Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cf78b714-ce6c-4a9d-a72e-d30a3470f002.roa
File: cf78b714-ce6c-4a9d-a72e-d30a3470f002.roa (raw, json)
Hash identifier: D7SQz175PE8zgPme7E/hPrPPDGme8mC5NablDwRucdg=
Subject key identifier: 96:48:B3:59:68:58:88:50:B3:2F:0F:FC:FC:13:9B:33:E0:D2:02:B5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2D1D622DC426418930279F16B66996697000CE56
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cf78b714-ce6c-4a9d-a72e-d30a3470f002.roa
Signing time: Fri 15 May 2026 02:20:09 +0000
ROA not before: Fri 15 May 2026 02:20:09 +0000
ROA not after: Thu 13 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:5000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:1d:62:2d:c4:26:41:89:30:27:9f:16:b6:69:96:69:70:00:ce:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 15 02:20:09 2026 GMT
Not After : Aug 13 23:59:59 2026 GMT
Subject: serialNumber=466d428ec333c36eb27186e490753894fd2ad0ce8cea9a20afef94c7cff29f36, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:72:5a:f5:ed:86:70:ac:c4:8d:e9:11:7a:b9:
8a:2e:55:1b:89:5a:c6:f0:4e:4f:5a:84:aa:d7:d3:
bd:3e:1f:3e:10:cf:60:29:f4:4b:3a:7a:26:c2:f1:
d0:b8:fb:e1:68:da:4e:b4:66:f1:65:15:24:04:04:
0b:3f:07:45:ab:72:ec:c2:41:e5:75:30:c6:59:45:
11:b0:a1:46:af:4b:7c:05:a4:1e:5e:51:f2:73:ed:
6a:1c:8c:cf:2a:72:71:32:a6:01:e1:15:9c:1b:38:
b7:07:0c:40:f7:ba:bd:f7:3d:6a:76:c8:c0:5f:8c:
c3:18:4a:a3:cb:0a:ee:66:da:6c:c1:36:54:36:2a:
c5:8b:4f:ed:6f:6a:44:5c:c0:b5:18:55:d4:29:a5:
d8:c1:f0:fe:ba:54:df:e9:10:a0:75:e4:1b:5a:69:
a7:19:8e:88:2d:bc:a7:80:ca:37:12:90:e8:f6:1f:
3f:36:bc:4d:27:cf:e3:ec:06:99:99:e0:06:97:70:
4b:dc:43:76:ba:86:c6:64:d1:d5:5e:96:20:04:ab:
9b:6b:5b:dd:94:d7:75:4d:0f:d0:1b:80:4b:24:d3:
a8:bf:0c:6f:e6:68:34:bf:d3:41:c1:6e:0a:4c:6f:
f4:cd:7a:af:f6:a2:ef:3e:fa:fe:61:12:ea:b4:3b:
48:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:48:B3:59:68:58:88:50:B3:2F:0F:FC:FC:13:9B:33:E0:D2:02:B5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cf78b714-ce6c-4a9d-a72e-d30a3470f002.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:5000::/48
Signature Algorithm: sha256WithRSAEncryption
22:c0:e6:ee:bf:1e:49:70:79:eb:5c:24:e0:2e:ca:4a:d8:02:
32:44:4b:a9:a8:ff:33:e1:54:dc:bf:00:d6:78:ba:a0:72:95:
15:5c:c5:57:a7:35:ec:1c:30:8a:41:d0:4c:22:16:61:74:46:
2a:9b:62:d3:b1:53:63:4b:06:43:21:60:c2:55:fc:e2:d6:78:
52:47:29:f6:22:a1:67:af:40:9d:0e:10:fc:d2:c0:d1:3c:6d:
9b:4d:2e:db:7b:71:12:57:41:90:e2:db:a7:7a:8c:94:6d:56:
6f:9b:76:c0:c3:de:0e:3c:ed:8f:c3:56:81:a1:a3:de:4c:f6:
20:96:e0:13:ad:40:ae:b1:b1:69:73:51:07:41:1f:20:e2:13:
28:ac:25:2f:9b:98:33:7f:3f:bd:a2:0d:fd:d6:f2:e8:1a:fc:
e2:ed:33:d1:53:01:27:e2:d8:ba:98:dc:f9:b2:56:a2:ad:92:
98:12:1d:67:3c:8d:ea:fd:3d:69:44:64:ab:18:17:ce:9b:32:
78:1d:d9:2e:42:5a:f5:b1:20:ab:59:8a:66:ac:64:06:cb:21:
11:4b:96:e9:3b:ef:40:c9:7f:0c:9d:49:72:17:f9:8e:58:5b:
62:41:56:f8:82:ea:c0:40:6b:ce:a9:5a:71:30:aa:01:65:6d:
84:3a:22:0d
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIULR1iLcQmQYkwJ58WtmmWaXAAzlYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTUwMjIwMDlaFw0yNjA4MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ2NmQ0MjhlYzMzM2MzNmViMjcxODZlNDkwNzUzODk0ZmQyYWQwY2U4Y2Vh
OWEyMGFmZWY5NGM3Y2ZmMjlmMzYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKlyWvXthnCsxI3pEXq5ii5VG4laxvBOT1qEqtfTvT4fPhDPYCn0Szp6JsLx
0Lj74WjaTrRm8WUVJAQECz8HRaty7MJB5XUwxllFEbChRq9LfAWkHl5R8nPtahyM
zypycTKmAeEVnBs4twcMQPe6vfc9anbIwF+MwxhKo8sK7mbabME2VDYqxYtP7W9q
RFzAtRhV1Cml2MHw/rpU3+kQoHXkG1pppxmOiC28p4DKNxKQ6PYfPza8TSfP4+wG
mZngBpdwS9xDdrqGxmTR1V6WIASrm2tb3ZTXdU0P0BuASyTTqL8Mb+ZoNL/TQcFu
Ckxv9M16r/ai7z76/mES6rQ7SN0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSWSLNZ
aFiIULMvD/z8E5sz4NICtTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2Y3OGI3MTQtY2U2Yy00YTlkLWE3MmUtZDMwYTM0NzBmMDAyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HZQ
ADANBgkqhkiG9w0BAQsFAAOCAQEAIsDm7r8eSXB561wk4C7KStgCMkRLqaj/M+FU
3L8A1ni6oHKVFVzFV6c17BwwikHQTCIWYXRGKpti07FTY0sGQyFgwlX84tZ4Ukcp
9iKhZ69AnQ4Q/NLA0Txtm00u23txEldBkOLbp3qMlG1Wb5t2wMPeDjztj8NWgaGj
3kz2IJbgE61ArrGxaXNRB0EfIOITKKwlL5uYM38/vaIN/dby6Br84u0z0VMBJ+LY
upjc+bJWoq2SmBIdZzyN6v09aURkqxgXzpsyeB3ZLkJa9bEgq1mKZqxkBsshEUuW
6TvvQMl/DJ1Jchf5jlhbYkFW+ILqwEBrzqlacTCqAWVthDoiDQ==
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:44:46 2026 by rpki-client