Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/df38c00b-a6b3-4e63-9f69-b8c3856ebdf6.roa
File: df38c00b-a6b3-4e63-9f69-b8c3856ebdf6.roa (raw, json)
Hash identifier: nlLYbrRBKmxLtIaKMCshE4tKfgLMmBbhYgH86+U79wk=
Subject key identifier: 7D:A4:7F:BB:28:44:4C:85:2F:44:1B:82:53:11:2E:7A:2A:0C:A3:54
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3AAAB145A58BDD9880CC799C23760D0CFB0AAD92
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/df38c00b-a6b3-4e63-9f69-b8c3856ebdf6.roa
Signing time: Tue 19 May 2026 05:31:22 +0000
ROA not before: Tue 19 May 2026 05:31:22 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06d:c000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:aa:b1:45:a5:8b:dd:98:80:cc:79:9c:23:76:0d:0c:fb:0a:ad:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:31:22 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=e2f0993376b0dbc6646338551abb87afb8819cee4cc7e60f49692390228f06e8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:42:6b:33:ab:e9:dc:d1:54:37:8c:fc:18:33:
cd:05:c2:b6:a9:50:7c:94:8c:94:5f:32:a5:68:02:
bd:0d:c8:f1:0b:72:61:0f:10:89:66:e0:fb:96:3e:
a7:88:f9:64:02:5b:65:04:65:42:ff:5e:26:50:eb:
e9:c6:f6:7a:2e:8b:4c:6b:f9:29:ac:3f:37:3e:67:
b3:89:e9:bc:c6:35:3e:32:bb:97:c9:73:27:31:b8:
56:6b:53:fe:45:d2:d4:a2:23:70:51:53:29:b4:5b:
69:96:1d:b1:d8:14:87:2a:46:cd:62:7f:3b:ed:31:
fa:dc:87:17:83:de:98:55:bf:9a:93:11:cf:ba:43:
f1:d8:2f:a0:89:55:28:3e:74:cd:88:ed:7f:b1:f5:
08:29:0c:e3:7b:d1:88:de:84:06:69:a1:62:70:df:
ae:42:1f:97:b8:d6:86:07:7b:f8:0f:e1:f2:7f:69:
9d:8f:f4:f9:d2:98:37:80:c4:2e:0f:43:23:1a:c4:
cb:8a:55:45:86:7c:df:dd:a3:25:06:31:b8:9e:65:
eb:3d:9b:db:31:25:b2:c0:6d:53:77:8e:eb:e1:ca:
2b:a5:79:e7:04:72:29:c1:6d:c2:01:1d:41:dc:bc:
71:0e:23:91:54:2a:52:ab:91:44:70:bd:6e:6b:69:
7a:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:A4:7F:BB:28:44:4C:85:2F:44:1B:82:53:11:2E:7A:2A:0C:A3:54
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/df38c00b-a6b3-4e63-9f69-b8c3856ebdf6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06d:c000::/40
Signature Algorithm: sha256WithRSAEncryption
7c:3c:da:0c:33:e9:df:68:56:24:66:a6:fb:fd:1d:68:f7:21:
f1:f1:9b:8f:3b:11:80:02:1d:35:e8:ea:37:81:22:79:f1:3a:
c9:fd:10:ec:55:a9:53:d0:9d:55:f5:cf:14:38:60:2f:30:d5:
17:ff:26:89:90:fc:38:a4:ae:ee:49:21:15:10:42:4a:bd:7c:
d5:44:1c:20:7f:c9:64:ee:5a:6a:ee:b1:b0:8f:ec:c9:b0:81:
ee:62:9c:05:a9:72:31:ef:11:9e:32:15:70:42:04:7e:92:02:
62:19:44:cb:8a:09:be:a9:3c:dc:d2:cc:32:e4:39:92:99:5b:
c6:66:82:63:fd:38:46:80:b9:24:47:01:e9:2a:1e:9c:1f:e6:
06:e6:c0:d2:84:39:0a:e4:9d:90:2d:30:ca:17:31:df:1d:92:
39:22:de:8a:ff:79:2c:8c:b6:e5:ff:a5:24:87:38:7c:73:63:
b7:56:b5:6b:5e:24:2c:f4:9e:56:88:2e:b9:5d:61:e1:60:43:
01:13:74:f8:85:da:b6:3b:b3:49:52:b3:85:4b:50:19:d0:b1:
e4:31:00:80:11:93:56:74:6a:a8:eb:dc:f0:0a:d9:57:49:d9:
b2:6e:9a:de:24:0e:0b:53:59:ce:3a:e6:85:f4:14:bb:c9:d4:
22:e1:d6:e7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOqqxRaWL3ZiAzHmcI3YNDPsKrZIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTMxMjJaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGUyZjA5OTMzNzZiMGRiYzY2NDYzMzg1NTFhYmI4N2FmYjg4MTljZWU0Y2M3
ZTYwZjQ5NjkyMzkwMjI4ZjA2ZTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMJCazOr6dzRVDeM/BgzzQXCtqlQfJSMlF8ypWgCvQ3I8QtyYQ8QiWbg+5Y+
p4j5ZAJbZQRlQv9eJlDr6cb2ei6LTGv5Kaw/Nz5ns4npvMY1PjK7l8lzJzG4VmtT
/kXS1KIjcFFTKbRbaZYdsdgUhypGzWJ/O+0x+tyHF4PemFW/mpMRz7pD8dgvoIlV
KD50zYjtf7H1CCkM43vRiN6EBmmhYnDfrkIfl7jWhgd7+A/h8n9pnY/0+dKYN4DE
Lg9DIxrEy4pVRYZ8392jJQYxuJ5l6z2b2zElssBtU3eO6+HKK6V55wRyKcFtwgEd
Qdy8cQ4jkVQqUquRRHC9bmtpenMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR9pH+7
KERMhS9EG4JTES56KgyjVDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGYzOGMwMGItYTZiMy00ZTYzLTlmNjktYjhjMzg1NmViZGY2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G3A
MA0GCSqGSIb3DQEBCwUAA4IBAQB8PNoMM+nfaFYkZqb7/R1o9yHx8ZuPOxGAAh01
6Oo3gSJ58TrJ/RDsValT0J1V9c8UOGAvMNUX/yaJkPw4pK7uSSEVEEJKvXzVRBwg
f8lk7lpq7rGwj+zJsIHuYpwFqXIx7xGeMhVwQgR+kgJiGUTLigm+qTzc0swy5DmS
mVvGZoJj/ThGgLkkRwHpKh6cH+YG5sDShDkK5J2QLTDKFzHfHZI5It6K/3ksjLbl
/6Ukhzh8c2O3VrVrXiQs9J5WiC65XWHhYEMBE3T4hdq2O7NJUrOFS1AZ0LHkMQCA
EZNWdGqo69zwCtlXSdmybpreJA4LU1nOOuaF9BS7ydQi4dbn
-----END CERTIFICATE-----
Generated at Sat Jun 13 07:58:58 2026 by rpki-client