Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cfca2455-b58e-43e0-a15f-276f8a5b527f.roa
File: cfca2455-b58e-43e0-a15f-276f8a5b527f.roa (raw, json)
Hash identifier: v+zl7ngRnVuVpAXs8BCTOu24/jnUBuza00DpImmEokU=
Subject key identifier: 4C:D9:F2:19:6F:A6:E3:19:41:F8:B6:7D:EF:BD:DC:D2:1A:7D:84:69
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 014C7B7A0A137ABDEDD3FC6DB11829F50F88AC32
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cfca2455-b58e-43e0-a15f-276f8a5b527f.roa
Signing time: Tue 19 May 2026 05:10:03 +0000
ROA not before: Tue 19 May 2026 05:10:03 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:e040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:4c:7b:7a:0a:13:7a:bd:ed:d3:fc:6d:b1:18:29:f5:0f:88:ac:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:10:03 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=4adb622f5cc48365f28e25e159908aa0d63df7a5bb7c18ab16414679db25914f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:e7:62:74:e0:01:4b:af:09:bf:6f:28:fd:0b:
10:ca:6b:c0:27:9d:50:d2:c9:f4:e8:d7:4e:47:fa:
f5:3a:2e:0c:00:c3:3f:f2:6d:b7:13:0e:38:fd:bb:
78:1c:8d:49:fa:f3:23:2d:4f:bc:74:5a:f0:14:7d:
cb:f8:3c:d3:00:de:e7:df:78:8d:33:93:2a:72:21:
cb:d6:7d:59:84:8c:cf:04:5a:22:c2:41:6d:e8:95:
88:b1:b7:57:b6:cb:6e:28:95:17:4f:b5:69:4e:97:
48:ef:2b:1b:f0:9d:eb:13:bd:4c:a1:ec:7e:15:1d:
ee:62:5a:cd:ab:a6:34:55:1c:3e:7b:22:66:d5:b2:
a3:93:45:c0:28:58:61:0f:62:1f:16:ca:f3:05:d8:
40:b8:c7:81:49:f3:d4:49:0b:b5:4d:25:61:4e:43:
eb:fa:e1:5c:88:49:31:c4:12:e6:9a:97:78:ae:c0:
1a:de:72:e9:21:97:01:ed:78:17:2e:f1:43:b8:7b:
15:b1:96:65:c0:fc:c1:1a:f0:64:09:d3:c2:23:01:
82:db:1c:70:dd:b8:8e:7a:4d:ef:39:e4:e2:cc:aa:
62:65:e8:d3:62:f1:fc:22:c9:bd:be:c4:ed:b8:74:
4d:66:e8:d1:cb:45:c1:33:1b:44:fa:6e:d0:e1:da:
bc:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:D9:F2:19:6F:A6:E3:19:41:F8:B6:7D:EF:BD:DC:D2:1A:7D:84:69
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cfca2455-b58e-43e0-a15f-276f8a5b527f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:e040::/48
Signature Algorithm: sha256WithRSAEncryption
2f:96:3c:92:97:49:bc:ae:bb:c1:2c:22:d1:88:73:b3:86:7d:
0a:21:db:76:bb:46:ee:a4:7c:e2:ed:c6:f8:ae:dd:6e:d1:e0:
9f:b9:ed:83:8f:ff:de:97:62:3c:f6:f0:47:c0:6a:25:5f:20:
07:d1:9f:15:66:96:c2:e4:f6:90:d0:75:a9:fd:9c:06:3c:ba:
27:b7:46:eb:5a:2e:28:9b:ce:bb:81:41:d2:b2:c3:6c:b2:f2:
f8:6f:f7:ab:e4:ac:18:31:3a:c0:22:7f:e4:cb:17:90:97:d0:
79:fe:4a:58:81:a1:f7:f0:e0:08:b6:db:10:88:ad:04:18:2d:
34:a1:97:27:40:4c:70:cf:34:f0:bc:b7:62:f8:73:de:40:0a:
68:7c:f1:01:24:ae:c1:c7:5a:13:88:ce:25:a5:28:67:f2:5b:
aa:ba:79:cc:82:4d:1d:e3:96:8f:68:18:72:d4:bd:2e:1a:b0:
cb:2a:cd:dc:2f:dc:f6:d4:c2:3d:52:04:4f:b6:95:a1:68:01:
7b:61:10:ca:64:eb:ed:a2:7f:a5:5a:ad:49:ac:c4:17:bd:05:
f7:67:cc:99:b1:00:94:31:ac:05:5b:78:05:0b:dc:8a:bd:9c:
d7:2e:d2:a4:62:2c:41:01:65:5e:6b:a4:4e:c4:52:e4:3b:a3:
82:44:93:80
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUAUx7egoTer3t0/xtsRgp9Q+IrDIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTEwMDNaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDRhZGI2MjJmNWNjNDgzNjVmMjhlMjVlMTU5OTA4YWEwZDYzZGY3YTViYjdj
MThhYjE2NDE0Njc5ZGIyNTkxNGYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIvnYnTgAUuvCb9vKP0LEMprwCedUNLJ9OjXTkf69TouDADDP/JttxMOOP27
eByNSfrzIy1PvHRa8BR9y/g80wDe5994jTOTKnIhy9Z9WYSMzwRaIsJBbeiViLG3
V7bLbiiVF0+1aU6XSO8rG/Cd6xO9TKHsfhUd7mJazaumNFUcPnsiZtWyo5NFwChY
YQ9iHxbK8wXYQLjHgUnz1EkLtU0lYU5D6/rhXIhJMcQS5pqXeK7AGt5y6SGXAe14
Fy7xQ7h7FbGWZcD8wRrwZAnTwiMBgtsccN24jnpN7znk4syqYmXo02Lx/CLJvb7E
7bh0TWbo0ctFwTMbRPpu0OHavGsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRM2fIZ
b6bjGUH4tn3vvdzSGn2EaTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2ZjYTI0NTUtYjU4ZS00M2UwLWExNWYtMjc2ZjhhNWI1MjdmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H/g
QDANBgkqhkiG9w0BAQsFAAOCAQEAL5Y8kpdJvK67wSwi0Yhzs4Z9CiHbdrtG7qR8
4u3G+K7dbtHgn7ntg4//3pdiPPbwR8BqJV8gB9GfFWaWwuT2kNB1qf2cBjy6J7dG
61ouKJvOu4FB0rLDbLLy+G/3q+SsGDE6wCJ/5MsXkJfQef5KWIGh9/DgCLbbEIit
BBgtNKGXJ0BMcM808Ly3Yvhz3kAKaHzxASSuwcdaE4jOJaUoZ/Jbqrp5zIJNHeOW
j2gYctS9LhqwyyrN3C/c9tTCPVIET7aVoWgBe2EQymTr7aJ/pVqtSazEF70F92fM
mbEAlDGsBVt4BQvcir2c1y7SpGIsQQFlXmukTsRS5DujgkSTgA==
-----END CERTIFICATE-----
Generated at Sat Jun 13 07:59:17 2026 by rpki-client