Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f3736ec9-491c-43bd-b672-c821fdae78f1.roa
File: f3736ec9-491c-43bd-b672-c821fdae78f1.roa (raw, json)
Hash identifier: ylVyJ9j0rzmtuiKfcEqqtjgBewHdR+iN0KexA8UvK0Q=
Subject key identifier: 88:14:18:5A:BD:86:62:9F:87:32:1F:74:25:CA:80:85:6F:1F:36:84
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7FC45C36D2ADF52013BBEC229B961803D03348C8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f3736ec9-491c-43bd-b672-c821fdae78f1.roa
Signing time: Fri 15 May 2026 03:50:10 +0000
ROA not before: Fri 15 May 2026 03:50:10 +0000
ROA not after: Thu 13 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:4000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:c4:5c:36:d2:ad:f5:20:13:bb:ec:22:9b:96:18:03:d0:33:48:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 15 03:50:10 2026 GMT
Not After : Aug 13 23:59:59 2026 GMT
Subject: serialNumber=1652b4727b0dc31d21dfb02f5ae69f1946209f311ca8114d2b1df4b1cfcbc54c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:8c:10:4c:11:3d:9a:80:18:d2:ee:1f:3d:9c:
32:94:c8:ff:0c:00:ec:df:c5:25:41:0c:ae:99:67:
83:a9:4c:d8:7a:3d:b6:11:6d:2f:ae:f8:36:4e:50:
fb:38:a4:1d:f0:00:0e:b7:49:f7:d0:55:60:90:98:
db:2c:88:8f:70:63:ef:4f:f6:61:62:3e:41:0c:0f:
92:b8:d6:ef:a1:b6:4b:59:57:88:a5:fd:de:7b:50:
f7:61:66:0e:61:74:af:3f:f1:bc:45:c1:4c:eb:ae:
30:14:9c:e3:c6:d2:e0:e2:c0:fc:fe:fa:5e:a2:6e:
9a:06:59:5e:36:90:07:8b:21:57:37:d7:d3:bf:4e:
c3:52:77:cd:b4:22:c6:95:09:18:69:76:9d:77:49:
13:e8:67:90:27:60:e7:61:2a:8a:21:a8:53:1d:f8:
21:c3:b1:ac:6c:cf:0c:60:d8:4c:9f:9c:0d:53:2b:
5c:8a:f2:1d:38:21:18:68:41:c9:c7:d5:3c:c8:5c:
3d:d6:2a:d1:ae:49:86:0d:5b:40:f5:e5:07:28:9b:
2b:b4:1f:17:7e:7b:c5:0a:ef:3a:3a:33:94:e6:c6:
9b:1a:55:3c:26:2c:47:6a:28:a8:95:c3:bb:c9:13:
b3:21:b9:6e:94:4a:ec:d6:12:8e:f1:af:f0:0a:ea:
d2:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:14:18:5A:BD:86:62:9F:87:32:1F:74:25:CA:80:85:6F:1F:36:84
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f3736ec9-491c-43bd-b672-c821fdae78f1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:4000::/48
Signature Algorithm: sha256WithRSAEncryption
22:bb:7b:59:11:3f:1b:62:18:60:e9:cb:14:0a:ad:1b:7d:6d:
3e:4d:cb:f4:19:87:6f:4c:fb:b2:00:a8:65:19:df:77:f3:5e:
46:cc:e7:88:5d:2f:2a:ae:53:81:60:50:68:c4:c3:e0:a8:fb:
11:d9:2d:f1:59:bd:3a:b5:1c:1b:7e:97:d3:dc:e6:d8:20:0c:
d2:6b:95:b2:04:b1:11:09:54:8d:34:72:ba:c2:15:aa:1b:91:
17:05:1d:3e:1a:81:09:ba:94:7c:4a:15:9c:9b:19:3b:20:ee:
a7:bd:23:33:e4:ca:6b:2b:27:30:93:b1:53:25:a8:68:1c:0c:
29:a8:d8:c2:5b:19:90:1c:34:b2:e6:72:99:32:3e:e0:0f:5e:
85:ca:60:57:f7:d8:4d:26:65:0e:32:3b:c1:0b:39:d2:4d:66:
8f:21:be:95:b5:29:d9:a5:1b:d9:21:4d:b8:c1:88:7d:4a:bc:
cd:83:c0:28:04:e4:fe:22:4a:a4:44:28:20:df:71:24:93:c7:
5b:8c:3e:f7:74:73:bf:61:08:f3:0f:37:04:8b:04:eb:d1:1f:
ba:fd:17:99:6e:48:6a:0c:d7:36:60:be:6b:06:66:69:91:53:
bb:86:89:6f:ce:3e:8b:70:d4:76:10:5a:d8:59:7f:b8:94:33:
4f:18:81:b8
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUf8RcNtKt9SATu+wim5YYA9AzSMgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTUwMzUwMTBaFw0yNjA4MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDE2NTJiNDcyN2IwZGMzMWQyMWRmYjAyZjVhZTY5ZjE5NDYyMDlmMzExY2E4
MTE0ZDJiMWRmNGIxY2ZjYmM1NGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK6MEEwRPZqAGNLuHz2cMpTI/wwA7N/FJUEMrplng6lM2Ho9thFtL674Nk5Q
+zikHfAADrdJ99BVYJCY2yyIj3Bj70/2YWI+QQwPkrjW76G2S1lXiKX93ntQ92Fm
DmF0rz/xvEXBTOuuMBSc48bS4OLA/P76XqJumgZZXjaQB4shVzfX079Ow1J3zbQi
xpUJGGl2nXdJE+hnkCdg52EqiiGoUx34IcOxrGzPDGDYTJ+cDVMrXIryHTghGGhB
ycfVPMhcPdYq0a5Jhg1bQPXlByibK7QfF357xQrvOjozlObGmxpVPCYsR2ooqJXD
u8kTsyG5bpRK7NYSjvGv8Arq0jECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSIFBha
vYZin4cyH3QlyoCFbx82hDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjM3MzZlYzktNDkxYy00M2JkLWI2NzItYzgyMWZkYWU3OGYxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HZA
ADANBgkqhkiG9w0BAQsFAAOCAQEAIrt7WRE/G2IYYOnLFAqtG31tPk3L9BmHb0z7
sgCoZRnfd/NeRszniF0vKq5TgWBQaMTD4Kj7Edkt8Vm9OrUcG36X09zm2CAM0muV
sgSxEQlUjTRyusIVqhuRFwUdPhqBCbqUfEoVnJsZOyDup70jM+TKaysnMJOxUyWo
aBwMKajYwlsZkBw0suZymTI+4A9ehcpgV/fYTSZlDjI7wQs50k1mjyG+lbUp2aUb
2SFNuMGIfUq8zYPAKATk/iJKpEQoIN9xJJPHW4w+93Rzv2EI8w83BIsE69Efuv0X
mW5IagzXNmC+awZmaZFTu4aJb84+i3DUdhBa2Fl/uJQzTxiBuA==
-----END CERTIFICATE-----
Generated at Sat Jun 13 11:33:30 2026 by rpki-client