERTIFICATE-----
Generated at Sat Jun 13 11:34:07 2026 by rpki-client