Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e9b24ad1-069b-4916-9d33-31ad6937fb2f.roa
File: e9b24ad1-069b-4916-9d33-31ad6937fb2f.roa (raw, json)
Hash identifier: KwPbT/+6oaFZtv9mwhmqEI1R86jDPYLFfFYmOKHVJ7A=
Subject key identifier: 96:B1:FF:6A:D9:BD:F0:48:12:55:25:64:01:0E:64:60:EE:1C:7B:7F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7B6A52DC253CDBA44812FF217AC98B0D13112CD6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e9b24ad1-069b-4916-9d33-31ad6937fb2f.roa
Signing time: Thu 14 May 2026 01:40:07 +0000
ROA not before: Thu 14 May 2026 01:40:07 +0000
ROA not after: Wed 12 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:6000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:6a:52:dc:25:3c:db:a4:48:12:ff:21:7a:c9:8b:0d:13:11:2c:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 14 01:40:07 2026 GMT
Not After : Aug 12 23:59:59 2026 GMT
Subject: serialNumber=f55574f4cef53c22ef9f506f2b91ac5ec3e989da23fbe759767e59fac52763d5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:20:1b:e0:42:5d:12:00:2b:e4:8c:15:b7:dd:
10:b4:cf:1e:26:0d:ea:ab:4b:6a:96:f2:14:d0:90:
ca:54:32:4c:66:87:7b:09:86:4f:aa:a4:59:95:46:
9d:e3:9c:e4:a3:4e:0c:d1:10:83:c1:1d:ca:eb:51:
62:55:88:83:89:82:5a:2a:e4:88:0a:14:f6:69:46:
b7:28:af:71:7e:d1:a0:a2:bc:8f:92:b9:d6:fc:7a:
03:31:5d:e4:16:3d:3a:6d:bf:1a:0d:36:c8:16:d7:
42:5f:cd:73:45:01:f4:41:89:72:47:ff:03:7b:40:
aa:e3:bb:b8:d2:aa:5a:fd:05:88:20:5f:b3:44:20:
1c:99:e0:56:c1:1c:49:9b:7d:4d:74:97:f8:c4:82:
7e:19:31:5c:6f:4e:61:7a:ee:75:26:84:6a:ed:2d:
ea:77:e0:22:86:3a:d8:dc:d1:14:2f:83:4a:6c:9d:
16:94:cc:7c:af:8e:c5:a6:df:4b:90:52:b6:f2:31:
eb:be:3e:09:65:39:86:56:b7:66:25:72:5f:04:20:
a7:ae:8f:f5:67:d2:3e:6b:ee:70:2b:d6:fb:e9:f6:
5f:7b:f5:d0:86:f3:79:87:17:c7:b5:e8:70:d5:fd:
fe:12:ce:02:3a:b4:02:8d:91:e1:8a:64:7e:99:21:
63:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:B1:FF:6A:D9:BD:F0:48:12:55:25:64:01:0E:64:60:EE:1C:7B:7F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e9b24ad1-069b-4916-9d33-31ad6937fb2f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:6000::/48
Signature Algorithm: sha256WithRSAEncryption
ba:51:80:12:b7:65:5c:b7:9e:84:f9:62:3a:1b:c7:9a:44:5c:
c4:d3:74:38:a0:b7:5d:48:8c:93:6c:59:5d:93:65:c2:68:9c:
0b:a3:17:e5:50:1e:0c:6b:72:af:a2:6e:c0:28:f6:82:31:c7:
73:da:32:c6:9a:ab:96:9a:96:d1:3f:ad:c8:be:9e:fd:f5:76:
76:ad:90:31:dc:c2:76:dc:6f:63:2c:11:94:50:cc:f4:a1:8e:
74:88:ed:a0:53:83:91:cc:5d:52:39:9a:74:51:70:78:b5:d0:
95:91:29:19:d9:a2:12:1f:54:2d:87:6d:a8:02:b0:fa:05:54:
5b:ba:10:1c:c8:dc:93:aa:ef:71:b9:94:07:73:0f:db:77:bc:
4b:f6:23:f3:2f:ad:32:91:91:0d:89:60:82:b6:3b:83:37:e8:
e0:20:2f:c1:3b:0c:7a:35:92:49:21:88:2a:a4:a5:e1:16:38:
c1:d1:c7:2a:92:2c:6a:cb:a7:d2:3b:05:fb:e6:a5:dc:38:69:
55:ac:d5:4b:1d:d1:c6:a9:e0:09:73:18:c6:00:db:5c:3c:00:
82:e8:ea:0e:81:6b:34:a3:5f:03:a5:21:1b:2e:b1:0b:30:2a:
04:be:03:95:0e:54:f9:e9:d9:e0:48:91:a6:49:45:c8:c4:9a:
cc:a0:23:e7
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUe2pS3CU826RIEv8hesmLDRMRLNYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTQwMTQwMDdaFw0yNjA4MTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGY1NTU3NGY0Y2VmNTNjMjJlZjlmNTA2ZjJiOTFhYzVlYzNlOTg5ZGEyM2Zi
ZTc1OTc2N2U1OWZhYzUyNzYzZDUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK8gG+BCXRIAK+SMFbfdELTPHiYN6qtLapbyFNCQylQyTGaHewmGT6qkWZVG
neOc5KNODNEQg8EdyutRYlWIg4mCWirkiAoU9mlGtyivcX7RoKK8j5K51vx6AzFd
5BY9Om2/Gg02yBbXQl/Nc0UB9EGJckf/A3tAquO7uNKqWv0FiCBfs0QgHJngVsEc
SZt9TXSX+MSCfhkxXG9OYXrudSaEau0t6nfgIoY62NzRFC+DSmydFpTMfK+Oxabf
S5BStvIx674+CWU5hla3ZiVyXwQgp66P9WfSPmvucCvW++n2X3v10IbzeYcXx7Xo
cNX9/hLOAjq0Ao2R4YpkfpkhYz8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSWsf9q
2b3wSBJVJWQBDmRg7hx7fzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTliMjRhZDEtMDY5Yi00OTE2LTlkMzMtMzFhZDY5MzdmYjJmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HZg
ADANBgkqhkiG9w0BAQsFAAOCAQEAulGAErdlXLeehPliOhvHmkRcxNN0OKC3XUiM
k2xZXZNlwmicC6MX5VAeDGtyr6JuwCj2gjHHc9oyxpqrlpqW0T+tyL6e/fV2dq2Q
MdzCdtxvYywRlFDM9KGOdIjtoFODkcxdUjmadFFweLXQlZEpGdmiEh9ULYdtqAKw
+gVUW7oQHMjck6rvcbmUB3MP23e8S/Yj8y+tMpGRDYlggrY7gzfo4CAvwTsMejWS
SSGIKqSl4RY4wdHHKpIsasun0jsF++al3DhpVazVSx3RxqngCXMYxgDbXDwAgujq
DoFrNKNfA6UhGy6xCzAqBL4DlQ5U+enZ4EiRpklFyMSazKAj5w==
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:12:59 2026 by rpki-client