Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0dc8f6b9-9b2e-4559-b3e3-b61b0d685e4a.roa
File: 0dc8f6b9-9b2e-4559-b3e3-b61b0d685e4a.roa (raw, json)
Hash identifier: XI447NaERvRzxZPCjP9En2s1Y4kXA797O6zDdPbqVus=
Subject key identifier: E6:6A:BE:1E:0A:5A:4D:FC:43:D3:76:E0:86:5B:9A:3C:E8:E0:F7:61
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6630BCA5B17D5230815088812C1ABA450A2E2F86
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0dc8f6b9-9b2e-4559-b3e3-b61b0d685e4a.roa
Signing time: Mon 04 May 2026 15:20:42 +0000
ROA not before: Mon 04 May 2026 15:20:42 +0000
ROA not after: Sun 02 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:20c0::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:30:bc:a5:b1:7d:52:30:81:50:88:81:2c:1a:ba:45:0a:2e:2f:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 4 15:20:42 2026 GMT
Not After : Aug 2 23:59:59 2026 GMT
Subject: serialNumber=df16d251aa37d2139760a65fd783d4f52a37d9f03663670d0d2bebf1d364478b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:e9:7d:d7:bb:b5:59:fb:dd:8d:79:bd:ab:7e:
3d:0c:ca:a0:1c:17:10:b2:ed:b8:ea:91:26:45:08:
db:d0:95:e6:ca:ad:43:df:da:fa:cb:a1:1a:a1:8c:
9c:30:d0:e7:10:a1:85:16:4a:35:4c:7a:8f:d4:0b:
80:45:59:5c:d4:96:28:26:85:2b:ea:ee:b0:8d:d1:
52:bb:34:0d:b2:75:c9:b0:d9:14:d7:eb:31:62:db:
e0:12:c8:78:88:fb:46:7b:fa:56:a4:96:14:44:6e:
16:4f:f9:b8:51:e3:dd:22:2f:c5:86:73:a3:b1:7d:
e6:db:94:18:50:28:6a:7a:26:2f:fb:13:eb:d4:45:
a4:7d:2c:4d:ff:9c:ae:13:fa:3e:96:10:2f:4d:45:
a4:f1:c8:20:e1:42:b8:02:19:ed:e2:a0:dd:f9:21:
58:41:53:d7:84:16:2a:8f:e5:60:e7:77:fb:93:de:
c7:8c:9b:f0:91:83:c4:31:6d:0f:c9:52:ef:94:f1:
a9:0e:4c:8d:d2:0d:ff:43:a0:73:58:0d:75:c1:7e:
d8:e0:e3:da:d0:1f:6b:1a:c2:8b:7f:b9:2e:79:68:
7b:67:8a:37:ae:e6:a6:b0:c9:d9:8c:59:b9:53:18:
6f:03:04:f6:61:06:6e:8e:dc:d2:5d:57:85:5e:a4:
b8:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:6A:BE:1E:0A:5A:4D:FC:43:D3:76:E0:86:5B:9A:3C:E8:E0:F7:61
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0dc8f6b9-9b2e-4559-b3e3-b61b0d685e4a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:20c0::/46
Signature Algorithm: sha256WithRSAEncryption
4c:c4:f2:70:17:40:70:d8:5d:e5:75:54:33:e8:18:68:63:ba:
ef:51:04:4a:8f:06:25:aa:fc:6b:06:34:a0:ab:89:75:a2:58:
b9:b3:a1:e2:ca:30:33:98:ad:7f:ee:3d:1c:a9:98:0b:fc:82:
e1:c3:0d:f3:9a:de:c5:93:40:c3:33:3b:a1:61:48:d2:42:ad:
c9:bb:bd:5d:8f:6b:4c:98:59:0c:ab:3e:3b:54:76:b9:cf:f0:
58:47:5a:18:65:c7:08:2a:52:3f:b3:84:0f:37:d1:10:5f:e8:
0e:fc:b4:41:41:26:89:f2:25:75:a0:29:ff:ac:d6:d0:2f:70:
8c:db:bd:c7:9f:bf:3f:34:58:45:97:12:7f:e7:70:56:bb:e2:
66:09:c8:fd:f5:08:c0:d6:3f:65:3a:1f:16:46:eb:46:e6:cf:
ac:a0:ff:a2:18:85:85:7e:d3:3e:31:c6:6c:24:6c:ec:c4:c3:
41:de:4f:e3:0f:24:65:68:21:f7:d4:55:7c:ac:0b:3c:97:a9:
1d:25:6e:7b:e9:22:28:10:e9:e8:6d:56:24:ef:6d:7d:2d:5f:
04:62:e4:18:6a:23:fd:bf:16:31:5d:73:70:39:2c:ef:ff:6e:
0f:00:88:21:2e:48:18:3f:74:bb:ca:45:ce:c2:c8:a1:9e:22:
d8:73:bf:1b
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUZjC8pbF9UjCBUIiBLBq6RQouL4YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDQxNTIwNDJaFw0yNjA4MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQGRmMTZkMjUxYWEzN2QyMTM5NzYwYTY1ZmQ3ODNkNGY1MmEzN2Q5ZjAzNjYz
NjcwZDBkMmJlYmYxZDM2NDQ3OGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKrpfde7tVn73Y15vat+PQzKoBwXELLtuOqRJkUI29CV5sqtQ9/a+suhGqGM
nDDQ5xChhRZKNUx6j9QLgEVZXNSWKCaFK+rusI3RUrs0DbJ1ybDZFNfrMWLb4BLI
eIj7Rnv6VqSWFERuFk/5uFHj3SIvxYZzo7F95tuUGFAoanomL/sT69RFpH0sTf+c
rhP6PpYQL01FpPHIIOFCuAIZ7eKg3fkhWEFT14QWKo/lYOd3+5Pex4yb8JGDxDFt
D8lS75TxqQ5MjdIN/0Ogc1gNdcF+2ODj2tAfaxrCi3+5Lnloe2eKN67mprDJ2YxZ
uVMYbwME9mEGbo7c0l1XhV6kuMECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTmar4e
ClpN/EPTduCGW5o86OD3YTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGRjOGY2YjktOWIyZS00NTU5LWIzZTMtYjYxYjBkNjg1ZTRhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0HMg
wDANBgkqhkiG9w0BAQsFAAOCAQEATMTycBdAcNhd5XVUM+gYaGO671EESo8GJar8
awY0oKuJdaJYubOh4sowM5itf+49HKmYC/yC4cMN85rexZNAwzM7oWFI0kKtybu9
XY9rTJhZDKs+O1R2uc/wWEdaGGXHCCpSP7OEDzfREF/oDvy0QUEmifIldaAp/6zW
0C9wjNu9x5+/PzRYRZcSf+dwVrviZgnI/fUIwNY/ZTofFkbrRubPrKD/ohiFhX7T
PjHGbCRs7MTDQd5P4w8kZWgh99RVfKwLPJepHSVue+kiKBDp6G1WJO9tfS1fBGLk
GGoj/b8WMV1zcDks7/9uDwCIIS5IGD90u8pFzsLIoZ4i2HO/Gw==
-----END CERTIFICATE-----
Generated at Tue May 12 23:15:03 2026 by rpki-client