Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/56c94df9-71ae-4a4a-8ebc-c8c1d589a4c7.roa
File: 56c94df9-71ae-4a4a-8ebc-c8c1d589a4c7.roa (raw, json)
Hash identifier: MF+C1cTCiUVYLVipVX7qazegVzAjBd+kGF5Hqedt0Q4=
Subject key identifier: C6:CB:F4:B1:BE:5B:BC:24:53:D6:BF:03:25:CB:26:6A:1C:1D:E3:5F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 10A60C209688F1B9198A7E79658C316733E18C59
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/56c94df9-71ae-4a4a-8ebc-c8c1d589a4c7.roa
Signing time: Sat 02 May 2026 01:30:26 +0000
ROA not before: Sat 02 May 2026 01:30:26 +0000
ROA not after: Fri 31 Jul 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06a:8000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:a6:0c:20:96:88:f1:b9:19:8a:7e:79:65:8c:31:67:33:e1:8c:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 2 01:30:26 2026 GMT
Not After : Jul 31 23:59:59 2026 GMT
Subject: serialNumber=012430191795e5144dd1201fbade262f5b889679139e1af8255c09cde15ed152, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:9f:72:15:52:66:59:de:36:8b:9c:07:77:ca:
a5:d9:d7:a9:a4:3a:0c:99:36:df:03:47:27:af:02:
c4:d8:51:5e:ea:ef:2c:d0:0e:a2:71:7e:6d:7b:12:
dd:04:68:7f:e1:5e:cd:62:30:1f:ae:17:61:c0:3b:
8c:6d:2c:14:af:37:c4:a5:e0:2f:34:7d:7b:d1:60:
5c:09:b0:bd:f2:0f:c8:0f:4c:de:22:34:52:e8:45:
3c:a5:bc:6a:47:0e:70:d8:b9:c7:2b:65:e6:bc:3b:
34:43:94:9c:59:df:0a:4a:91:90:6c:6c:97:0b:fc:
23:4e:72:85:6b:ab:d5:8e:10:1e:ea:8f:91:ab:55:
fb:57:6a:ff:a8:a6:93:3d:bf:71:be:91:ce:62:b9:
70:05:96:36:e8:9b:66:06:2e:79:b1:b4:b6:05:87:
c9:09:2b:7e:38:a8:5a:d3:77:8e:7f:bf:c4:58:f8:
93:46:26:cf:a5:ac:79:84:25:47:d1:58:14:cc:2f:
5a:9d:31:6f:10:58:2a:7a:28:bf:3a:9c:22:f4:58:
bd:fd:df:13:67:d4:5b:33:08:e8:16:cc:88:bd:d7:
9c:ac:70:16:1c:1e:45:c6:7b:7c:3d:86:54:d6:d8:
93:74:2b:1d:80:65:3e:2a:f3:6f:59:14:88:e9:e1:
c7:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:CB:F4:B1:BE:5B:BC:24:53:D6:BF:03:25:CB:26:6A:1C:1D:E3:5F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/56c94df9-71ae-4a4a-8ebc-c8c1d589a4c7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06a:8000::/40
Signature Algorithm: sha256WithRSAEncryption
69:d8:9a:e7:29:81:42:af:0d:f0:e2:89:bf:35:42:57:18:4a:
6e:9a:51:34:7d:64:7b:84:f3:6c:01:c8:73:cc:49:be:ed:2f:
fe:31:8b:47:50:c6:9f:28:e8:4e:3f:49:b7:73:fb:78:51:ed:
fa:7f:5d:d0:8c:a4:7d:f7:2a:35:31:d0:b1:fe:77:a2:e5:09:
2f:d4:22:a6:76:55:0e:e0:e5:59:e7:e9:2a:5f:71:37:cd:75:
e1:b7:08:9f:02:70:05:fa:6c:d3:4f:87:b7:37:da:6e:02:23:
29:bf:47:84:06:d3:15:f8:99:92:8d:e3:77:d8:87:96:c1:45:
c0:a9:31:7b:91:e3:b1:3d:e8:a3:a9:4c:40:26:5c:23:20:d9:
df:fc:92:a1:7d:6e:5c:86:ac:b3:d9:dd:1d:1c:34:45:2f:43:
1b:60:c6:4f:34:84:b8:fb:7a:b2:d5:c1:38:73:63:c0:87:a1:
30:f6:70:ca:c7:a2:87:78:87:f6:a2:80:24:f4:60:98:e4:93:
de:93:67:9f:ac:be:29:20:df:65:cd:3d:df:8b:03:bd:02:d7:
da:d9:60:32:27:a5:fc:de:d5:da:bc:70:0e:c3:f1:04:25:4e:
75:f0:cf:ed:f8:e0:1a:56:39:eb:60:7d:e4:cf:4b:b1:38:d3:
2a:fa:a5:7e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEKYMIJaI8bkZin55ZYwxZzPhjFkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDIwMTMwMjZaFw0yNjA3MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDAxMjQzMDE5MTc5NWU1MTQ0ZGQxMjAxZmJhZGUyNjJmNWI4ODk2NzkxMzll
MWFmODI1NWMwOWNkZTE1ZWQxNTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPOfchVSZlneNoucB3fKpdnXqaQ6DJk23wNHJ68CxNhRXurvLNAOonF+bXsS
3QRof+FezWIwH64XYcA7jG0sFK83xKXgLzR9e9FgXAmwvfIPyA9M3iI0UuhFPKW8
akcOcNi5xytl5rw7NEOUnFnfCkqRkGxslwv8I05yhWur1Y4QHuqPkatV+1dq/6im
kz2/cb6RzmK5cAWWNuibZgYuebG0tgWHyQkrfjioWtN3jn+/xFj4k0Ymz6WseYQl
R9FYFMwvWp0xbxBYKnoovzqcIvRYvf3fE2fUWzMI6BbMiL3XnKxwFhweRcZ7fD2G
VNbYk3QrHYBlPirzb1kUiOnhxzcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTGy/Sx
vlu8JFPWvwMlyyZqHB3jXzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTZjOTRkZjktNzFhZS00YTRhLThlYmMtYzhjMWQ1ODlhNGM3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0GqA
MA0GCSqGSIb3DQEBCwUAA4IBAQBp2JrnKYFCrw3w4om/NUJXGEpumlE0fWR7hPNs
AchzzEm+7S/+MYtHUMafKOhOP0m3c/t4Ue36f13QjKR99yo1MdCx/nei5Qkv1CKm
dlUO4OVZ5+kqX3E3zXXhtwifAnAF+mzTT4e3N9puAiMpv0eEBtMV+JmSjeN32IeW
wUXAqTF7keOxPeijqUxAJlwjINnf/JKhfW5chqyz2d0dHDRFL0MbYMZPNIS4+3qy
1cE4c2PAh6Ew9nDKx6KHeIf2ooAk9GCY5JPek2efrL4pIN9lzT3fiwO9Atfa2WAy
J6X83tXavHAOw/EEJU518M/t+OAaVjnrYH3kz0uxONMq+qV+
-----END CERTIFICATE-----
Generated at Tue May 12 23:14:00 2026 by rpki-client