Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f10836c1-eb91-4c58-a561-3a113c9a8129.roa
File: f10836c1-eb91-4c58-a561-3a113c9a8129.roa (raw, json)
Hash identifier: IXzTXUhfwW+QD64tD8uiA8GxOvDNIr7Hv5d898t6zkw=
Subject key identifier: 02:BC:AA:A6:D1:79:5D:D8:90:8F:76:68:21:E5:6A:B9:01:AB:E9:32
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 36B863E5F0BB19413666675C0A80D51AC9ED3E53
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f10836c1-eb91-4c58-a561-3a113c9a8129.roa
Signing time: Sun 31 May 2026 01:00:08 +0000
ROA not before: Sun 31 May 2026 01:00:08 +0000
ROA not after: Sat 29 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07d:c040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:b8:63:e5:f0:bb:19:41:36:66:67:5c:0a:80:d5:1a:c9:ed:3e:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 31 01:00:08 2026 GMT
Not After : Aug 29 23:59:59 2026 GMT
Subject: serialNumber=013fdd051a4cda6e02d6c899029180ed4b9c10cb8b497951d9fec0544103ee17, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:ad:b4:79:c5:eb:a1:65:5d:72:61:1c:b7:9a:
54:3c:ad:ec:33:21:fc:3a:76:37:08:3f:3f:04:62:
a8:c6:55:5e:ee:af:df:f7:dd:9e:d1:71:70:97:f9:
d1:9d:9c:9a:bb:1c:0e:14:5c:78:45:31:20:cb:1b:
21:4d:50:5c:07:93:04:fe:9a:ce:cd:9d:98:4d:32:
73:80:88:2f:8c:1e:2c:6b:63:0a:de:a7:ec:d0:a4:
16:77:b7:fd:6c:04:64:9c:33:ce:13:71:28:c2:12:
42:d7:b3:06:d8:4d:d2:05:d5:40:83:6b:20:f6:d0:
b7:46:9a:7b:9b:ba:15:32:cd:30:94:50:87:4c:6b:
79:f6:41:98:fd:6a:68:82:54:9d:85:d6:c6:9b:6c:
4f:6d:44:55:ba:fb:4a:57:de:4d:01:20:8e:c5:e6:
3a:cf:14:e0:d2:95:ad:e4:23:98:a4:f0:b9:92:88:
34:fb:4e:dc:e6:18:47:37:9a:13:81:63:cb:6c:6c:
d9:92:eb:b0:75:4e:9f:1b:14:a9:d4:21:52:72:78:
67:f2:a0:ee:8e:51:05:0b:ca:d2:7c:d2:30:de:51:
1c:cf:fb:e9:f3:1f:93:c4:d2:f3:4b:bc:4e:1f:dc:
02:9f:95:35:60:01:31:cd:4d:00:b0:ac:5e:a3:6d:
bf:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:BC:AA:A6:D1:79:5D:D8:90:8F:76:68:21:E5:6A:B9:01:AB:E9:32
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f10836c1-eb91-4c58-a561-3a113c9a8129.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07d:c040::/48
Signature Algorithm: sha256WithRSAEncryption
6d:ab:2e:c7:2b:81:fe:fd:55:84:fc:ef:eb:1e:c9:26:90:36:
e3:0a:df:99:dd:a6:d2:af:73:7c:d3:8c:fc:7c:21:0f:32:50:
e8:ae:31:ed:ad:a9:55:a2:4f:0d:da:c4:55:78:df:c1:ce:71:
00:fe:27:28:40:fe:96:31:03:9a:f0:81:25:6e:a9:cb:9b:67:
d2:86:4b:d7:3c:7f:01:54:88:47:3f:74:00:e3:50:77:12:6d:
05:d2:a4:91:64:0f:78:50:35:0f:6e:d1:b8:cb:a9:fe:36:dc:
ab:ee:da:9e:5e:7c:f6:f6:ee:44:3d:8c:e1:6c:75:7f:60:7f:
d9:e4:04:8e:77:34:42:6d:a0:79:f3:0b:a5:71:55:ed:34:f7:
8b:31:ca:74:da:d6:2f:11:96:00:c5:41:a2:2b:8d:9f:03:75:
26:e0:7b:55:2a:96:24:04:7b:cd:e5:47:05:7f:6f:fb:02:39:
85:20:74:9d:f7:d4:0e:cf:d0:87:2a:e9:bf:f8:13:d4:e3:cf:
ae:06:e2:16:a9:b7:d5:dc:6f:a1:8e:27:0b:57:38:45:98:c8:
61:77:f5:51:06:af:f8:c8:d0:a0:a3:28:39:5c:ec:42:2c:b6:
a5:76:6f:23:01:58:8d:f0:8c:6a:25:5a:34:b8:6d:ce:1d:5e:
24:94:16:2a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUNrhj5fC7GUE2ZmdcCoDVGsntPlMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MzEwMTAwMDhaFw0yNjA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDAxM2ZkZDA1MWE0Y2RhNmUwMmQ2Yzg5OTAyOTE4MGVkNGI5YzEwY2I4YjQ5
Nzk1MWQ5ZmVjMDU0NDEwM2VlMTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALuttHnF66FlXXJhHLeaVDyt7DMh/Dp2Nwg/PwRiqMZVXu6v3/fdntFxcJf5
0Z2cmrscDhRceEUxIMsbIU1QXAeTBP6azs2dmE0yc4CIL4weLGtjCt6n7NCkFne3
/WwEZJwzzhNxKMISQtezBthN0gXVQINrIPbQt0aae5u6FTLNMJRQh0xrefZBmP1q
aIJUnYXWxptsT21EVbr7SlfeTQEgjsXmOs8U4NKVreQjmKTwuZKINPtO3OYYRzea
E4Fjy2xs2ZLrsHVOnxsUqdQhUnJ4Z/Kg7o5RBQvK0nzSMN5RHM/76fMfk8TS80u8
Th/cAp+VNWABMc1NALCsXqNtv9MCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQCvKqm
0Xld2JCPdmgh5Wq5AavpMjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjEwODM2YzEtZWI5MS00YzU4LWE1NjEtM2ExMTNjOWE4MTI5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0H3A
QDANBgkqhkiG9w0BAQsFAAOCAQEAbasuxyuB/v1VhPzv6x7JJpA24wrfmd2m0q9z
fNOM/HwhDzJQ6K4x7a2pVaJPDdrEVXjfwc5xAP4nKED+ljEDmvCBJW6py5tn0oZL
1zx/AVSIRz90AONQdxJtBdKkkWQPeFA1D27RuMup/jbcq+7anl589vbuRD2M4Wx1
f2B/2eQEjnc0Qm2gefMLpXFV7TT3izHKdNrWLxGWAMVBoiuNnwN1JuB7VSqWJAR7
zeVHBX9v+wI5hSB0nffUDs/Qhyrpv/gT1OPPrgbiFqm31dxvoY4nC1c4RZjIYXf1
UQav+MjQoKMoOVzsQiy2pXZvIwFYjfCMaiVaNLhtzh1eJJQWKg==
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:14:25 2026 by rpki-client