Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d9b32e5a-82bc-4b48-bde6-ace5aaff4677.roa
File: d9b32e5a-82bc-4b48-bde6-ace5aaff4677.roa (raw, json)
Hash identifier: giBO646pKaDNb5nonohFcJfzpt0eGChEfezZ1l2q9JU=
Subject key identifier: 8A:A7:56:EF:28:70:B5:7F:4F:CA:4A:8D:76:3A:D0:04:C1:0D:57:DE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5FAA2580D05C47AEDFBF57122D7DF47B34D36818
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d9b32e5a-82bc-4b48-bde6-ace5aaff4677.roa
Signing time: Fri 22 May 2026 16:02:00 +0000
ROA not before: Fri 22 May 2026 16:02:00 +0000
ROA not after: Thu 20 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07a:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:aa:25:80:d0:5c:47:ae:df:bf:57:12:2d:7d:f4:7b:34:d3:68:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 22 16:02:00 2026 GMT
Not After : Aug 20 23:59:59 2026 GMT
Subject: serialNumber=cf7716c77e757675840fe896bc198df32319f89e82132837b7efb6b520982d47, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:97:18:e4:f8:ce:05:ca:78:53:17:d9:07:af:
ed:39:96:89:5a:a6:74:44:2f:6d:b1:c8:70:60:3f:
25:9f:71:63:67:b5:ea:8f:bd:4f:1c:b6:e3:91:aa:
dc:48:a4:47:2d:17:a6:92:29:18:f1:cd:5c:0e:fb:
6c:8e:8a:08:82:a8:7b:7c:a6:9d:ec:00:1a:56:2f:
1b:fa:87:52:16:66:f8:55:49:ee:e2:d3:fe:46:92:
5b:58:5e:2e:ca:14:b9:33:8b:9d:95:3c:fc:b8:a3:
2b:93:d4:a8:38:eb:5d:99:b1:58:16:d0:9a:0e:ef:
73:c9:44:25:a9:d8:56:ad:05:dc:30:0d:00:78:87:
8b:54:f0:4e:11:1a:22:c3:8c:d5:c0:b1:2d:27:61:
e8:ad:16:9a:05:be:a7:55:73:05:9e:af:ea:ee:27:
1e:a3:99:16:a6:d3:a5:df:53:c1:51:81:ef:f5:1d:
ab:8c:3f:74:99:06:04:a9:d8:31:30:a8:25:90:1c:
a4:8f:9e:8b:31:15:86:4c:9e:4e:e6:55:ba:34:55:
8d:d0:f1:8b:37:62:53:08:e1:05:4a:c4:59:c7:8d:
57:81:a1:ad:bd:4d:a9:a1:3b:52:aa:2e:24:7f:99:
0c:9b:e6:da:99:ea:a8:23:4a:20:d1:1a:bf:34:59:
6b:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:A7:56:EF:28:70:B5:7F:4F:CA:4A:8D:76:3A:D0:04:C1:0D:57:DE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d9b32e5a-82bc-4b48-bde6-ace5aaff4677.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07a:5000::/40
Signature Algorithm: sha256WithRSAEncryption
3a:58:aa:73:90:e1:08:dd:20:3f:7d:ac:0d:8c:2c:7d:e2:b4:
a6:e3:a6:30:ea:d2:33:2b:95:09:94:1f:ac:13:19:2c:71:59:
db:1f:ee:4e:5a:20:79:67:28:54:7f:8e:f1:52:b4:d1:31:18:
b5:13:b4:4d:ca:8c:50:6c:a7:40:79:75:a3:2f:f9:ad:4f:fc:
09:98:92:5f:53:c4:2d:95:2b:50:e0:5b:62:4d:4e:6c:4f:16:
f6:90:b0:0c:f9:4b:67:4f:18:74:ab:5f:fa:40:03:46:a7:de:
da:03:64:bd:96:6b:6b:35:6a:02:72:2e:47:92:92:8f:b9:5e:
5c:1d:69:45:cf:cb:41:4b:92:c8:11:ca:1a:11:69:6f:99:d7:
71:3e:50:3d:c4:e5:cc:35:4c:af:45:62:ad:2a:dd:3a:b8:8e:
3c:13:76:7a:f3:3a:58:36:b7:30:a5:5f:71:14:10:4b:51:de:
89:e4:a5:8a:b3:50:c2:ae:db:0d:62:72:47:f5:09:d1:66:52:
6d:44:50:d4:ad:cf:3e:6d:67:6c:ae:33:5f:87:3f:24:d8:0a:
17:0f:98:18:3a:07:f9:b1:9b:d1:17:2d:90:bc:f1:7d:09:3c:
65:d5:27:b3:62:5b:a3:78:4b:7f:ff:57:83:ec:f9:0f:9f:7b:
1a:e6:a4:26
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUX6olgNBcR67fv1cSLX30ezTTaBgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MjIxNjAyMDBaFw0yNjA4MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGNmNzcxNmM3N2U3NTc2NzU4NDBmZTg5NmJjMTk4ZGYzMjMxOWY4OWU4MjEz
MjgzN2I3ZWZiNmI1MjA5ODJkNDcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALuXGOT4zgXKeFMX2Qev7TmWiVqmdEQvbbHIcGA/JZ9xY2e16o+9Txy245Gq
3EikRy0XppIpGPHNXA77bI6KCIKoe3ymnewAGlYvG/qHUhZm+FVJ7uLT/kaSW1he
LsoUuTOLnZU8/LijK5PUqDjrXZmxWBbQmg7vc8lEJanYVq0F3DANAHiHi1TwThEa
IsOM1cCxLSdh6K0WmgW+p1VzBZ6v6u4nHqOZFqbTpd9TwVGB7/Udq4w/dJkGBKnY
MTCoJZAcpI+eizEVhkyeTuZVujRVjdDxizdiUwjhBUrEWceNV4Ghrb1NqaE7Uqou
JH+ZDJvm2pnqqCNKINEavzRZa5MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSKp1bv
KHC1f0/KSo12OtAEwQ1X3jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDliMzJlNWEtODJiYy00YjQ4LWJkZTYtYWNlNWFhZmY0Njc3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HpQ
MA0GCSqGSIb3DQEBCwUAA4IBAQA6WKpzkOEI3SA/fawNjCx94rSm46Yw6tIzK5UJ
lB+sExkscVnbH+5OWiB5ZyhUf47xUrTRMRi1E7RNyoxQbKdAeXWjL/mtT/wJmJJf
U8QtlStQ4FtiTU5sTxb2kLAM+UtnTxh0q1/6QANGp97aA2S9lmtrNWoCci5HkpKP
uV5cHWlFz8tBS5LIEcoaEWlvmddxPlA9xOXMNUyvRWKtKt06uI48E3Z68zpYNrcw
pV9xFBBLUd6J5KWKs1DCrtsNYnJH9QnRZlJtRFDUrc8+bWdsrjNfhz8k2AoXD5gY
Ogf5sZvRFy2QvPF9CTxl1SezYlujeEt//1eD7PkPn3sa5qQm
-----END CERTIFICATE-----
Generated at Sat Jun 13 13:38:15 2026 by rpki-client