Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6866e708-97dc-4a53-a9f1-7fe1a42a1fb3.roa
File: 6866e708-97dc-4a53-a9f1-7fe1a42a1fb3.roa (raw, json)
Hash identifier: QwnhNXCyBURlDosfh5SFTetp6H6UCVVXpCY/jPRVQhk=
Subject key identifier: CE:A8:B3:22:74:D7:36:32:73:0A:6C:2E:03:5F:83:E8:A3:36:15:86
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7B0DED68C900C772C627E0F59F6F8D22CD74E52D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6866e708-97dc-4a53-a9f1-7fe1a42a1fb3.roa
Signing time: Sat 02 May 2026 01:30:43 +0000
ROA not before: Sat 02 May 2026 01:30:43 +0000
ROA not after: Fri 31 Jul 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06a:8040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:0d:ed:68:c9:00:c7:72:c6:27:e0:f5:9f:6f:8d:22:cd:74:e5:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 2 01:30:43 2026 GMT
Not After : Jul 31 23:59:59 2026 GMT
Subject: serialNumber=4522e2dfb32fbf3abbdecfab3655804ddc3198fae2b94ee843d022b4e2585123, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:a3:20:c8:e4:69:3c:8d:7f:e2:9e:47:59:85:
a1:3d:28:fe:9a:df:2e:4e:00:a5:c5:46:e6:4a:f2:
25:0a:e5:6d:a4:4a:5e:30:81:03:2a:2e:87:c8:77:
7a:1e:df:45:75:79:2e:7a:09:16:96:ec:ad:4e:cf:
fc:dc:78:22:3b:7b:3f:68:46:e2:b3:26:b3:3f:c2:
14:fa:21:ff:df:1f:bf:d2:63:e8:48:29:59:94:5a:
99:23:28:d0:0d:4e:6b:6a:eb:fd:58:69:e1:c3:18:
d2:f1:8e:11:92:e1:68:1d:9a:fb:5b:ca:a3:7d:e9:
aa:af:95:62:67:36:38:36:b7:c3:35:a2:fd:99:bd:
0e:0e:5a:5f:65:d9:bb:22:3e:e0:40:b6:20:cc:55:
56:7b:ff:c2:a4:0b:1c:ef:2f:77:5a:6e:bd:be:3a:
a4:0e:41:77:bf:f5:81:10:3f:99:d6:0a:d7:7a:4e:
16:2b:e6:20:8b:19:6d:72:76:58:42:e0:ae:ba:39:
89:28:e3:e9:d2:4e:f0:26:a0:fe:36:ab:80:21:21:
1c:f6:48:2a:97:28:d7:70:4f:28:01:68:38:13:11:
c8:98:c8:35:4c:72:aa:2d:13:a9:9c:eb:7b:cb:e9:
a7:9a:f9:fe:2a:e7:ff:80:72:9a:a0:d5:65:6d:ce:
5a:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:A8:B3:22:74:D7:36:32:73:0A:6C:2E:03:5F:83:E8:A3:36:15:86
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6866e708-97dc-4a53-a9f1-7fe1a42a1fb3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06a:8040::/48
Signature Algorithm: sha256WithRSAEncryption
00:e2:0b:5a:f7:e9:df:41:10:26:35:a8:1b:68:09:32:45:48:
28:60:70:a1:37:41:3e:8e:e6:d2:b6:ab:2d:d5:3a:f9:d1:97:
71:74:00:0e:d6:c4:83:cf:75:40:a9:de:03:08:67:23:55:5d:
b4:94:e2:be:78:85:b3:5d:6f:f8:7c:2d:a4:50:55:73:91:4a:
d0:30:65:5f:ce:dc:fc:21:70:c4:5b:57:21:45:35:bb:3a:16:
e1:78:e5:09:f5:a0:41:ce:33:06:77:3c:81:b6:39:38:16:b5:
c4:36:da:96:00:21:2c:b9:1f:af:ac:e9:d4:11:c4:16:6a:52:
d4:8b:f6:3a:07:3f:0b:4b:c7:9b:f5:f8:e1:e0:de:ea:ba:8e:
88:29:e4:4e:2b:8c:0d:21:e0:db:ca:2d:9b:2e:80:ec:d9:25:
c1:ca:69:16:38:22:0b:af:80:0f:5d:77:2f:23:bd:dc:3c:c3:
6d:d2:7f:2d:d0:10:7b:fa:e6:9f:b9:e6:48:95:cc:5a:10:d6:
0c:8c:da:4c:de:47:27:3d:a5:bb:3e:f9:50:1e:1c:bd:1b:f4:
e8:1a:9c:3d:7c:a7:03:e4:05:ab:d3:6d:ba:46:3a:47:eb:34:
2f:bf:e1:65:cf:cc:2d:79:6e:78:d8:27:4d:ef:cc:75:4c:8b:
cf:1d:62:22
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUew3taMkAx3LGJ+D1n2+NIs105S0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjA1MDIwMTMwNDNaFw0yNjA3MzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ1MjJlMmRmYjMyZmJmM2FiYmRlY2ZhYjM2NTU4MDRkZGMzMTk4ZmFlMmI5
NGVlODQzZDAyMmI0ZTI1ODUxMjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJujIMjkaTyNf+KeR1mFoT0o/prfLk4ApcVG5kryJQrlbaRKXjCBAyouh8h3
eh7fRXV5LnoJFpbsrU7P/Nx4Ijt7P2hG4rMmsz/CFPoh/98fv9Jj6EgpWZRamSMo
0A1Oa2rr/Vhp4cMY0vGOEZLhaB2a+1vKo33pqq+VYmc2ODa3wzWi/Zm9Dg5aX2XZ
uyI+4EC2IMxVVnv/wqQLHO8vd1puvb46pA5Bd7/1gRA/mdYK13pOFivmIIsZbXJ2
WELgrro5iSjj6dJO8Cag/jargCEhHPZIKpco13BPKAFoOBMRyJjINUxyqi0TqZzr
e8vpp5r5/irn/4BymqDVZW3OWmECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTOqLMi
dNc2MnMKbC4DX4PoozYVhjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Njg2NmU3MDgtOTdkYy00YTUzLWE5ZjEtN2ZlMWE0MmExZmIzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0GqA
QDANBgkqhkiG9w0BAQsFAAOCAQEAAOILWvfp30EQJjWoG2gJMkVIKGBwoTdBPo7m
0rarLdU6+dGXcXQADtbEg891QKneAwhnI1VdtJTivniFs11v+HwtpFBVc5FK0DBl
X87c/CFwxFtXIUU1uzoW4XjlCfWgQc4zBnc8gbY5OBa1xDbalgAhLLkfr6zp1BHE
FmpS1Iv2Ogc/C0vHm/X44eDe6rqOiCnkTiuMDSHg28otmy6A7NklwcppFjgiC6+A
D113LyO93DzDbdJ/LdAQe/rmn7nmSJXMWhDWDIzaTN5HJz2luz75UB4cvRv06Bqc
PXynA+QFq9NtukY6R+s0L7/hZc/MLXlueNgnTe/MdUyLzx1iIg==
-----END CERTIFICATE-----
Generated at Tue May 12 23:28:56 2026 by rpki-client