Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e685939e-256d-4ac5-abba-2f7388fb67c5.roa
File: e685939e-256d-4ac5-abba-2f7388fb67c5.roa (raw, json)
Hash identifier: pQkkRgle5fiY5dpi2UBmjuoYHyvFWhaSjv46d1AvG44=
Subject key identifier: 55:38:29:DC:40:1D:CF:F1:87:1C:66:0A:3D:5A:D6:D8:5A:A3:10:E8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3FEC793BFD4ED50E17071B991298CCFA6E2CC5A6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e685939e-256d-4ac5-abba-2f7388fb67c5.roa
Signing time: Fri 22 May 2026 16:03:33 +0000
ROA not before: Fri 22 May 2026 16:03:33 +0000
ROA not after: Thu 20 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d068:840::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:ec:79:3b:fd:4e:d5:0e:17:07:1b:99:12:98:cc:fa:6e:2c:c5:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 22 16:03:33 2026 GMT
Not After : Aug 20 23:59:59 2026 GMT
Subject: serialNumber=30e91ceb7ad20fe8502034f0a69ae0f95dcdc77dc627fae575643c6e017c8068, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:82:30:30:4e:89:bf:c0:8d:f2:e7:67:43:a6:
fb:07:f2:d4:e8:2f:68:a3:a7:74:9c:82:4a:55:95:
21:b9:2b:ad:3d:05:41:00:62:6c:5a:7b:69:39:f3:
8a:e1:3b:3f:e5:f6:f0:b1:86:19:21:88:5c:c0:d1:
14:e3:4b:be:4e:f7:53:44:83:f9:d9:97:68:01:01:
d8:58:b5:49:7d:20:70:50:a7:79:0a:7a:3b:de:a4:
02:0d:41:be:62:b5:88:7f:8c:d9:cf:e5:c9:90:11:
b5:a7:14:0f:12:ea:1d:ef:2e:76:88:ea:48:21:d4:
d1:f6:e0:d5:dd:30:3a:5a:51:35:e4:0d:64:b5:cc:
54:63:73:db:cd:e0:64:d3:37:26:bb:8a:2b:cd:bc:
5d:dd:87:f2:f5:6f:54:5c:23:9d:06:4a:13:67:49:
9b:92:ea:ed:e9:4e:57:e1:1c:44:ca:8c:36:74:4d:
f0:91:48:e2:5f:fc:fa:c5:7f:5d:c7:05:2d:0f:69:
e6:a5:16:e9:17:62:e2:76:40:98:1a:2a:22:99:90:
92:a3:af:11:6b:25:08:6d:07:1b:57:93:13:47:4c:
3c:92:a7:67:f9:ad:e4:5d:ef:34:56:c3:ce:bf:af:
85:a8:76:fb:5e:f7:69:22:ed:60:93:e7:6a:b7:d6:
72:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:38:29:DC:40:1D:CF:F1:87:1C:66:0A:3D:5A:D6:D8:5A:A3:10:E8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e685939e-256d-4ac5-abba-2f7388fb67c5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d068:840::/48
Signature Algorithm: sha256WithRSAEncryption
10:d1:95:e6:77:06:1f:b3:28:f7:cc:90:8c:87:1f:42:f6:9c:
8f:6b:79:b1:e8:0b:c9:89:e4:f1:6e:7b:cc:6d:41:cb:1f:ba:
ef:6b:3f:e5:fc:f2:dd:e7:f4:65:59:ca:9e:47:2f:b8:0b:a4:
4e:f0:1f:6a:e6:17:2f:17:39:7a:5d:96:cf:83:27:36:4a:aa:
15:53:54:37:11:73:4b:51:27:fe:08:b2:4b:94:1e:fd:b7:69:
c0:b1:b6:91:ec:9e:bc:71:eb:ca:ab:5a:4b:22:c4:8e:9f:6b:
ef:4c:32:5c:83:1c:f3:6a:fc:46:ae:25:e5:07:65:54:5d:bb:
85:76:2b:dd:53:c5:6f:fe:87:22:d5:64:0a:68:be:31:49:ed:
b9:6c:e9:92:07:f1:47:e5:3b:bc:63:a0:69:e1:30:45:3a:4a:
54:08:3d:42:e0:a7:86:9d:21:58:e2:fe:a9:ba:16:5b:41:9a:
39:aa:03:b8:79:e2:74:01:91:3a:97:90:ca:d3:2f:14:a9:2e:
8b:81:ca:a5:47:df:94:18:09:59:ad:b3:6d:cd:da:7f:b9:47:
f8:2b:84:b3:34:e4:ac:ff:d0:98:8d:84:74:7d:30:29:bf:d3:
81:11:d1:3e:76:9d:74:70:ed:28:ef:1d:d5:a3:48:73:a8:16:
40:79:b7:aa
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUP+x5O/1O1Q4XBxuZEpjM+m4sxaYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MjIxNjAzMzNaFw0yNjA4MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDMwZTkxY2ViN2FkMjBmZTg1MDIwMzRmMGE2OWFlMGY5NWRjZGM3N2RjNjI3
ZmFlNTc1NjQzYzZlMDE3YzgwNjgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMCCMDBOib/AjfLnZ0Om+wfy1OgvaKOndJyCSlWVIbkrrT0FQQBibFp7aTnz
iuE7P+X28LGGGSGIXMDRFONLvk73U0SD+dmXaAEB2Fi1SX0gcFCneQp6O96kAg1B
vmK1iH+M2c/lyZARtacUDxLqHe8udojqSCHU0fbg1d0wOlpRNeQNZLXMVGNz283g
ZNM3JruKK828Xd2H8vVvVFwjnQZKE2dJm5Lq7elOV+EcRMqMNnRN8JFI4l/8+sV/
XccFLQ9p5qUW6Rdi4nZAmBoqIpmQkqOvEWslCG0HG1eTE0dMPJKnZ/mt5F3vNFbD
zr+vhah2+173aSLtYJPnarfWcu0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRVOCnc
QB3P8YccZgo9WtbYWqMQ6DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTY4NTkzOWUtMjU2ZC00YWM1LWFiYmEtMmY3Mzg4ZmI2N2M1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0GgI
QDANBgkqhkiG9w0BAQsFAAOCAQEAENGV5ncGH7Mo98yQjIcfQvacj2t5segLyYnk
8W57zG1Byx+672s/5fzy3ef0ZVnKnkcvuAukTvAfauYXLxc5el2Wz4MnNkqqFVNU
NxFzS1En/giyS5Qe/bdpwLG2keyevHHryqtaSyLEjp9r70wyXIMc82r8Rq4l5Qdl
VF27hXYr3VPFb/6HItVkCmi+MUntuWzpkgfxR+U7vGOgaeEwRTpKVAg9QuCnhp0h
WOL+qboWW0GaOaoDuHnidAGROpeQytMvFKkui4HKpUfflBgJWa2zbc3af7lH+CuE
szTkrP/QmI2EdH0wKb/TgRHRPnaddHDtKO8d1aNIc6gWQHm3qg==
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:16:39 2026 by rpki-client