Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cda3712d-34a6-428d-a694-19bab377c44e.roa
File: cda3712d-34a6-428d-a694-19bab377c44e.roa (raw, json)
Hash identifier: BvYUebE7q6ATEG9WXp7SXONPjCwFHsXJXuHJT9x3CI4=
Subject key identifier: B7:68:AD:19:20:44:F7:9A:1D:F6:02:27:B3:6A:7B:E7:70:CC:4C:FB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 107158EF4131726ACA350CA2829C5713C65D3D09
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cda3712d-34a6-428d-a694-19bab377c44e.roa
Signing time: Tue 19 May 2026 05:20:24 +0000
ROA not before: Tue 19 May 2026 05:20:24 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01e::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:71:58:ef:41:31:72:6a:ca:35:0c:a2:82:9c:57:13:c6:5d:3d:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:20:24 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=d39996a1180cabbef6eb2a81699ba4e89fa8016878226ac38f98365bd913ac3d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:0b:95:73:37:f1:f7:69:98:ff:b2:c6:18:f5:
69:a9:4e:83:ce:02:a5:c5:7c:1f:30:0a:5d:9e:ee:
01:31:b7:63:61:5b:25:6f:36:77:a1:62:ca:63:c0:
67:2d:ae:ab:d2:e0:77:86:94:fa:a0:9d:86:57:03:
f8:c9:cc:fc:10:0f:89:d5:fa:96:a6:a3:6b:b7:87:
d8:4f:23:8a:ba:31:39:b7:a2:50:84:a6:0b:e3:24:
a3:64:17:ce:80:a9:6a:5f:72:0a:bf:81:07:0f:35:
ef:d8:7c:80:25:5a:4b:38:c9:66:eb:1e:77:14:0b:
74:59:dd:02:75:72:36:82:9c:8d:8f:fa:e5:92:b0:
77:b8:9f:77:64:f3:5c:bb:d8:c2:21:2b:69:02:f4:
a1:bd:58:ba:10:27:bc:1a:7d:4c:f9:98:90:94:04:
4c:69:8a:79:f5:92:56:72:53:1e:63:3f:2d:c0:05:
fb:88:cb:47:78:5c:d7:2e:55:22:ab:96:52:46:d9:
6e:e5:99:2a:06:26:25:0b:8c:e0:fd:f6:65:71:6b:
4b:18:77:dd:56:a4:38:bb:01:f8:e8:a8:11:32:75:
50:5f:f7:6f:7e:fa:02:18:e4:23:b2:c4:2c:1a:88:
84:dd:65:43:be:4c:25:d6:e2:22:8d:e3:51:08:a8:
a3:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:68:AD:19:20:44:F7:9A:1D:F6:02:27:B3:6A:7B:E7:70:CC:4C:FB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cda3712d-34a6-428d-a694-19bab377c44e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01e::/38
Signature Algorithm: sha256WithRSAEncryption
3d:1a:8c:17:7b:74:e3:93:3e:ed:e3:a4:4e:9f:89:4d:75:92:
07:9f:78:61:54:38:87:81:21:1b:f2:c8:a7:c5:4a:e7:b5:8f:
0c:ed:21:6c:30:ff:3b:ea:60:ea:e7:a0:49:95:9a:cb:32:47:
f7:a8:e9:b1:a2:13:bf:36:fd:78:9b:7b:4a:f4:17:43:87:4e:
9a:dd:c5:e2:0e:78:a6:4d:08:68:c7:e1:ad:69:b6:89:e8:e0:
7b:38:4d:3d:86:e2:81:90:ec:cb:5b:d3:c7:4e:aa:81:ac:92:
ae:df:e6:74:06:3b:97:0e:b5:23:94:dc:9b:97:34:dc:f0:34:
6c:e5:d6:49:a9:25:3d:b6:2d:9b:37:41:c5:d8:43:fb:8e:ad:
4e:f4:6b:ac:54:6e:a0:13:96:00:78:84:96:4c:ec:4f:90:41:
c5:4f:02:32:65:37:cf:48:db:7c:5e:e0:47:34:ac:65:dc:70:
8b:d2:87:78:43:45:f9:39:41:5d:53:94:cf:67:52:13:3e:25:
ce:6e:ff:90:68:6e:dd:2c:57:82:76:3e:c4:30:61:74:39:73:
53:12:79:a2:7d:fb:9a:ac:42:6d:9e:36:8b:b4:c1:22:9d:c8:
de:63:61:31:53:85:25:97:16:ad:16:a9:24:e3:e8:f3:be:f6:
3c:38:99:91
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEHFY70ExcmrKNQyigpxXE8ZdPQkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTIwMjRaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGQzOTk5NmExMTgwY2FiYmVmNmViMmE4MTY5OWJhNGU4OWZhODAxNjg3ODIy
NmFjMzhmOTgzNjViZDkxM2FjM2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALwLlXM38fdpmP+yxhj1aalOg84CpcV8HzAKXZ7uATG3Y2FbJW82d6FiymPA
Zy2uq9Lgd4aU+qCdhlcD+MnM/BAPidX6lqaja7eH2E8jiroxObeiUISmC+Mko2QX
zoCpal9yCr+BBw8179h8gCVaSzjJZusedxQLdFndAnVyNoKcjY/65ZKwd7ifd2Tz
XLvYwiEraQL0ob1YuhAnvBp9TPmYkJQETGmKefWSVnJTHmM/LcAF+4jLR3hc1y5V
IquWUkbZbuWZKgYmJQuM4P32ZXFrSxh33VakOLsB+OioETJ1UF/3b376AhjkI7LE
LBqIhN1lQ75MJdbiIo3jUQioo8cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS3aK0Z
IET3mh32AiezanvncMxM+zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2RhMzcxMmQtMzRhNi00MjhkLWE2OTQtMTliYWIzNzdjNDRlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0B4A
MA0GCSqGSIb3DQEBCwUAA4IBAQA9GowXe3Tjkz7t46ROn4lNdZIHn3hhVDiHgSEb
8sinxUrntY8M7SFsMP876mDq56BJlZrLMkf3qOmxohO/Nv14m3tK9BdDh06a3cXi
DnimTQhox+GtabaJ6OB7OE09huKBkOzLW9PHTqqBrJKu3+Z0BjuXDrUjlNyblzTc
8DRs5dZJqSU9ti2bN0HF2EP7jq1O9GusVG6gE5YAeISWTOxPkEHFTwIyZTfPSNt8
XuBHNKxl3HCL0od4Q0X5OUFdU5TPZ1ITPiXObv+QaG7dLFeCdj7EMGF0OXNTEnmi
ffuarEJtnjaLtMEincjeY2ExU4UllxatFqkk4+jzvvY8OJmR
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:00:34 2026 by rpki-client