Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/36c4d3f7-0d57-499b-aea0-8244810d5897.roa
File: 36c4d3f7-0d57-499b-aea0-8244810d5897.roa (raw, json)
Hash identifier: bwxBRC20t7Q1OsHmsbbK1vzqt8VaORLyVFYX4JYKYqE=
Subject key identifier: 6E:5F:65:C6:71:9E:32:A8:74:E6:40:FE:C6:A6:CD:6C:E8:B2:C6:B3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5526E4CF6E6021570CAB1A082FB3FED509F95353
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/36c4d3f7-0d57-499b-aea0-8244810d5897.roa
Signing time: Mon 04 May 2026 15:20:47 +0000
ROA not before: Mon 04 May 2026 15:20:47 +0000
ROA not after: Sun 02 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d073:800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:26:e4:cf:6e:60:21:57:0c:ab:1a:08:2f:b3:fe:d5:09:f9:53:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 4 15:20:47 2026 GMT
Not After : Aug 2 23:59:59 2026 GMT
Subject: serialNumber=da5e7750ad79dd17db735d05f4f3e6806b956be1a934a7f63b71df1344ef7ae8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:33:7b:2f:03:3d:fa:d5:6a:ab:27:23:14:26:
16:30:7e:c8:03:75:f1:0e:c4:10:80:53:e6:0e:d2:
24:61:be:50:72:17:c9:29:35:98:60:39:bd:12:d2:
c5:bd:7f:38:1d:80:a2:80:1e:13:8a:14:42:7f:50:
fb:24:79:52:27:10:d5:ad:05:cf:da:af:0d:e7:3e:
83:86:92:93:31:e3:97:98:d9:ab:8f:e1:20:31:ab:
9c:de:13:af:4e:fc:fc:7b:4b:cc:8c:29:af:d2:2d:
70:43:16:dd:5a:ff:79:79:c9:a1:3c:df:70:ba:4c:
f9:08:93:94:1d:55:7c:7b:c4:90:5d:da:40:28:97:
22:db:bc:34:32:69:bf:24:30:71:cc:90:fa:6a:c4:
00:73:0e:6f:d3:e3:9c:43:02:45:16:45:d4:f4:18:
89:fe:3d:60:ae:ba:24:4a:13:1c:51:19:a9:4b:e8:
37:43:b0:bb:a5:62:67:dc:dc:3d:3a:8e:03:f5:98:
50:9a:fc:b7:4d:68:99:40:e8:96:06:e8:e4:ba:df:
08:7b:1a:da:e6:00:5d:c6:e8:28:ac:f5:12:f4:0a:
d3:b9:90:4f:01:13:6e:e8:6b:be:ac:b5:e2:95:ed:
8c:e4:37:08:70:2e:dd:da:45:a4:86:0f:74:fd:f9:
16:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:5F:65:C6:71:9E:32:A8:74:E6:40:FE:C6:A6:CD:6C:E8:B2:C6:B3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/36c4d3f7-0d57-499b-aea0-8244810d5897.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d073:800::/40
Signature Algorithm: sha256WithRSAEncryption
7c:52:68:69:20:77:53:33:82:7b:55:74:df:9b:8d:ee:48:01:
0d:09:42:e1:b3:04:81:49:f8:65:78:73:04:bf:93:72:5e:98:
d5:ed:ed:5f:ad:d2:59:ee:de:0f:df:49:36:45:ce:e5:aa:53:
bc:50:a0:b5:c1:e0:67:e8:ba:84:37:b2:5f:52:24:92:2c:88:
aa:58:33:6c:86:9a:e2:46:26:57:36:0f:c5:db:1f:23:ee:75:
cf:a5:76:10:97:36:a4:ff:04:3d:4f:1c:b5:b6:90:d5:b5:fe:
14:bb:f2:a7:db:84:9a:88:fe:08:72:5b:65:da:5d:4d:ee:bd:
7f:c8:a1:b5:23:25:1b:ac:10:a9:de:f4:9a:90:5e:53:0d:6f:
b5:6e:c4:f0:e8:c4:ea:27:90:72:47:d7:d4:1f:70:b0:e4:c3:
41:22:2b:1c:65:df:62:28:83:53:27:4a:27:9f:54:11:d3:a8:
11:6e:b4:fe:d8:69:96:5f:9a:37:36:13:1d:87:70:89:18:5d:
29:b2:9b:3d:35:ea:cd:1a:6d:bc:f1:7c:6e:8b:53:71:d4:c2:
9c:51:7b:af:df:8a:40:b4:a6:1f:7d:ad:44:c6:2c:42:51:82:
59:2d:f9:a2:e7:e4:6d:1b:dd:96:45:75:ce:af:f0:a6:dd:92:
86:c3:02:f4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVSbkz25gIVcMqxoIL7P+1Qn5U1MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDQxNTIwNDdaFw0yNjA4MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQGRhNWU3NzUwYWQ3OWRkMTdkYjczNWQwNWY0ZjNlNjgwNmI5NTZiZTFhOTM0
YTdmNjNiNzFkZjEzNDRlZjdhZTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALYzey8DPfrVaqsnIxQmFjB+yAN18Q7EEIBT5g7SJGG+UHIXySk1mGA5vRLS
xb1/OB2AooAeE4oUQn9Q+yR5UicQ1a0Fz9qvDec+g4aSkzHjl5jZq4/hIDGrnN4T
r078/HtLzIwpr9ItcEMW3Vr/eXnJoTzfcLpM+QiTlB1VfHvEkF3aQCiXItu8NDJp
vyQwccyQ+mrEAHMOb9PjnEMCRRZF1PQYif49YK66JEoTHFEZqUvoN0Owu6ViZ9zc
PTqOA/WYUJr8t01omUDolgbo5LrfCHsa2uYAXcboKKz1EvQK07mQTwETbuhrvqy1
4pXtjOQ3CHAu3dpFpIYPdP35Ft8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRuX2XG
cZ4yqHTmQP7Gps1s6LLGszAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzZjNGQzZjctMGQ1Ny00OTliLWFlYTAtODI0NDgxMGQ1ODk3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HMI
MA0GCSqGSIb3DQEBCwUAA4IBAQB8UmhpIHdTM4J7VXTfm43uSAENCULhswSBSfhl
eHMEv5NyXpjV7e1frdJZ7t4P30k2Rc7lqlO8UKC1weBn6LqEN7JfUiSSLIiqWDNs
hpriRiZXNg/F2x8j7nXPpXYQlzak/wQ9Txy1tpDVtf4Uu/Kn24SaiP4Icltl2l1N
7r1/yKG1IyUbrBCp3vSakF5TDW+1bsTw6MTqJ5ByR9fUH3Cw5MNBIiscZd9iKINT
J0onn1QR06gRbrT+2GmWX5o3NhMdh3CJGF0psps9NerNGm288Xxui1Nx1MKcUXuv
34pAtKYffa1ExixCUYJZLfmi5+RtG92WRXXOr/Cm3ZKGwwL0
-----END CERTIFICATE-----
Generated at Wed May 13 00:10:19 2026 by rpki-client