Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fad76837-d6e1-4885-9781-3088c0b0c06c.roa
File: fad76837-d6e1-4885-9781-3088c0b0c06c.roa (raw, json)
Hash identifier: auLYsDc9Ei74F6olKelPM5XTuW3sGueiBmuyj5TTk2Y=
Subject key identifier: E9:96:E9:6E:22:4E:2B:CE:61:A2:45:80:A0:28:CA:AF:81:ED:30:7D
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0F1675B66CE9294944C94B0370516A6B40290BFB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fad76837-d6e1-4885-9781-3088c0b0c06c.roa
Signing time: Tue 19 May 2026 05:31:20 +0000
ROA not before: Tue 19 May 2026 05:31:20 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d038:6000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:16:75:b6:6c:e9:29:49:44:c9:4b:03:70:51:6a:6b:40:29:0b:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 19 05:31:20 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=30a190206ae9dc0502b9dd93b9a4de2b5bda4adff3671cebbe7cd57837db3988, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:32:84:58:c9:9a:54:eb:d6:8c:43:80:41:ec:
c0:fe:5b:b9:06:62:ac:8c:92:d6:3e:9b:fa:e4:43:
d7:2c:96:dc:34:18:4a:24:bf:d8:a0:75:66:69:c5:
03:9a:cf:34:b5:c5:74:df:15:f1:b1:a8:0a:d8:47:
2a:1f:d9:6e:5b:9e:87:73:02:db:42:fd:17:68:4f:
26:80:d9:a6:1b:11:18:1f:90:bf:7a:af:b8:bf:9b:
41:64:a8:c3:db:3b:07:b6:42:bb:7a:f5:a6:13:9d:
8e:82:c1:1d:84:01:43:e8:0b:a9:a9:d6:97:59:dc:
60:4d:b2:a3:d0:56:7c:0e:30:e7:e6:47:cf:ed:ff:
53:8a:f9:b8:e6:86:5d:b0:86:16:4c:e7:74:fe:92:
a0:76:ca:16:9a:a6:1d:96:7b:48:23:a9:11:7b:4d:
d6:9a:88:d3:2e:da:3b:97:8a:d6:40:ad:ef:28:54:
c0:02:46:dd:e8:32:a9:12:e5:cf:57:28:d6:45:84:
f3:15:08:9d:f5:05:0b:40:9d:9f:02:0e:08:76:4a:
43:df:e6:7b:c4:01:5f:75:cc:e7:45:19:80:77:ae:
3a:d3:b2:c1:b6:08:0a:9d:33:94:31:53:a4:79:d7:
1e:a5:b4:ea:c1:97:ed:df:52:d4:b3:71:54:57:34:
fe:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:96:E9:6E:22:4E:2B:CE:61:A2:45:80:A0:28:CA:AF:81:ED:30:7D
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fad76837-d6e1-4885-9781-3088c0b0c06c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d038:6000::/40
Signature Algorithm: sha256WithRSAEncryption
70:7c:d8:21:10:ae:60:c1:12:65:0e:47:4c:72:67:af:83:df:
d8:c1:14:3c:d2:3a:42:45:74:66:3e:ee:10:26:2b:42:9b:33:
32:9c:34:17:7d:a1:d8:32:7d:4d:db:58:8a:75:d3:8b:8a:f9:
e5:70:f6:6e:6a:b6:34:41:73:fa:b8:23:69:23:b7:83:da:df:
53:ca:bd:25:a8:65:f0:cd:89:5e:5c:4f:a6:14:10:76:cb:fd:
94:d4:d9:cb:4e:a7:e5:2d:c5:d4:7a:c1:f5:fc:e9:ec:e5:0e:
83:75:51:06:11:69:56:96:2e:c7:5a:91:7c:6f:e8:18:96:e9:
3c:2b:01:6c:c4:4d:0c:db:d5:7c:75:66:e2:2c:f3:5a:e7:05:
15:fd:0b:fc:0d:b0:2e:0c:81:03:82:ea:0b:f4:0a:a1:13:22:
0b:6a:d1:4e:c0:6b:46:ac:82:0c:89:78:e0:cb:b5:a6:7c:54:
7d:d4:5b:16:54:14:8d:c3:2f:54:57:a7:e1:18:ed:97:94:25:
06:fd:1e:e3:27:8d:f1:89:1d:90:49:f3:be:4d:25:b1:3c:12:
19:d5:43:20:f7:29:ad:62:86:34:fd:06:99:3a:40:a2:68:ba:
8e:9b:c6:5a:fb:88:63:c0:81:32:ca:75:fb:61:c6:2c:8f:4f:
62:25:29:86
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUDxZ1tmzpKUlEyUsDcFFqa0ApC/swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MTkwNTMxMjBaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDMwYTE5MDIwNmFlOWRjMDUwMmI5ZGQ5M2I5YTRkZTJiNWJkYTRhZGZmMzY3
MWNlYmJlN2NkNTc4MzdkYjM5ODgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMkyhFjJmlTr1oxDgEHswP5buQZirIyS1j6b+uRD1yyW3DQYSiS/2KB1ZmnF
A5rPNLXFdN8V8bGoCthHKh/Zblueh3MC20L9F2hPJoDZphsRGB+Qv3qvuL+bQWSo
w9s7B7ZCu3r1phOdjoLBHYQBQ+gLqanWl1ncYE2yo9BWfA4w5+ZHz+3/U4r5uOaG
XbCGFkzndP6SoHbKFpqmHZZ7SCOpEXtN1pqI0y7aO5eK1kCt7yhUwAJG3egyqRLl
z1co1kWE8xUInfUFC0CdnwIOCHZKQ9/me8QBX3XM50UZgHeuOtOywbYICp0zlDFT
pHnXHqW06sGX7d9S1LNxVFc0/uMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTplulu
Ik4rzmGiRYCgKMqvge0wfTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmFkNzY4MzctZDZlMS00ODg1LTk3ODEtMzA4OGMwYjBjMDZjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Dhg
MA0GCSqGSIb3DQEBCwUAA4IBAQBwfNghEK5gwRJlDkdMcmevg9/YwRQ80jpCRXRm
Pu4QJitCmzMynDQXfaHYMn1N21iKddOLivnlcPZuarY0QXP6uCNpI7eD2t9Tyr0l
qGXwzYleXE+mFBB2y/2U1NnLTqflLcXUesH1/Ons5Q6DdVEGEWlWli7HWpF8b+gY
luk8KwFsxE0M29V8dWbiLPNa5wUV/Qv8DbAuDIEDguoL9AqhEyILatFOwGtGrIIM
iXjgy7WmfFR91FsWVBSNwy9UV6fhGO2XlCUG/R7jJ43xiR2QSfO+TSWxPBIZ1UMg
9ymtYoY0/QaZOkCiaLqOm8Za+4hjwIEyynX7YcYsj09iJSmG
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:14:24 2026 by rpki-client