Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dc0aab4e-9dbc-4b68-938d-80202e3d0bd0.roa
File: dc0aab4e-9dbc-4b68-938d-80202e3d0bd0.roa (raw, json)
Hash identifier: 0GHhyzTRHE057pM/ftqxiXyOdK8Y2TX4xyOExyJdauU=
Subject key identifier: A6:93:67:70:68:FB:F7:57:53:8F:E1:90:31:9D:43:1A:4E:A5:19:94
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 072107180B765CC667AAF2D1435418F875E35026
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dc0aab4e-9dbc-4b68-938d-80202e3d0bd0.roa
Signing time: Tue 19 May 2026 05:31:22 +0000
ROA not before: Tue 19 May 2026 05:31:22 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:9040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:21:07:18:0b:76:5c:c6:67:aa:f2:d1:43:54:18:f8:75:e3:50:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:31:22 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=b84fdfbfba8615a5b3fb453a532b8339f5ada92a33def74353a27acc2bb5b27c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:5b:c4:06:e6:6f:58:d0:84:13:1f:67:a0:26:
7d:75:35:ed:b9:96:ed:c2:d2:b2:78:08:fe:a8:91:
90:20:fd:ca:52:eb:98:c8:e4:cc:16:8f:dd:c1:2f:
1d:0e:3f:24:fa:b1:96:c3:c7:07:00:5b:55:33:c8:
7d:e8:08:b0:1f:b5:92:72:17:4b:5c:35:72:86:d3:
69:06:0b:f2:c1:06:84:ca:35:11:83:e7:26:3c:33:
41:58:e6:c2:b0:fd:2d:ab:ae:39:cb:fc:9b:79:7e:
4f:b7:73:31:d4:6a:f6:55:e4:0b:47:24:76:2c:64:
e4:95:13:cc:45:54:71:f9:95:b6:69:7d:61:62:c5:
fc:20:c8:15:1d:fe:d8:a4:4d:8d:bb:53:9d:b3:72:
c3:45:e3:29:86:ba:d3:e7:e4:16:43:e9:00:e1:d4:
bd:37:37:32:f2:f2:72:62:86:5f:02:26:a1:ff:04:
38:9b:1c:75:7a:ac:f3:0a:a3:bf:1f:6c:3c:86:b4:
2b:33:28:00:18:e5:88:86:0f:bc:f3:ae:21:3d:dc:
d9:b3:43:84:83:ba:69:be:8c:fa:2e:3c:3f:37:c5:
94:93:2a:9b:68:cb:fe:57:01:2d:f8:a7:f3:76:ba:
d1:af:e1:cf:77:b9:a5:20:5a:4f:0a:57:d3:b6:90:
ef:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:93:67:70:68:FB:F7:57:53:8F:E1:90:31:9D:43:1A:4E:A5:19:94
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dc0aab4e-9dbc-4b68-938d-80202e3d0bd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:9040::/48
Signature Algorithm: sha256WithRSAEncryption
bd:63:da:0b:19:94:8a:4e:3d:f1:e7:d5:02:81:17:5b:e7:36:
5e:c1:27:52:63:18:62:be:8f:8c:b2:8c:83:93:d7:4b:cb:4e:
24:0a:1e:f9:d3:0e:f0:84:d8:ec:a0:9a:8b:b9:88:dd:f5:5d:
1b:27:eb:56:24:a0:24:ee:ed:db:04:00:12:a2:7c:a3:23:f1:
28:dd:c3:44:f6:6d:65:dd:eb:8d:d3:63:e1:fd:87:9c:f5:c3:
64:5f:29:ea:cf:7b:3e:66:1e:ec:38:0c:a3:60:71:e4:0f:9d:
8d:b2:d6:d1:d3:0d:f5:8b:bf:42:eb:aa:f3:3b:15:cc:29:d9:
2a:88:50:91:9d:f9:fb:13:d2:69:a7:f6:1f:50:50:de:d9:3e:
1f:98:3d:64:a2:94:1e:d4:c4:71:a9:06:4b:38:ab:22:57:96:
64:96:e9:bb:03:a1:ba:ab:f2:5d:17:6a:08:ad:37:ae:8f:67:
c2:8a:dc:1f:25:a0:1f:df:22:a9:97:23:66:b9:fe:87:62:67:
55:1a:36:f7:b8:77:96:c3:fe:68:05:00:61:09:0f:55:02:68:
24:76:00:42:85:9c:05:4f:b6:19:03:8f:23:42:50:ef:28:81:
cc:c8:2c:a8:a7:0a:c9:93:d0:1a:82:3a:21:a5:63:cf:9b:b8:
12:4d:51:8d
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUByEHGAt2XMZnqvLRQ1QY+HXjUCYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTMxMjJaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGI4NGZkZmJmYmE4NjE1YTViM2ZiNDUzYTUzMmI4MzM5ZjVhZGE5MmEzM2Rl
Zjc0MzUzYTI3YWNjMmJiNWIyN2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMlbxAbmb1jQhBMfZ6AmfXU17bmW7cLSsngI/qiRkCD9ylLrmMjkzBaP3cEv
HQ4/JPqxlsPHBwBbVTPIfegIsB+1knIXS1w1cobTaQYL8sEGhMo1EYPnJjwzQVjm
wrD9LauuOcv8m3l+T7dzMdRq9lXkC0ckdixk5JUTzEVUcfmVtml9YWLF/CDIFR3+
2KRNjbtTnbNyw0XjKYa60+fkFkPpAOHUvTc3MvLycmKGXwImof8EOJscdXqs8wqj
vx9sPIa0KzMoABjliIYPvPOuIT3c2bNDhIO6ab6M+i48PzfFlJMqm2jL/lcBLfin
83a60a/hz3e5pSBaTwpX07aQ748CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSmk2dw
aPv3V1OP4ZAxnUMaTqUZlDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGMwYWFiNGUtOWRiYy00YjY4LTkzOGQtODAyMDJlM2QwYmQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H+Q
QDANBgkqhkiG9w0BAQsFAAOCAQEAvWPaCxmUik498efVAoEXW+c2XsEnUmMYYr6P
jLKMg5PXS8tOJAoe+dMO8ITY7KCai7mI3fVdGyfrViSgJO7t2wQAEqJ8oyPxKN3D
RPZtZd3rjdNj4f2HnPXDZF8p6s97PmYe7DgMo2Bx5A+djbLW0dMN9Yu/Quuq8zsV
zCnZKohQkZ35+xPSaaf2H1BQ3tk+H5g9ZKKUHtTEcakGSzirIleWZJbpuwOhuqvy
XRdqCK03ro9nworcHyWgH98iqZcjZrn+h2JnVRo297h3lsP+aAUAYQkPVQJoJHYA
QoWcBU+2GQOPI0JQ7yiBzMgsqKcKyZPQGoI6IaVjz5u4Ek1RjQ==
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:43:09 2026 by rpki-client